CYCLONEDX / ABOUT / NEWSROOM
Incorporates Machine Learning transparency (ML-BOM), Formulation (MBOM), and enhanced support for SBOM quality indicators including evidence and lifecycles.
OWASP is often the first to reveal new, innovative ways to leverage SBOM. The release of CycloneDX version 1.5 is no different, opening up SBOM adoption to new industries and introducing numerous ways to customize CycloneDX SBOMs to indicate quality, show transparency, and expedite vulnerability remediation while increasing trust in the supply chain.
IBM contributes two open source projects, SBOM Utility and License Scanner, to CycloneDX
Launches reference implementation incorporated into the CycloneDX BOM Repository Server
Adds support for Vulnerability Exploitability Exchange (VEX), release notes, and improved support for hardware devices
Subscribe to the CycloneDX YouTube channel for foundational content to accelerate SBOM adoption
The CycloneDX project, with origins in the OWASP community, formally joins OWASP as a flagship standards project