CycloneDX Bill of Materials Specification (ECMA-424)

CycloneDX SBOM Spec (OWASP) on X: "CycloneDX v1.7 is here! The latest release strengthens software & system transparency with: - Cryptography BOM (CBOM) - Data provenance & citations - Intellectual property visibility Learn more: https://t.co/VjHCDgC5tL #OWASP #CycloneDX #SBOM #CBOM #CyberSecurity" / X CycloneDX v1.7 is here! The latest release strengthens software & system transparency with: - Cryptography BOM (CBOM) - Data provenance & citations - Intellectual property visibility Learn more: https://t.co/VjHCDgC5tL #OWASP #CycloneDX #SBOM #CBOM #CyberSecurity

CycloneDX v1.7 is here!

The latest release strengthens software & system transparency with:
- Cryptography BOM (CBOM)
- Data provenance & citations
- Intellectual property visibility

Learn more: cyclonedx.org/news/cyclone...

#OWASP #SBOM #CBOM #CyberSecurity

Transparency Exchange API (TEA) Hackathon - Barcelona 2025 | CycloneDX Join us in Barcelona to test and shape the Transparency Exchange API, the next evolution in secure supply chain communication.

Join us on Wed May 28, 2025 in Barcelona for a hands-on hackathon to test Beta 1 of the Transparency Exchange API (TEA) — a new way to securely exchange SBOMs, attestations & more.

Free registration, thanks to @owasp.org and Ecma International.

cyclonedx.org/events/hacka...

#CycloneDX #SBOM

Honored to be discussing @cyclonedx.bsky.social and machine-readable attestations with Anchore this month. Join me! This is going to be fun and educational for anyone not familiar with CycloneDX Attestations (CDXA). This is an ideal solution for EO 14144 which requires machine-readable attestations.

cdx1 - Unlocking the Next Frontier in xBOM Analysis If asked to name an incubator that has produced hundreds of projects and tens of highly valuable unicorns, one need only mention the OWASP Foundation. While many in the Western world erroneously assum...

The continued innovation happening in @cyclonedx.bsky.social is truly inspiring. This week, its from the cdxgen team with "cdx1", a family of open-source, SOTA machine learning (ML) models purpose-built for xBOM analysis, validation, and reasoning.

www.linkedin.com/pulse/cdx1-u...

#OWASP #SBOM

ChatGPT - CycloneDX Generator (cdxgen) I'm a CycloneDX and xBOM expert.

From @cyclonedx.bsky.social Level up your Ruby SBOMs with cdxgen v11.1.0 - now featuring #evinse for enhanced security and insights. Chat with #cdxgenGPT to learn more. chatgpt.com/g/g-673bfeb4...

From Jeff Williams at @cyclonedx.bsky.social
"The new Cybersecurity EO requires machine readable secure software development attestations. Good thing the OWASP CycloneDX project already created the CDXA standard to capture attestations."

Check it out: cyclonedx.org/capabilities...

At the first ever KoalaCon @owasp.org shared insights into how TEA (Transparency Exchange API) can help automate your product lifecycle. This will be essential to dependency management and vulnerability management in the future. And you can be part of it! #cybersec #appsec #dependency-management

YouTube video by OWASP CycloneDX OWASP KoalaCon 2024

KoalaCon 2024 was a huge success. Thank you to all the speakers, including Olle E Johansson, Anthony Harrison, Niklas Düster, Viktor Petersson, and Piotr P. Karwasz. Couldn't attend. No worries, the recording is available on YouTube.

youtu.be/NStzYW4WnEE?...

#OWASP #SBOM #SoftwareTransparency