FEATURES
Software Bill Of Material (SBOM)
Rainforest turns your Software Bill of Materials into a living asset: always up-to-date, enriched with license data, and continuously monitored for new vulnerabilities.
How it works
1. SBOM by branch
Rainforest ingests your SBOM and ties it to each branch of your repository. You see exactly which libraries and versions are running per branch, not just per project.
2. Technologies automatically organized
We parse the SBOM and show all technologies in a clean inventory view: vendor, product, version, registration source, and last modified date. Filters make it easy to find a specific library, framework, action, or container layer in seconds.
3. License intelligence & export
For each component we look up license details and enrich your inventory with:
• License name and URL
• OSI / FSF status
With one click, you export everything to CSV/Excel for audits, procurement or legal review.
4. Continuous vulnerability monitoring (no new scans needed)
Once a technology is in your SBOM, Rainforest keeps watching it.
When a new vulnerability affects one of your libraries or versions, we automatically create a finding in the platform – without needing a new Git analysis or pipeline run. The moment a dependency becomes vulnerable, it appears in your vulnerability queue with severity, timestamps and full context.