Vendor needs to provide cloud–based software bill of materials generation and vulnerability analysis solution. Requirements for an enterprise Software Bill of Materials (SBOM) generation, container analysis, and vulnerability scanning capability to support DevSecOps and Platform One operation. Provide an enterprise solution capable of automated SBOM creation, container image analysis, vulnerability detection, and integration into Air Force DevSecOps pipelines. Provide an API and/or CLI to generate SBOMs during the build process (CI/CD). Software must integrate with standard vulnerability databases. Mechanisms for users to mark or override false positives and provide context for false negatives. Software must track changes over time to detect new vulnerabilities that affect older versions of the software. Ability to examine the content of files and evaluate policy rules based on content. The product should provide configurable alert channels (e.g., email, Slack, webhook) when new vulnerabilities are identified in existing SBOMs. Dashboard should provide an at–a–glance view of vulnerability statuses, license compliance, and risk posture across multiple projects. Software must support role–based access control (RBAC), single sign–on (SSO), and secure authentication protocols (OAuth, SAML). Provide an intuitive web interface for non–technical stakeholders to view SBOMs, vulnerabilities, and generate reports. Robust automated testing to ensure accuracy of SBOM generation, vulnerability detection, and reporting.