Cyber Resilience Act
SBOM gap check
The Cyber Resilience Act requires a reliable software bill of materials (SBOM) and a process for handling vulnerabilities. Upload your SBOM (CycloneDX/SPDX) or a lockfile and we will scan its components against known vulnerabilities. Your file is processed for analysis only and is not stored.
CycloneDX/SPDX JSON or a lockfile (package-lock.json, yarn.lock, requirements.txt, go.mod …). Max 5 MB. Your file is not stored.
The scan runs server-side against a vulnerability database. Your file is processed for analysis only and is not stored.
Note: the SBOM gap check provides an automated, schematic initial assessment based on public vulnerability databases. It replaces neither a full security analysis nor individual legal advice.