Learn the latest about CycloneDX. Explore our announcements, press coverage, and more.https://cyclonedx.orghttps://cyclonedx.orghttps://cyclonedx.org/images/CycloneDX-Social-Card.pngen-ushttps://cyclonedx.org/news/cyclonedx-v1.3-releasedhttps://cyclonedx.org/news/cyclonedx-v1.3-releasedContinuing our risk-based approach to standards development, CycloneDX v1.3 includes several backward-compatible improvements including Compositions which describe the completeness of inventory and relationships, support for describing evidence of copyright statements and additional licenses, support for Protocol Buffers (protobuf) for highly efficient machine-to-machine transport, and support for Properties which is a name/value store allowing easy extensibility of the spec.Tue, 04 May 2021 00:00:00 GMThttps://cyclonedx.org/news/cyclonedx-joins-owasp_foundationhttps://cyclonedx.org/news/cyclonedx-joins-owasp_foundationThe CycloneDX project, creators of the leading Software Bill of Materials (SBOM) format, announced they will be joining OWASP Foundation as a Flagship Project. This move will provide resources to the CycloneDX project while strengthening OWASP as the leading non-profit security organization providing tools, documentation, and standards.Fri, 11 Jun 2021 00:00:00 GMThttps://cyclonedx.org/news/cyclonedx-v1.4-releasedhttps://cyclonedx.org/news/cyclonedx-v1.4-releasedCycloneDX adds the ability to communicate vulnerabilities and their exploitability for software defined in a bill of materials. This capability, known as Vulnerability Exploitability Exchange (VEX), works with SBOMs, forming a comprehensive view of possible risk. Together, the combination of SBOM and VEX can significantly reduce the efforts and costs associated with vulnerability managementWed, 12 Jan 2022 00:00:00 GMThttps://cyclonedx.org/news/cyclonedx-launches-learning-serieshttps://cyclonedx.org/news/cyclonedx-launches-learning-seriesThe OWASP CycloneDX project, creators of the leading Software Bill of Materials (SBOM) format, announced the immediate availability of the CycloneDX Learning Series. The series of short-form content provides an easy path to explore and learn the CycloneDX SBOM standard.Mon, 16 Aug 2021 00:00:00 GMThttps://cyclonedx.org/news/owasp-cyclonedx-launches-sbom-exchange-api--standardizing-sbom-distributionhttps://cyclonedx.org/news/owasp-cyclonedx-launches-sbom-exchange-api--standardizing-sbom-distributionOWASP CycloneDX launched a BOM Exchange API aimed at solving a critical component necessary to operationalize software bill of materials (SBOM). The API standardizes how BOMs are published and retrieved independent of software ecosystem.Thu, 12 May 2022 00:00:00 GMThttps://cyclonedx.org/news/ibm-contributes-two-open-source-projects-sbom-utility-and-license-scanner-to-cyclonedxhttps://cyclonedx.org/news/ibm-contributes-two-open-source-projects-sbom-utility-and-license-scanner-to-cyclonedxToday, OWASP and IBM announced IBM’s contribution of two open source projects, SBOM Utility and License Scanner, to CycloneDX, a flagship OWASP project and a leading Bill of Materials (BOM) standard. These projects promote the validation, content analysis and accuracy of software license information included within BOMs in support of increasing trust across open hardware and software supply chains.Wed, 01 Mar 2023 00:00:00 GMThttps://cyclonedx.org/news/cyclonedx-v1.5-releasedhttps://cyclonedx.org/news/cyclonedx-v1.5-releasedCycloneDX v1.5 sets a new benchmark by incorporating Machine Learning transparency (ML-BOM), Formulation (MBOM), and enhanced support for Software Bill of Materials (SBOM) quality indicators, including evidence and lifecycles embracing both the Software Development Lifecycle (SDLC) and enterprise Software Asset Management (SAM).Mon, 26 Jun 2023 00:00:00 GMThttps://cyclonedx.org/news/OWASP-Foundation-Joins-Ecma-International-to-Drive-Software-Transparency-and-Standardization-of-OWASP-CycloneDXhttps://cyclonedx.org/news/OWASP-Foundation-Joins-Ecma-International-to-Drive-Software-Transparency-and-Standardization-of-OWASP-CycloneDXThe OWASP Foundation, the global non-profit organization dedicated to improving the security of software, is thrilled to announce its membership in Ecma International, a leading standards development organization.Thu, 12 Oct 2023 00:00:00 GMThttps://cyclonedx.org/news/cyclonedx-v1.6-now-an-ecma-international-standardhttps://cyclonedx.org/news/cyclonedx-v1.6-now-an-ecma-international-standardThis milestone sets the stage for CycloneDX Bill of materials being available as a global xBOM (Bill of Materials) standard for use across multiple domains. CycloneDX is proud to be an OWASP Flagship standards project, and in a community development model with Ecma International’s TC54, underscoring its importance and impact in the industry.Mon, 01 Jul 2024 00:00:00 GMThttps://cyclonedx.org/news/cyclonedx-v1.6-releasedhttps://cyclonedx.org/news/cyclonedx-v1.6-releasedOWASP Foundation today announced the availability of CycloneDX v1.6. This significant release strengthens software supply chain security with the introduction of two innovative capabilities: Cryptographic Bill of Materials (CBOM) and CycloneDX Attestations (CDXA).Tue, 09 Apr 2024 00:00:00 GMThttps://cyclonedx.org/news/cyclonedx-v1.7-releasedhttps://cyclonedx.org/news/cyclonedx-v1.7-releasedThe CycloneDX Core Working Group is proud to announce the release of CycloneDX v1.7, the final version in the 1.x series and a milestone in the evolution of software and system transparency.Tue, 21 Oct 2025 00:00:00 GMT