Linked SBOM page, added scheduled run to update SBOM reports after new SBOMs are generated (#103)

kchudy · web-flow · commit fd69e5cebc3b · 2025-10-02T11:52:39.000+02:00
* Added scheduled run

* Linked sbom page
diff --git a/.github/workflows/deploy.yml b/.github/workflows/deploy.yml
@@ -4,6 +4,8 @@ on:
   push:
     branches:
       - main
+  schedule:
+    - cron: '30 3 * * *' # 3:30 AM UTC (SBOMs regenerate at 2:30 AM UTC)
 
 # Sets permissions of the GITHUB_TOKEN to allow deployment to GitHub Pages
 permissions:
diff --git a/src/pages/sbom.astro b/src/pages/sbom.astro
@@ -128,7 +128,7 @@ const tags = [
   <Navigation activeSlug="/security/" />
 
   <main id="home-page">
-    <FlexibleSection leftRatio={1} title="What is SBOM?" theme="light">
+    <FlexibleSection leftRatio={1} title="What is SBOM?" theme="light" id="what-is-sbom">
       <div slot="left" class="sbom-intro">
         <p>
           A <strong>Software Bill of Materials (SBOM)</strong> is a structured inventory of all components that make up
@@ -151,7 +151,7 @@ const tags = [
     </FlexibleSection>
 
   
-    <FlexibleSection leftRatio={1} title="SBOM file list with vulnerability status" theme="light">
+    <FlexibleSection leftRatio={1} title="SBOM file list with vulnerability status" theme="light" id="sbom-list">
       <div slot="left" class="sbom-filelist">
         <p>
           Separate SBOMs are available for <strong>mobile apps</strong> (Android, iOS), the <strong>desktop app</strong>
diff --git a/src/pages/security.astro b/src/pages/security.astro
@@ -45,8 +45,9 @@ const tags = [
       title="Our Security Approach"
       description="Building a secure software is a mindset. Features, great UI, and easy deployment are often things that draw users to the software, but when building software in the cybersecurity space, the approach to security should be what tips the scales of choice. Here is ours."
       buttons={[
-        { name: "Pentesting Security Report", link: "/pentesting/" },
-        { name: "Vulnerability Disclosure Process", link: "#VDP" }
+        { name: "Pentesting Report", link: "/pentesting/" },
+        { name: "Daily SBOM CVE scans", link: "/sbom/" },
+        { name: "Vulnerability Disclosure", link: "#VDP" }
       ]}
     />
 
@@ -128,10 +129,17 @@ const tags = [
       <div slot="left">
         <ul>
           <li>As far as we know, we are <b>the only VPN solution that publishes 
-          <a href="https://defguard.net/pentesting/">detailed penetration testing reports</b> 
+          <a href="/pentesting/">detailed penetration testing reports</b> 
           from periodic security audits</a> conducted by <a href="https://isec.pl" target="_blank">
             ISEC</a> on all Defguard components.
           </li>
+          <li>
+            We publish <b>Software Bill of Materials (SBOM)</b> for all our components, providing 
+            <a href="/sbom/">detailed information</a> about the ingridients of the software we ship. 
+            Every day we use the SBOMs to scan for vulnerabilities in our dependencies and publish 
+            the <a href="/sbom#sbom-list">results</a>.
+            <b>Reacting to new vulnerabilities is a high priority for us.</b>
+          </li>
           <li>
             Most of our code is open source, and the enterprise part is open code —
             enabling you to freely test and verify.
