OWASP CycloneDX

@[email protected]
148 Followers
7 Following
28 Posts
OWASP CycloneDX is a modern standard for the software supply chain. Software Bill of Materials (SBOM), SaaSBOM, OBOM, Advisories, VEX, and more.
Websitehttps://cyclonedx.org/
Blueskyhttps://bsky.app/profile/cyclonedx.bsky.social
GitHubhttps://github.com/CycloneDX
YouTubehttps://www.youtube.com/@CycloneDX
Slackhttps://cyclonedx.org/slack
Slack Invitehttps://cyclonedx.org/slack/invite
OWASP CycloneDXMar 4
OWASP CycloneDXMar 3

The Authoritative Guide to AI/ML-BOM from CycloneDX just dropped. Full transparency into your AI supply chain: security, compliance, data lineage, reproducibility. AI regulations are here. Be ready.

#AI #AIBOM #SBOM #OWASP #CycloneDX

https://cyclonedx.org/guides/

Guides and Resources | CycloneDX

Unlock valuable insights and practical guidance to help your organization maximize CycloneDX and reduce supply chain risk.

OWASP CycloneDXMar 3

The Authoritative Guide to AI/ML-BOM from CycloneDX just dropped. Full transparency into your AI supply chain: security, compliance, data lineage, reproducibility. AI regulations are here. Be ready.

#AI #AIBOM #SBOM #OWASP #CycloneDX

https://cyclonedx.org/guides/

Guides and Resources | CycloneDX

Unlock valuable insights and practical guidance to help your organization maximize CycloneDX and reduce supply chain risk.

OWASP CycloneDXJan 2
OWASP FoundationJan 1

✨ Happy New Year! ✨
A new year begins, and a special celebration awaits. Join us in 2026 as we mark our 25th Anniversary together 🎉

#appsec #newyear #owasp #25thanniversary #cybersecurity #community

OWASP CycloneDXJan 2
OWASP FoundationJan 2

🎉 New year, new AppSec goals! Early Bird tickets for OWASP Global AppSec Vienna 2026 are live
https://owasp.glueup.com/event/162243/register/
25 years of OWASP 🇦🇹 Training + Conference + hands-on learning 🚀 Don’t miss out! 🔐

#appsec #owasp #cybersecurity #earlybird #conference #training

OWASP CycloneDXJun 10, 2024

Huge congrats (and thank you) to IBM for releasing an open source plugin for SonarQube which generates Cryptography Bill of Materials (#CBOM). https://github.com/IBM/sonar-cryptography

And check out the Authoritative Guide to CBOM available at https://cyclonedx.org/guides/OWASP_CycloneDX-Authoritative-Guide-to-CBOM-en.pdf

#OWASP #SBOM #cryptography

GitHub - IBM/sonar-cryptography: This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM.

This repository contains a SonarQube Plugin that detects cryptographic assets in source code and generates CBOM. - IBM/sonar-cryptography

GitHub
OWASP CycloneDXApr 12, 2024

#OWASP CycloneDX v1.6 now available with support for Cryptography Bill of Materials (CBOM), Attestations, and more. Explore whats new in the:

- Authoritative Guide to CBOM
- Authoritative Guide to Attesations
- Authoritative Guide to SBOM, Second Edition

https://cyclonedx.org/guides/

Guides and Resources | CycloneDX

Unlock valuable insights and practical guidance to help your organization maximize CycloneDX and reduce supply chain risk.

OWASP CycloneDXMar 7, 2024
OWASP Dependency-TrackMar 7, 2024

Couldn’t attend this week’s Dependency-Track community meeting? No worries, we’ve got the recording.

@nscur0 leads us through the project roadmap. We also have special guests from the @CycloneDX #cryptography working group presenting #CBOM. Don’t miss it.

https://www.youtube.com/watch?v=0WPvVCRyLjw

Dependency-Track Community Meeting (2024-03-06)

YouTube
OWASP CycloneDXMar 7, 2024

OWASP CycloneDX is ready to support your CRA compliance journey! - by Olle E Johansson

https://owasp.org/blog/2024/03/07/OWASP-CycloneDX-is-ready-to-support-your-CRA-compliance-journey.html

#SBOM #CBOM #VDR #VEX #Ecma #tc54 #cryptography #softwaresupplychain #cra

OWASP CycloneDX is ready to support your CRA compliance journey! | OWASP Foundation

OWASP CycloneDX is ready to support your CRA compliance journey! on the main website for The OWASP Foundation. OWASP is a nonprofit foundation that works to improve the security of software.

OWASP CycloneDXJan 24, 2024
OWASP Dependency-TrackJan 24, 2024

Join us for our next community meeting on January 31st at 3PM UTC (10:00am U.S. Eastern)!

Agenda:
- Project / Release Update (~15 min)
- How IBM CISO uses Dependency-Track (~10 min)
- Q&A (~30 min)

Calendar invite:
https://calendar.google.com/calendar/event?eid=MHE1ZXVpczAyZnAyOG9wcGluOTZiczI2NDEgY184ODRkZWNkZTVhMTUyOTAyYmI1MWE2MmY4OTU1MGQwZjM3NDg0ODQ1MzRmMDhjNjM3OTJmMmU2NTRmMmE3ZWJjQGc&ctz=UTC

#OWASP #SBOM #CycloneDX #EO14028

Dependency-Track Community Meeting

OWASP CycloneDXJan 24, 2024
Carlos HolgueraJan 18, 2024

📢 NEW RELEASE: OWASP MASVS v2.1.0

Including MASVS-PRIVACY and @CycloneDX

https://github.com/OWASP/owasp-masvs/releases/tag/v2.1.0

https://mas.owasp.org/MASVS/12-MASVS-PRIVACY/

Thanks to everyone who gave feedback, all our contributors and donators! Special thanks to our MAS Advocate NowSecure for their huge contribution with human power!

#privacy #mobilesecurity

Release v2.1.0 · OWASP/owasp-masvs

Introducing MASVS-PRIVACY After collecting and processing all feedback from the MASVS-PRIVACY Proposal we're releasing the new MASVS-PRIVACY category. The main goal of MASVS-PRIVACY is to provi...

GitHub