CycloneDX/specification
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
The CycloneDX specification helps organizations create and exchange comprehensive lists of components used in software, hardware, or even AI/ML systems. It takes information about the constituent parts of a product or system and produces a standardized Bill of Materials (BOM) to improve supply chain transparency and cyber risk management. This is designed for security professionals, procurement teams, and compliance officers who need to understand the exact composition of what they are buying or deploying.
487 stars.
Use this if you need a standardized way to document and share the components, vulnerabilities, and supply chain information for your software, hardware, or other systems to manage cybersecurity risks.
Not ideal if you only need a simple inventory list without detailed supply chain or vulnerability insights.
Stars
487
Forks
83
Language
XSLT
License
Apache-2.0
Category
Last pushed
Mar 12, 2026
Commits (30d)
0
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/ai-coding/CycloneDX/specification"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Related tools
MANDO-Project/ge-sc-transformer
MANDO-HGT is a framework for detecting smart contract vulnerabilities. Given either in source...
ashiandd/arsenal-ng
🎯 Launch pentesting commands quickly with arsenal-ng, a modern, streamlined tool in Go, focused...
AbstractionsLab/c5dec
C5-DEC CAD (part of CyFORT/IPCEI-CIS): AI-enabled toolkit for secure system design, development...
Sherin-SEF-AI/CTF-Term
cross-platform terminal CTF engine with both CLI and TUI interfaces. Features local SQLite...
jaysab1201/SILVERPICK
🚀 Build efficient Position Independent Code for Windows x64 using SILVERPICK, a user-friendly...