From 98d2e10269629150f58e9e0cc20ed7e7dcd69bc9 Mon Sep 17 00:00:00 2001
From: David Karlsson <35727626+dvdksn@users.noreply.github.com>
Date: Wed, 14 Feb 2024 18:28:47 +0100
Subject: [PATCH] scout: refresh sbom page

Signed-off-by: David Karlsson <35727626+dvdksn@users.noreply.github.com>
---
 content/scout/sbom.md | 30 +++++++++++++++---------------
 1 file changed, 15 insertions(+), 15 deletions(-)

diff --git a/content/scout/sbom.md b/content/scout/sbom.md
index d22f40ec4c..ef5280b8c2 100644
--- a/content/scout/sbom.md
+++ b/content/scout/sbom.md
@@ -4,9 +4,9 @@ description: Use Docker Scout to extract the SBOM for your project.
 keywords: scout, supply chain, sbom, software bill of material, spdx
 ---
 
-As part of [image analysis](./image-analysis.md), Docker Scout generates a
-Software Bill of Material (SBOM) for your project. The SBOM uses the Software
-Package Data Exchange (SPDX) format.
+[Image analysis](./image-analysis.md) uses image SBOMs to understand what packages and versions an image contains.
+Docker Scout uses SBOM attestations if available on the image (recommended).
+If no SBOM attestation is available, Docker Scout creates one by indexing the image contents.
 
 ## View from CLI
 
@@ -18,14 +18,14 @@ $ docker scout sbom [IMAGE]
 ```
 
 By default, this prints the SBOM in a JSON format to stdout.
+The default JSON format produced by `docker scout sbom` isn't SPDX-JSON.
+To output SPDX, use the `--format spdx` flag:
 
-> **Note**
->
-> The JSON format produced by `docker scout sbom` isn't SPDX-JSON. To generate
-> SPDX, use the SBOM generator plugin for BuildKit, see [Attach the SBOM as a
-> build attestation](#attest).
+```console
+$ docker scout sbom --format spdx [IMAGE]
+```
 
-Use the `--format list` flag to generate a human-readable output.
+To generate a human-readable list, use the `--format list` flag:
 
 ```console
 $ docker scout sbom --format list alpine
@@ -60,10 +60,11 @@ reference](../reference/cli/docker/scout/sbom.md).
 
 You can generate the SBOM and attach it to the image at build-time as an
 [attestation](../build/attestations/_index.md). BuildKit provides a default
-SBOM generator which is different from what Docker Scout uses. You can swap out
-the default generator and replace it with the Docker Scout SBOM generator,
-which creates richer results and ensures better compatibility with the Docker
-Scout image analysis.
+SBOM generator which is different from what Docker Scout uses.
+You can configure BuildKit to use the Docker Scout SBOM generator
+using the `--attest` flag for the `docker build` command.
+The Docker Scout SBOM indexer provides richer results
+and ensures better compatibility with the Docker Scout image analysis.
 
 ```console
 $ docker build --tag <org>/<image> \
@@ -71,8 +72,7 @@ $ docker build --tag <org>/<image> \
   --push .
 ```
 
-The default, non-containerd image store doesn't currently support images with
-attestations. To build images with SBOM attestations, you can either turn on
+To build images with SBOM attestations, you must either turn on
 the [containerd image store](../desktop/containerd.md) feature, or use a
 `docker-container` builder together with the `--push` flag to push the image
 (with attestations) directly to a registry.