Participate

Welcome to the community. CycloneDX encourages individual and corporate participation and is open to anyone with an interest in creating, consuming, and sharing CycloneDX Software Bill of Materials.

CycloneDX specification

The CycloneDX specification is developed in the open, with complete transparency, using a lightweight, risk-based standardization process. Everyone is welcome to participate in the advancement of the core standard and extensions.

CycloneDX tools

Source code for all official CycloneDX tools exist in the CycloneDX GitHub organization. Anyone is free to create issues, submit pull requests, and make other positive contributions.

Communications

The CycloneDX Core team and Industry Working Group (IWG) communicate primarily in Slack. Individual channels exist for the specification, for working groups, and for each official implementation. Everyone interested in CycloneDX or SBOMs in general, is encouraged to participate.

In addition to Slack, a mailing list is available for anyone to join.

Meetings

The CycloneDX Core Team meets on the 1st Tuesday of every month at 4:00pm EST (21:00 UTC). Primary topics include project oversight, backlog prioritization, and release planning. Technical discussions continuously take place on GitHub and Slack.

CycloneDX Supporters

Apiiro
Bloomberg
Contrast Security
Ecma International
Fortress Information Security
IBM
IonChannel
Kondukto
Lockheed Martin
NowSecure
OWASP
Rezilion
ServiceNow
Sonatype