Glossary
CycloneDX
What Is CycloneDX?
CycloneDX is an open standard, maintained by OWASP, for representing software bills of materials and related supply chain artifacts — including SBOMs, VEX statements, AI-BOMs, and CBOMs — in a structured, machine-readable format.
CycloneDX is the other major SBOM format alongside SPDX, with particular strength in extensions for AI components and cryptographic inventories. NetRise Turbine produces CycloneDX-formatted SBOMs, AI-BOM data, and CBOM exports (CycloneDX 1.6 for cryptographic elements).
Related Terms
Software Bill of Materials · SPDX · AI Bill of Materials · Cryptographic Bill of Materials · Vulnerability Exploitability eXchange


