| CARVIEW |
Select Language
HTTP/2 103
link: ; as=script; rel=preload, ; as=style; rel=preload, ; as=style; rel=preload, ; as=style; rel=preload, ; as=script; rel=preload, ; as=style; rel=preload, ; as=style; rel=preload
HTTP/2 200
date: Sun, 28 Dec 2025 09:19:59 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
cache-control: s-maxage=36000, max-age=5
etag: W/"63842e447c2794ba995244200c4d60f0"
last-modified: Sun, 21 Dec 2025 03:15:05 GMT
link: ; rel=preload; as=script,; rel=preload; as=style,; rel=preload; as=style,; rel=preload; as=style,; rel=preload; as=script,; rel=preload; as=style,; rel=preload; as=style
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-security-policy: default-src 'self' castsoftware.com *.castsoftware.com *.hs-sites.com *.hubapi.com; child-src *.hsforms.com *.hubapi.com; connect-src 'self' *.castug.com wss://ws.hotjar.com *.hotjar.com *.hotjar.io *.zoominfo.com *.fontawesome.com hubapi.com *.hs-sites.com *.hubapi.com *.google.com *.linkedin.com *.ahrefs.com *.cloudfront.net *.fontawesome.com *.hsappstatic.net *.hubspot.net *.hubspot.com *.hs-analytics.net *.hs-banner.com *.hsleadflows.net *.hsadspixel.net *.usemessages.com *.googleapis.com wss://in.visitors.live *.google-analytics.com in.visitors.live https://localhost:1442 stats.g.doubleclick.net *.vimeo.com *.vimeocdn.com vimeo.com google.com *.google.com *.doubleclick.net *.g2.com *.hsforms.com *.googlesyndication.com *.hs-sites.com *.hubapi.com *.hscta.net *.hs-banner.com *.hsforms.com *.hsforms.net *.g2crowd.com *.facebook.com *.jsdelivr.net *.stackadapt.com; style-src 'self' 'unsafe-inline' *.castug.com *.hubspot.net *.googleapis.com *.hsappstatic.net *.hsappstatic.net *.hs-sites.com *.hubspotusercontent-na1.net *.vimeo.com *.vimeocdn.com *.googletagmanager.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hubspot.net *.castsoftware.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.stackadapt.com; img-src * data: https:; font-src 'self' 'unsafe-inline' data: https:; media-src *; frame-ancestors 'self'; frame-src *.castug.com *.hs-sites.com *.doubleclick.net *.overloop.com *.cloudfront.net *.vimeo.com *.vimeocdn.com vimeo.com/ *.hubspot.com *.adsrvr.org *.youtube.com *.hsforms.com *.facebook.com *.google.com *.googletagmanager.com *.hs-sites.com *.twitter.com *.g2.com *.hubspot.net *.hubspotvideo.com *.castsoftware.com *.hsforms.net *.hsforms.com; worker-src 'self' *.castsoftware.com blob:; script-src 'self' 'unsafe-inline' 'unsafe-eval' *.hs-sites.com *.bing.com *.hotjar.com *.hotjar.io *.vimeo.com *.vimeocdn.com *.gstatic.com *.hsadspixel.net *.hs-analytics.net *.hscta.net *.hubspot.com *.hsappstatic.net *.usemessages.com *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.ahrefs.com *.castsoftware.com *.hsleadflows.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com *.hubapi.com *.jsdelivr.net *.ads-twitter.com *.linkedin.com *.facebook.net *.facebook.com *.stackadapt.com; script-src-elem 'self' 'unsafe-inline' 'unsafe-eval' *.hs-sites.com *.bing.com *.hotjar.com *.hotjar.io *.ensighten.com *.ads-twitter.com *.cloudfront.net *.fontawesome.com *.hsappstatic.net *.hubspot.net *.hubspot.com *.hs-analytics.net *.hubspotusercontent-na1.net *.hsappstatic.net *.hs-banner.com *.hubspotusercontent00.net *.hubspotusercontent10.net *.hubspotusercontent20.net *.hubspotusercontent30.net *.hubspotusercontent40.net *.hsforms.net *.hsforms.com *.hs-scripts.com *.hubspotfeedback.com *.hubapi.com *.ahrefs.com *.castsoftware.com *.hsleadflows.net *.hsadspixel.net *.usemessages.com *.googletagmanager.com snap.licdn.com connect.facebook.net *.google-analytics.com *.doubleclick.net *.googleapis.com tracking.g2crowd.com ws.zoominfo.com *.vimeo.com *.vimeocdn.com b.sf-syn.com *.hscta.net *.ipdata.co clearout.io *.google.com *.gstatic.com *.googlesyndication.com *.googleadservices.com platform.linkedin.com *.twitter.com *.rawgit.com *.cloudflare.com *.jsdelivr.net *.ads-twitter.com *.linkedin.com *.facebook.net *.facebook.com *.stackadapt.com;; upgrade-insecure-requests
edge-cache-tag: CT-171122135465,CT-175267111570,CT-177500290394,P-10154,W-1719228789448,W-1719250215905,W-1719313890612,W-1719315701020,W-1719323221282,W-1720425980309,W-1723530813558,W-17346765702138,CW-184116772490,CW-184116772895,E-184103008357,E-184116449198,E-184116513657,E-184116517218,E-184116772626,E-184118224967,E-184118225306,E-184118225950,E-184467488120,E-185817449584,E-197244952368,E-85334211917,E-85334225289,E-86547530796,PGS-ALL,SW-0,GC-185791750406
permissions-policy: camera=(), microphone=(), geolocation=()
referrer-policy: no-referrer-when-downgrade
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-hs-cf-cache-status: REVALIDATED
x-hs-cache-config: BrowserCache-5s-EdgeCache-180s
x-hs-cache-control: s-maxage=36000, max-age=0
x-hs-content-id: 171122135465
x-hs-hub-id: 10154
x-hs-prerendered: Sun, 21 Dec 2025 03:15:05 GMT
x-xss-protection: 1
x-hs-cfworker-meta: {"contentType":"SITE_PAGE","resolver":"PreRenderedContentResolver"}
x-hs-portal-id: 10154
set-cookie: __cf_bm=YIe6t6TVy8yGFqiZ9mAzbVVhrPwuA9eDFCMUy4KpQOk-1766913599-1.0.1.1-pMsDnt.yP.MdjT7HWymXFFe8g.ORVRgM17IBnJlI8U.SJwKVCQHKsBIzEy02kQRrLwwb2Khfq0msFatkDlH3C7.NdcDrWD9oXAFVAJvwAgc; path=/; expires=Sun, 28-Dec-25 09:49:59 GMT; domain=.www.castsoftware.com; HttpOnly; Secure; SameSite=None
set-cookie: _cfuvid=e2cTLoWCIMWyaDs8F4oBBfrMQA22GAmIVG4x2XR.yxE-1766913599299-0.0.1.1-604800000; path=/; domain=.www.castsoftware.com; HttpOnly; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LdAu8e5vs14nHHS%2BM0h6etWGf5Gm41EPaMKyjtx6beTTCpoFCpYHScu1SrKsd4ucDgdCLKnnpgqqiJrWWBgoCWSln%2FMtJttK4ODWMaDuMUPoqr5836U83H9RQznkhI1mm15gyF6K"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 9b4ffaa7efcbb080-BLR
alt-svc: h3=":443"; ma=86400
SBOM Manager
Stop wasting your time with SBOM spreadsheets!
Free Automated and Comprehensive Software Bill of Materials (SBOMs)
Ensure compliance for your clients and regulatory bodies.
Flexible. Customizable. Reusable.
Accurate SBOMs without the hassle
CAST SBOM Manager
Free download – from the makers of the #1 rated enterprise SBOM product on G2
- Automatically analyze source code
- Create Software Bill of Materials (SBOMs) in seconds
- Instantly navigate SBOM details
- Quickly define proprietary components
- Catalog & reuse components across SBOMs
- Customize SBOMs for target audience
- Manage multiple SBOM versions
- Import and export SBOMs in multiple formats
Get it now
CAST SBOM Manager
Designed for software product owners, release managers, and compliance specialists
Ensure
software
compliance
US and EC
regulators require
detailed SBOMs
Avoid the
mountain of
spreadsheets
Automatically
create complete,
accurate SBOMs
How it works:
A simple 3-step process
Step 1:
Point CAST SBOM Manager at your code repository or import existing SBOM file for automatic scan and analysis.
Step 2:
View SBOM details including automatically created inventories of components, vulnerabilities, and licenses.
Step 3:
Export SBOM in various formats such as Excel, Word, PPT, and CycloneDX.
Watch Demo
SBOMs in seconds
Initiate SBOM creation from application code, existing files, Git repositories, or CAST Highlight results with a single click.
Define parameters like file exclusions, package scanners, catalogs, and more.
Instant SBOM insights
Get SBOM summary stats and insights in the dashboard view.
View sources, component categories, vulnerabilities, licenses, obsolescence, languages, topics, file extensions, and more.
Proprietary components
Define and save proprietary components to include in your SBOM based on files automatically detected during scans.
Include custom metadata including descriptions, licenses, vulnerabilities, copyrights, programming languages, and more.
Component data
Get details about all components in your SBOM.
Manage and edit details by adding your own metadata.
Add components to catalogs for sharing across SBOMs.
License information
Get details about all licenses in your SBOM.
View and define custom licenses and properties.
Manage OSS license risks & requirements, obsolescence and copyrights.
File structures
Instantly navigate the entire file structure of an SBOM visually.
Select specific files to create and define new components, adding them to the catalog for sharing and reuse.
Vulnerability details
View existing vulnerabilities such as CVEs from NIST's NVD, and security advisories from Github, Gitlab.
Create and define custom vulnerabilities.
Multiple SBOM formats
Export SBOMs in Excel, Word, CycloneDX. Import SBOMs from multiple formats.
Manage multiple SBOM versions and define what to include in the exported SBOM.
Customize SBOMs for target audience.
