CycloneDX SBOM Spec (OWASP)
@CycloneDX_Spec
OWASP CycloneDX is a modern standard for the software supply chain. Software Bill of Materials (SBOM), SaaSBOM, Cryptography (CBOM), AI/ML-BOM, VDR/VEX...
You might like
Join us on Wed May 28, 2025 in Barcelona for a hands-on hackathon to test Beta 1 of the Transparency Exchange API (TEA) — a new way to securely exchange SBOMs, attestations & more. Free registration, thanks to @OWASP & @EcmaIntl cyclonedx.org/events/hackath… #CycloneDX #SBOM
Project Sunshine, by the @CycloneDX_Spec team is just amazing. Proper visualisations, with EPSS and CISA KEV enrichments, of your SBOM github.com/CycloneDX/Suns…
CycloneDX v1.7 is here! The latest release strengthens software & system transparency with: - Cryptography BOM (CBOM) - Data provenance & citations - Intellectual property visibility Learn more: cyclonedx.org/news/cyclonedx… #OWASP #CycloneDX #SBOM #CBOM #CyberSecurity
📊 "Content is king" - Steve Springett on #SBOMlearningWeek Day 4. Learn how CycloneDX is enabling machine-readable attestations and five dimensions for evaluating SBOM completeness. anchore.com/blog/sbom-insi… (Miss day #3? It's here anchore.com/blog/devops-sc…) #DevSecOps
🚀vet v1.10 is here...with CycloneDX SBOM support! Generate detailed SBOMs with: 📦 Package metadata (PURLs, licenses) 🛡️ Vulnerabilities & malware info Run: vet scan --report-cdx sbomfile.cdx.json Try vet: github.com/safedep/vet #CycloneDX #SBOM #SupplyChainSecurity
Join our community meeting next Wednesday, 2nd April at 4-5PM UTC for a presentation from our friends at #Monzo Bank! Learn how they replaced a proprietary vulnerability scanner with #CycloneDX #SBOMs & DT. Calendar: dub.sh/dtcalendar Zoom: dub.sh/dtzoom
The next #OWASP Dependency Track Community Meeting (virtual) on April 2nd is going to be interesting: Learn how leading UK neobank Monzo replaced a proprietary vulnerability scanner with open-source OWASP #CycloneDX and Dependency Track:
Join the DT community meeting next Wednesday, 2nd April at 4-5PM UTC for a presentation from our friends at @monzo Bank! Learn how they replaced a proprietary vulnerability scanner with #CycloneDX #SBOMs & DT. Calendar: dub.sh/dtcalendar Zoom: dub.sh/dtzoom
Join the DT community meeting next Wednesday, 2nd April at 4-5PM UTC for a presentation from our friends at @monzo Bank! Learn how they replaced a proprietary vulnerability scanner with #CycloneDX #SBOMs & DT. Calendar: dub.sh/dtcalendar Zoom: dub.sh/dtzoom
🚨 New Webinar 🚨 The need for verifiable trust in #software components is critical. Learn to build on #SBOMs w/ CycloneDX attestation plus how to create cryptographically verifiable evidence of #security practices, #automate manual audit workflows & more. get.anchore.com/cyclonedxandsb…
What’s Your C/C++ Code Made Of? The Importance of the Software Bill of Materials Learn about SBOMs for C/C++ projects, and how Conan can generate CycloneDX @CycloneDX_Spec SBOMs of your dependencies, store them inside your package metadata and more: blog.conan.io/2025/02/05/Wha…
"Seat-belt approach" for #SBOMs! 💺 cdxgen >= v11.1.7's new "secure mode" uses Node.js permissions to control resource access. Safely analyze even untrusted code by limiting file access, process execution, & more. This fixes CVE-2024-50611. github.com/CycloneDX/cdxg…
Why We Chose CycloneDX Over SPDX #SBOM #CyberSecurity - worklifenotes.com/2025/01/21/why…
worklifenotes.com
Why We Chose CycloneDX Over SPDX - Work & Life Notes
This is my second post in SBOM series where I would explain why we chose CycloneDX over SPDX for our projects. The first post was focusing on the need to have
Level up your Ruby SBOMs with cdxgen v11.1.0 - now featuring #evinse for enhanced security and insights. Chat with #cdxgenGPT to learn more chatgpt.com/g/g-673bfeb403…
We even have a very nice, very small, very interested working group around...Threat Modeling BOM. Come join us. There's plenty of work to be done, and you get to help build some potentially very cool stuff. cyclonedx.org/participate/wo… 2/2
Do you, like me, scratch your head and think "SBOMs, what are they good for?" ? If you do, why not join one of the working groups on CycloneDX - now even easier to do by checking out the new site at cyclonedx.org ! 1/2
OWASP Members change the world. Your membership helps shape the organization and drives our projects and community. If you are not a member or are due for renewal within 60 days, please join or renew today and get 10-25% off! owasp.org/membership > Memberships > Apply
it-depends, the most comprehensive SBOM builder from @trailofbits, now has CycloneDX support github.com/trailofbits/it…
We're proud to host the 128th Meeting of the Ecma General Assembly at @Bloomberg's Global HQ, starting today in NYC! We welcome the attending Ecma members & wish them a productive week discussing the future of Ecma's standards, including #ECMAScript & #CycloneDX! #opensource
📣 dist 0.26.0 is out! - 🦀 built-in Rust cross-compilation - 🛡️ cyclonedx SBOMs, cargo-audit, and omniBOR - 🪪 checksum verification in all installers ...and more! check out the release notes here: github.com/axodotdev/carg…
"It's really about transparency." Episode 22 of Nerding Out with Viktor with Steve Springett is available on YouTube and all major listening platforms 🎧 vpetersson.com/podcast/S01E22… #SBOMs #CycloneDX #podcast
United States Trends
- 1. Bills 125K posts
- 2. Josh Allen 11.2K posts
- 3. Dolphins 25.4K posts
- 4. Drake Maye 10.7K posts
- 5. Bears 46.9K posts
- 6. Giants 50.1K posts
- 7. Dart 19.1K posts
- 8. Bryce 13.1K posts
- 9. Ravens 29.3K posts
- 10. Caleb Williams 3,182 posts
- 11. Browns 27.3K posts
- 12. Vikings 24.6K posts
- 13. Saints 29.2K posts
- 14. Jonathan Taylor 22.4K posts
- 15. Henderson 9,494 posts
- 16. Justin Fields 2,694 posts
- 17. Ben Johnson 2,027 posts
- 18. Joe Brady 2,657 posts
- 19. JJ McCarthy 2,872 posts
- 20. Jefferson 7,692 posts
You might like
Something went wrong.
Something went wrong.