이 콘텐츠는 선택한 언어로 제공되지 않습니다.
Preface
When Red Hat Trusted Application Pipeline builds your application images, it also provides a software bill of materials (SBOM). The SBOM lists all the software libraries that the image uses. You can use the SBOM to identify security vulnerabilities.
However, the SBOM is long and difficult to read. To turn the raw SBOM into actionable information, you can use Trusted Profile Analyzer (TPA). For example, TPA can identify dependencies in your image that are targets of known Common Vulnerabilities and Exploits (CVEs).