Skip to content

Recipe: Migrate from Another SCA Tool

Import existing scan data or SBOMs from another software composition analysis tool.

Steps

  1. Export your data from the existing tool as SPDX or CycloneDX format.
  2. Create the target project and modules in TrustSource.
  3. Upload the SBOM files via Inbound → Scans or Module Import.
  4. Review the imported components and adjust whitelists/policies.
  5. Set up CI/CD integration for ongoing scanning.