@cyclonedx.bsky.social
OWASP CycloneDX is a modern standard for the software supply chain. #SBOM #SaaSBOM #CBOM #MLBOM #AIBOM #HBOM #VEX CycloneDX is an open industry specification standardized by Ecma TC54 as ECMA-424. https://cyclonedx.org https://tc54.org/cyclonedx/
The Authoritative Guide to AI/ML-BOM from CycloneDX just dropped. Full transparency into your AI supply chain: security, compliance, data lineage, reproducibility. AI regulations are here. Be ready.
#AI #AIBOM #SBOM #OWASP #CycloneDX
cyclonedx.org/guides/
"The format doesn't really matter... It's really about the content."
We hosted @stevespringett.bsky.social, Chair of the CycloneDX WG, to discuss why the industry needs to stop fighting format wars and st... https://anchore.com/blog/4-lessons-on-future-of-software-transparency-with-steve-springett/
CycloneDX v1.7 is here!
The latest release strengthens software & system transparency with:
- Cryptography BOM (CBOM)
- Data provenance & citations
- Intellectual property visibility
Learn more: cyclonedx.org/news/cyclone...
#OWASP #SBOM #CBOM #CyberSecurity
Join us on Wed May 28, 2025 in Barcelona for a hands-on hackathon to test Beta 1 of the Transparency Exchange API (TEA) — a new way to securely exchange SBOMs, attestations & more.
Free registration, thanks to @owasp.org and Ecma International.
cyclonedx.org/events/hacka...
#CycloneDX #SBOM
Honored to be discussing @cyclonedx.bsky.social and machine-readable attestations with Anchore this month. Join me! This is going to be fun and educational for anyone not familiar with CycloneDX Attestations (CDXA). This is an ideal solution for EO 14144 which requires machine-readable attestations.
The continued innovation happening in @cyclonedx.bsky.social is truly inspiring. This week, its from the cdxgen team with "cdx1", a family of open-source, SOTA machine learning (ML) models purpose-built for xBOM analysis, validation, and reasoning.
www.linkedin.com/pulse/cdx1-u...
#OWASP #SBOM
From @cyclonedx.bsky.social Level up your Ruby SBOMs with cdxgen v11.1.0 - now featuring #evinse for enhanced security and insights. Chat with #cdxgenGPT to learn more. chatgpt.com/g/g-673bfeb4...
From Jeff Williams at @cyclonedx.bsky.social
"The new Cybersecurity EO requires machine readable secure software development attestations. Good thing the OWASP CycloneDX project already created the CDXA standard to capture attestations."
Check it out: cyclonedx.org/capabilities...
At the first ever KoalaCon @owasp.org shared insights into how TEA (Transparency Exchange API) can help automate your product lifecycle. This will be essential to dependency management and vulnerability management in the future. And you can be part of it! #cybersec #appsec #dependency-management
KoalaCon 2024 was a huge success. Thank you to all the speakers, including Olle E Johansson, Anthony Harrison, Niklas Düster, Viktor Petersson, and Piotr P. Karwasz. Couldn't attend. No worries, the recording is available on YouTube.
youtu.be/NStzYW4WnEE?...
#OWASP #SBOM #SoftwareTransparency