CycloneDX is SBOM SaaSBOM VEX OBOM MBOM

Software Bill of Materials

Software-as-a-Service Bill of Materials

Vulnerability Exploitability Exchange

Operations Bill of Materials

Manufacturing Bill of Materials

12 January 2022 - CycloneDX v1.4 Released - Expands SBOM Capabilities, Accelerating Innovation and Supply Chain Risk Reduction

Capabilities

CycloneDX is a modern standard for the software supply chain. Discover the many capabilities that await.

Use Cases + Examples

Explore a wide array of use cases along with corresponding examples in both XML and JSON formats.

Tool Center

Discover open source and proprietary tools and solutions that support the CycloneDX standard.

Introduction

OWASP CycloneDX is a lightweight Software Bill of Materials (SBOM) standard designed for use in application security contexts and supply chain component analysis.

Strategic direction and maintenance of the specification is managed by the CycloneDX Core working group, with origins in the OWASP community.

Capabilities

Use Cases + Examples

Tool Center

Introduction

CycloneDX Supporters