OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and VEX
Identity evidence has many methods, each with a technique, confidence score, and associated value of the evidence. What is missing, is the concluded value from all of the methods.
The example above concludes that the combination of the two methods results in a specific CPE. The proposal is to add concludedValue so that this can be expressed.
Identity evidence has many methods, each with a technique, confidence score, and associated value of the evidence. What is missing, is the concluded value from all of the methods.
For example:
The example above concludes that the combination of the two methods results in a specific CPE. The proposal is to add
concludedValue
so that this can be expressed.