# SBOM, Libs e Componentes

## Bases de Conhecimento

* [Awesome SBOM](https://github.com/awesomeSBOM/awesome-sbom)

## Artigos

* [Aqua :: OWASP Software Component Verification Standard (SCVS)](https://blog.aquia.us/blog/2022-09-27-owasp-scvs/)
* [CSO Online :: 8 top SBOM tools to consider](https://www.csoonline.com/article/3667483/8-top-sbom-tools-to-consider.html)
* [MergeBase :: What are the Best Tools for Generating SBOM (Software Bill Of Materials)?](https://mergebase.com/blog/best-tools-for-generating-sbom/)
* [Anchore :: How to Generate an SBOM with Free Open Source Tools](https://anchore.com/sbom/how-to-generate-an-sbom-with-free-open-source-tools/)

## Tools

* [OWASP Dependency-Check](https://owasp.org/www-project-dependency-check/)
* [OWASP Dependency Track](https://dependencytrack.org/)
* [CycloneDX](https://cyclonedx.org/)
* [anchore/syft](https://github.com/anchore/syft)
* [microsoft/sbom-tool](https://github.com/microsoft/sbom-tool)
* [OSV by Google](https://osv.dev/): A distributed vulnerability database for Open Source