Setting Up Your First Project #
Getting started with MyOrbik is simple and allows you to quickly organize and analyze your software products. Follow these steps to set up your first project effectively.
Optionally Create a Hierarchy for Your Product #
To better organize and manage your products, you can create a hierarchy to group them under specific categories or organizational structures.
- Navigate to: Management -> Hierarchy -> Manage Hierarchy -> Add New Node.
- Define Hierarchy Levels: Add as many nodes as needed to establish your desired structure, such as department, project, or functional grouping.
- Save Your Changes: Click Save to finalize your hierarchy.
A well-defined hierarchy improves visibility and simplifies navigation when dealing with multiple products.
Create a new product #
Now, register your product in the system to begin managing its components and assessments.
- Navigate to: Management -> Products -> Add New Product.
- Provide the Required Information:
- Name: The product’s name for identification.
- Version: A unique version identifier.
- Type: Select from predefined categories like Application, Library, Firmware, OS, Container, or Device.
- Description: Include additional details about the product to clarify its purpose or usage.
- Assign to a Hierarchy: If applicable, link the product to the hierarchy you created earlier for better organization.
Generate and Upload an SBOM #
The Software Bill of Materials (SBOM) is crucial for managing your product’s software composition and tracking vulnerabilities. MyOrbik supports the CycloneDX JSON format, a widely used SBOM standard.
Steps to Generate and Upload: #
- Generate the SBOM: Use your preferred tool to generate an SBOM in CycloneDX JSON format for the product. Ensure that the file includes:
-
- Components
- Dependencies
- Licenses
- Vulnerability information (if available)
2. Navigate to Assessments: Go to Assessments -> Add New Assessment.
3. Set Up the Assessment:
-
- Select the product for which the assessment is created.
- Choose the assessment type as SCA (Software Composition Analysis).
4. Upload the SBOM:
-
- After creating the assessment, go to the Assessment List.
- Find the Actions column and click the upload button corresponding to the new assessment.
- Upload the SBOM file and wait for the system to process it.
Confirmation: #
Once the SBOM is successfully uploaded and processed, you’ll receive a notification. The system will then analyze the SBOM for components, licenses, and vulnerabilities.
Review and Validate #
After setting up your product and uploading the SBOM:
- Navigate to the Assessment Details page to review the results.
- Ensure that the product version, hierarchy assignment, and SBOM content are correct.
This step is essential to confirm that the setup aligns with your expectations and to address any errors promptly.
Next Steps #
With your project set up, you can start leveraging MyOrbik’s powerful features:
- Track Vulnerabilities: Monitor and mitigate risks identified during the analysis.
- Generate Reports: Create detailed reports on your product’s security and compliance status.
- Monitor SBOM Changes: Keep track of updates and ensure your products remain secure over time.
By following these steps, you establish a strong foundation to effectively manage and secure your software products with MyOrbik.