OWASP CycloneDX SBOM Standard Launches Educational Learning Series

16 August 2021

The OWASP CycloneDX project, creators of the leading Software Bill of Materials (SBOM) format, announced the immediate availability of the CycloneDX Learning Series. The series of short-form content provides an easy path to explore and learn the CycloneDX SBOM standard.

CycloneDX is a modern, security focused SBOM specification supporting a wide range of cybersecurity, legal, and software distribution use cases. The CycloneDX Learning Series launches today with four episodes aimed at educating the public about the benefits of SBOMs, and CycloneDX specifically.

We’ve learned a lot from the thousands of organizations using CycloneDX today, and we wanted to share that knowledge with the wider community.” says Steve Springett, Chair of the CycloneDX Core Working Group. “With the recent Executive Order in the U.S., there’s a rush to understand SBOM capabilities and their impact to the organizations that need to produce or consume them. So it was important for us to provide an authoritative source of learning material and best practices the community can leverage to kickstart their SBOM efforts”.

The CycloneDX Learning Series consists of over thirty episodes, four of which are immediately available on the CycloneDX YouTube channel. Future episodes will be published throughout the remainder of the year.

About the OWASP Foundation

The Open Web Application Security Project (OWASP) is a nonprofit organization that works to improve the security of software. Through community-led open source software projects, over 260 local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web. For nearly two decades corporations, foundations, developers, and volunteers have supported the OWASP Foundation and its work. To learn more or to become a member, visit https://owasp.org.

OWASP and the Open Web Application Security Project are trademarks of the OWASP Foundation.

About CycloneDX

OWASP CycloneDX is a lightweight software bill of materials (SBOM) standard designed for use in application security contexts and supply chain component analysis. The CycloneDX project provides standards in XML, JSON, and Protocol Buffers, as well as a large collection of official and community supported tools that create or interoperate with the standard. The project operates as an independent meritocracy whose guiding principles reinforce its risk-based approach to standards development. The project encourages community participation in the development of the standard and supporting tools. CycloneDX is a flagship OWASP standards project. Visit https://cyclonedx.org for more information.

CycloneDX Supporters

Apiiro
Contrast Security
Ecma International
Fortress Information Security
IBM
IonChannel
Kondukto
Lockheed Martin
NowSecure
OWASP
Rezilion
ServiceNow
Sonatype