Creating a Bucket

(Optional) A bucket can stand alone or be a child of another bucket. If you intend this bucket to be the child of another bucket, select the parent bucket from the dropdown list.

When you define a bucket as a child bucket, you create a nested hierarchy of parts. This hierarchy can be used to represent the complexity of a software entity and the inter-relationship of its SBOM parts.

From the dropdown list, select the bucket type representing the entity or context containing the open-source, third-party, or commercial software components that will be associated with the bucket as SBOM parts.

The list of types includes those based on the SPDX and CycloneDX specifications for representing a hierarchy in an application. It also includes types representing organizational structure such as a product family, an organization, or a business unit.

Provide a name for the bucket. This value must be unique within the Organization to which you belong in SBOM Management.

(Optional) To associate all the parts in this bucket with a specific application found in the Flexera Technopedia Catalog, enter the application’s unique software release ID as defined in the catalog. If a security vulnerability is associated with one or more parts in the application, Flexera IT Visibility users (who are also SBOM Management users) can use this ID to search for those assets in their organization that access the application.

If necessary, click the Find button to search for the Software Release ID in Technopedia. For further instructions, see Searching Technopedia for Software Release ID of Application Associated with Buckets.

Note:On the Edit Bucket slideout, the Change button replaces the Find button if a value currently exists for this field.

Multiple buckets can be assigned the same Software Release ID.

To delete the existing value in this field, click the icon to the right of the value.