diff --git a/internal/ihop/sbom.go b/internal/ihop/sbom.go
index 1ed29e5f..53ed4d6b 100644
--- a/internal/ihop/sbom.go
+++ b/internal/ihop/sbom.go
@@ -19,6 +19,7 @@ type LegacySBOMPackage struct {
 	Version string                   `json:"version"`
 	Arch    string                   `json:"arch"`
 	Source  *LegacySBOMPackageSource `json:"source,omitempty"`
+	Summary string                   `json:"summary,omitempty"`
 }
 
 // LegacySBOMPackageSource represents a package source as defined in the legacy
@@ -98,7 +99,7 @@ func (s SBOM) LegacyFormat() (string, error) {
 					Version:         metadata.SourceVersion,
 					UpstreamVersion: upstreamVersion,
 				},
-				// TODO: Summary
+				Summary: strings.SplitN(metadata.Description, "\n", 2)[0],
 			})
 
 		case pkg.ApkMetadata:
diff --git a/internal/ihop/sbom_test.go b/internal/ihop/sbom_test.go
index 6250582f..7c0f6577 100644
--- a/internal/ihop/sbom_test.go
+++ b/internal/ihop/sbom_test.go
@@ -36,6 +36,7 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) {
 							Architecture:  "arm64",
 							Source:        "c-package-source",
 							SourceVersion: "3.1.2-upstream-ubuntu3",
+							Description:   "a package for c\n provides a bunch of c stuff",
 						},
 					},
 					pkg.Package{
@@ -103,7 +104,8 @@ func testSBOM(t *testing.T, context spec.G, it spec.S) {
 						"name": "c-package-source",
 						"version": "3.1.2-upstream-ubuntu3",
 						"upstreamVersion": "3.1.2-upstream"
-					}
+					},
+					"summary": "a package for c"
 				}
 			]`))
 		})