Skip to main content

SBOM Continuous Monitoring

Vulnerability and policy violations for an SBOM will remain static after the initial analysis performed when importing SBOMs. Continuous Monitoring automatically checks the latest version of an application's SBOM for new violations on a nightly basis. Use this feature to alert you as to when your SBOMs have newly discovered vulnerabilities.

sbm-continous-monitoring-configuration.png

Note

Administrators will need to enable continuous monitoring before it will begin reporting newly discovered violations.

Enabling Continuous Monitoring

Administrators may enable Continuous Monitoring from the Organizations view. We recommend setting the configuration at the Root Organization, however, this setting may be enabled at any level of the organization hierarchy.

sbm-continous-monitoring-enable.png

  1. Navigate to the Organizations view

  2. From the center view, select the Continuous monitoring configuration

  3. Toggle the button from Disabled to Enabled

  4. Select Update

Scheduling Continuous Monitoring

Continuous Monitoring starts at midnight for the hosting system. You can change the start time through the Configuration REST API.