Skip to content

A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)

License

Notifications You must be signed in to change notification settings

CycloneDX/bom-examples

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Website Slack Invite Group Discussion Twitter

CycloneDX BOM Examples

CycloneDX was designed from the ground-up to be a Bill of Materials (BOM) format, capable of capturing complex inventory information for a wide range of cybersecurity and software supply chain use cases.

This repository contains example CycloneDX Bill of Materials (BOM) created from various open source projects. Examples are categorized by different BOM types including:

BOM Type Description
CBOM Cryptography Bill of Materials
HBOM Hardware Bill of Materials
OBOM Operations Bill of Materials
SaaSBOM Software-as-a-Service Bill of Materials
SBOM Software Bill of Materials
VDR Vulnerability Disclosure Report
VEX Vulnerability Exploitability eXchange

When possible, the BOMs conform to the latest version of the CycloneDX specification.

High-Level Object Model

CycloneDX Object Model Swimlane