How-to guides
Share SBOMs with customers
Share your SBOMs with customers and stakeholders securely.
Share SBOMs with customers and partners to provide supply chain visibility.
Before You Start
- You have uploaded SBOMs to SBOM Observer
- Your SBOMs have been analyzed
Export Your SBOM
- Navigate to a component or SBOM in SBOM Observer
- Click Export SBOM button (top right)
- Choose your export options:
- Format - CycloneDX 1.6 (default) or other supported formats
- Include dependencies - Toggle to include all transitive dependencies
- Include vulnerabilities - Toggle to show detected CVEs
- Include VEX - Toggle to include Vulnerability Exploitability eXchange data
- Click Download SBOM
The exported SBOM is downloaded as a JSON or XML file ready to share.
Share Options
Direct Sharing
Send the exported SBOM file directly to customers via email or secure file transfer.
Using SBOM.link
For easy, shareable links to your SBOMs, use SBOM.link — a free SBOM viewer and sharing tool:
- Export your SBOM from SBOM Observer
- Upload to SBOM.link
- Share the generated link with customers
SBOM.link features:
- Free SBOM viewer with readable formatting
- Permanent shareable links with no expiration
- Supports SPDX 2.x and CycloneDX 1.x formats (JSON, XML, Tag-Value)
- SHA-256 integrity hints in URLs
- Link-based access control
Next Steps
- Generate & upload SBOMs to ensure current data
- Write policies to define your compliance standards
- Analyze impact to understand vulnerabilities before sharing