/bom-examples

A repository with examples of CycloneDX BOMs (SBOM, SaaSBOM, OBOM, VEX, etc)

Creative Commons Zero v1.0 UniversalCC0-1.0

Website Slack Invite Group Discussion Twitter

CycloneDX BOM Examples

CycloneDX was designed from the ground-up to be a Bill of Materials (BOM) format, capable of capturing complex inventory information for a wide range of cybersecurity and software supply chain use cases.

This repository contains example CycloneDX Bill of Materials (BOM) created from various open source projects. Examples are categorized by different BOM types including:

BOM Type Description
CBOM Cryptography Bill of Materials
HBOM Hardware Bill of Materials
OBOM Operations Bill of Materials
SaaSBOM Software-as-a-Service Bill of Materials
SBOM Software Bill of Materials
VDR Vulnerability Disclosure Report
VEX Vulnerability Exploitability eXchange

When possible, the BOMs conform to the latest version of the CycloneDX specification.

High-Level Object Model

CycloneDX Object Model Swimlane