Open Source projects sbom-operator
and vulnerability-operator
sbom-operator
listens for pod events , generates an SBoM…
…and stores it in a git repository
vulnerability-operator
enumerates the SBoMs in the repo …
…scans them for vulnerabilities and publishes metrics
Prometheus can scrape them and Grafana visualize them
See SBoMs in git
See metrics in Grafana