cyclonedx topic
grype
A vulnerability scanner for container images and filesystems
dependency-track
Dependency-Track is an intelligent Component Analysis platform that allows organizations to identify and reduce risk in the software supply chain.
specification
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. SBOM, SaaSBOM, HBOM, AI/ML-BOM, CBOM, OBOM, MBOM, VDR, and V...
cyclonedx-maven-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Maven projects
syft
CLI tool and library for generating a Software Bill of Materials from container images and filesystems
cyclonedx-gradle-plugin
Creates CycloneDX Software Bill of Materials (SBOM) from Gradle projects
bomber
Scans Software Bill of Materials (SBOMs) for security vulnerabilities
cyclonedx-node-module
creates CycloneDX Software-Bill-of-Materials (SBOM) from node-based projects
cyclonedx-python
CycloneDX Software Bill of Materials (SBOM) generator for Python projects and environments
cyclonedx-dotnet
Creates CycloneDX Software Bill of Materials (SBOM) from .NET Projects