Graph Search

Our SBOM analysis feature works by analyzing the code of a user's project and identifying all of the software components that are used, as well as any dependencies between them. This information is then organized into an SBOM format and saved to a Neo4j database for easy access and querying.

Using Neo4j's powerful graph database technology, users can interact with the SBOM data in a variety of ways. The graph interface allows users to input graph queries and see the results as nodes in a graph, making it easy to visualize the software components and dependencies in their project.

Using the graph interface

To use the Neo4j graph interface, users simply need to input a graph query using the Cypher query language. For example, a user might input a query to find all of the software components in their project that have a particular license. The query might look something like this:

MATCH (n: Package) RETURN n LIMIT 25

The results of the query would be displayed as nodes in a graph, with each node representing a software package that matches the query. Users can then explore the graph further, clicking on nodes to see more information about each component and its dependencies, Also you can click the "From Image" link to go to the source resource(Docker image or GitHub Repository or File).

You can learn more cypher query docs in their official website.

Sample query

Query packages that have relationship with specific package

MATCH (n)-[]-(x) WHERE = "Alpine Linux v3.11" RETURN n, x LIMIT 25

Query packages affected by specific CVE

MATCH (n)-[]-(x: Vulnerability) WHERE = "vim" RETURN n, x LIMIT 25

Search templates


This query can show the top 5 CVEs that effect most of your package. By using this template your can find our which CVE you should care about most.


This query can show the package has most CVEs. You should consider upgrade or remove those package seriously.

Neo4j Nodes and Relations


Package: Could be a software package or a docker base image like Ubuntu.

Vulnerability: Usually it's a CVE


  "imageId": "63219c545e269d1x6e27952f1",
  "name": "Alpine Linux v3.11",
  "purl": "os:Alpine Linux v3.11/1.1.24-r2",
  "version": "1.1.24-r2",
  "userId": "your user id",
  "tags": [


DependsOn: Packages can depends on each other. i.e.: alpine linux v3.11 dependsOn busybox

Vulnerable: Package busybox vulnerable by CVE-2021-42384

You can use those node and reference in cypher query to show the result you want.


  "imageId": "63219ca45e269d1d6e27952f",
  "id": "CVE-2020-28928",
  "userId": "your user id"