AWS inspector documentation change
Summary
Added explanation of how Sbomgen is used internally for Amazon Inspector's managed scanning features
Security assessment
This provides operational context about SBOM generation but doesn't introduce new security features or address vulnerabilities. It's informational without security implications.
Diff
diff --git a/inspector/latest/user/sbom-generator.md b/inspector/latest/user/sbom-generator.md index e0878e404..27829a4cf 100644 --- a//inspector/latest/user/sbom-generator.md +++ b//inspector/latest/user/sbom-generator.md @@ -12,0 +13,2 @@ A Software Bill of Materials (SBOM) is [a formally structured list of components +Amazon Inspector uses Sbomgen for several managed scanning features. When Amazon Inspector performs [Amazon ECR container image scanning](https://docs.aws.amazon.com/inspector/latest/user/scanning-ecr.html), [AWS Lambda function scanning](https://docs.aws.amazon.com/inspector/latest/user/scanning-lambda.html), and [Agentless scanning](https://docs.aws.amazon.com/inspector/latest/user/scanning-ec2.html#agentless) of Amazon Elastic Compute Cloud instances through Amazon EBS volume analysis, it invokes Sbomgen behind the scenes to generate the software inventory used for vulnerability assessment. The standalone Sbomgen tool described on this page provides the same underlying technology, enabling you to integrate SBOM generation directly into your workflows. +