The Authoritative Guide to AI/ML-BOM from CycloneDX just dropped. Full transparency into your AI supply chain: security, compliance, data lineage, reproducibility. AI regulations are here. Be ready.

#AI #AIBOM #SBOM #OWASP #CycloneDX

https://cyclonedx.org/guides/

Proudly introducing our speaker Dr Allan Friedman! Allan will talk in the SBOM Focus conference on Friday April 10th. Registration is now open at https://nsss.se

#SBOM #CYCLONEDX #SPDX #CYBERSECURITY #CRA #EUCRA

Our sister conference, SBOM FOCUS, is looking for speakers and sponsors. Registration will open soon!

#SBOM #CYCLONEDX #SPDX #CRA

Back from #FOSDEM and working on the new European SBOM conference in Stockholm April 10th. Send me your ideas for talks!

#SBOM #CYCLONEDX #SPDX #CYBERSECURITY #CRA #EUCRA

The slides for my presentation "Please sign your artefacts. WITH WHAT?" at #FOSDEM in the Security devroom are now available for viewing. A video will be coming soon.

https://fosdem.org/2026/schedule/event/RFFD3M-sign-your-artefacts/

#SBOM #SPDX #CYCLONEDX #OWASP #CYBERSECURITY #PKILOVE #pki

At the #AboutCode SBOM tools workshop we talked about creating a way of continuing the discussions. I've just created a #SBOM-tools slack channel in the @orcwg space. Join us to discuss #SBOM tools and interoperability!

https://orcwg.org/participate/

#SBOM #CYCLONEDX #SPDX #PURL

Going to #FOSDEM? Please join us to celebrate our recent success stories in ECMA TC54! #CycloneDX 1.7, Package URL (#PURL) 1.0 and the Common Lifecycle Enumeration 1.0 (#CLE). We are working to improve all of these and complete the Transparency Exchange API (#TEA) soon!

Join us in the Bedford hotel, Brussels, Friday January 30 at 17-19 for Drinks and light bites. Register att https://workshop.aboutcode.org with the code TC54FTW to reserve a ticket while they're available!

Looking forward to meeting you there!

#SBOM #CYCLONEDX #PURL #TEA #CLE

@CycloneDX
@owasp @fosdem

Dự án mã nguồn mở mới: bảng điều khiển phụ thuộc tĩnh dựa trên SBOM (CycloneDX) + quét OSV. Trang tĩnh hiển thị phụ thuộc trực tiếp & chuyển tiếp, tra cứu lỗ hổng nhanh, không cần backend, triển khai dễ trên GitHub/GitLab Pages. Hiện hỗ trợ CycloneDX, sắp hỗ trợ SPDX. #OpenSource #MãNguồnMở #SBOM #CycloneDX #OSV #StaticSite #DependencyVisualization #CôngCụ #BảoMật

https://www.reddit.com/r/opensource/comments/1qkrsaz/opensource_static_dependency_dashboard_using/

PEP 770 was accepted in April of this year, what has happened since then?

* Published a white paper on PEP 770 and phantom dependencies
* Auditwheel, manylinux, and cibuildwheel adoption
* Over 300 projects already ship with PEP 770 SBOM data
* Fedora and Red Hat adopted PEP 770 for Python packages

Read more: https://sethmlarson.dev/pep-770-sbom-data-from-pypi-fedora-and-redhat

#Python #SBOM #CycloneDX #SPDX #auditwheel #cibuildwheel

The SPDX community is now creating a new list — similar to the SPDX License List — but focused on cryptographic algorithms. This post shares how this effort started, its current status, the next steps, and a final call for participation.

http://toscalix.com/2025/10/14/introducing-the-spdx-cryptographic-algorithm-list-a-personal-view/

#spdx #sbom #cyclonedx #cryptography #algorithm #linuxfoundation