CycloneDX / bom-examples

A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)
https://cyclonedx.org
Creative Commons Zero v1.0 Universal
174 stars 61 forks source link
bill-of-materials bom cyclonedx mbom obom owasp saasbom sbom sbom-examples software-bill-of-materials vex

Website Slack Invite Group Discussion Twitter

CycloneDX BOM Examples

CycloneDX was designed from the ground-up to be a Bill of Materials (BOM) format, capable of capturing complex inventory information for a wide range of cybersecurity and software supply chain use cases.

This repository contains example CycloneDX Bill of Materials (BOM) created from various open source projects. Examples are categorized by different BOM types including:

BOM Type Description
CBOM Cryptography Bill of Materials
HBOM Hardware Bill of Materials
OBOM Operations Bill of Materials
SaaSBOM Software-as-a-Service Bill of Materials
SBOM Software Bill of Materials
VDR Vulnerability Disclosure Report
VEX Vulnerability Exploitability eXchange

When possible, the BOMs conform to the latest version of the CycloneDX specification.

High-Level Object Model

CycloneDX Object Model Swimlane