Vulnetix
Try Vulnetix Request Demo
Tool integration

Parlay Integration Guide

SBOM enrichment tool by Snyk — adds vulnerability and package metadata to existing SBOMs

Get a Free API Key

Enrich CycloneDX SBOMs with vulnerability data from Snyk and package metadata from ecosyste.ms using Parlay, then upload the enriched SBOM to Vulnetix.

CLI toolCycloneDXSPDX

Install & scan

$ go install github.com/snyk/parlay@latest

# or download binary from GitHub releases:
# https://github.com/snyk/parlay/releases/latest
$ cat bom.json | parlay ecosystems enrich - | parlay snyk enrich - | jq '.' > enriched-bom.json

Run Parlay in CI

Scan on every push and upload the results to Vulnetix:

- name: Install Parlay
  run: go install github.com/snyk/parlay@latest

- name: Enrich SBOM
  env:
    SNYK_TOKEN: ${{ secrets.SNYK_TOKEN }}
  run: cat bom.json | parlay ecosystems enrich - | parlay snyk enrich - > enriched-bom.json

- name: Upload to Vulnetix
  run: vulnetix upload --file enriched-bom.json

Centralise Parlay results in Vulnetix

Upload Parlay CycloneDX, SPDX output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.

Parlay documentation ↗  ·  Source repository ↗

Wire Parlay into your CI/CD pipeline →