Skip to content

Commit 0d40632

Browse files
msymonsmsymons
authored
Update Description
CycloneDX should no longer be described as lightweight! Signed-off-by: Mark Symons <[email protected]>
1 parent 9b04a94 commit 0d40632

File tree

1 file changed

+10
-5
lines changed

1 file changed

+10
-5
lines changed

README.md

Lines changed: 10 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -6,8 +6,13 @@
66
[![Twitter](https://img.shields.io/twitter/url/http/shields.io.svg?style=social&label=Follow)](https://twitter.com/CycloneDX_Spec)
77

88
# CycloneDX Specification
9-
CycloneDX is a lightweight Software Bill of Materials (SBOM) specification designed for use in application security
10-
contexts and supply chain component analysis.
9+
OWASP CycloneDX is a full-stack Bill of Materials (BOM) standard that provides advanced supply chain capabilities for cyber risk reduction. The specification supports:
10+
* Software Bill of Materials (SBOM)
11+
* Software-as-a-Service Bill of Materials (SaaSBOM)
12+
* Hardware Bill of Materials (HBOM)
13+
* Operations Bill of Materials (OBOM)
14+
* Vulnerability Disclosure Reports (VDR)
15+
* Vulnerability Exploitability eXchange (VEX).
1116

1217

1318
## Introduction
@@ -17,8 +22,8 @@ organizations to identify risk, allows for greater transparency, and enables rap
1722

1823
CycloneDX was created for this purpose.
1924

20-
Strategic direction and maintenance of the specification is managed by the CycloneDX Core working group, with origins
21-
in the [OWASP](https://owasp.org) community.
25+
Strategic direction and maintenance of the specification is managed by the CycloneDX Core Working Group, is backed by the
26+
[OWASP Foundation](https://owasp.org), and is supported by the global information security community.
2227

2328

2429
## Use Cases
@@ -40,7 +45,7 @@ The following media types are officially registered with IANA:
4045
| application/vnd.cyclonedx+xml | XML | [IANA](https://www.iana.org/assignments/media-types/application/vnd.cyclonedx+xml) |
4146
| application/vnd.cyclonedx+json | JSON | [IANA](https://www.iana.org/assignments/media-types/application/vnd.cyclonedx+json) |
4247

43-
Specific versions of CycloneDX can be specified by using the version parameter. i.e. `application/vnd.cyclonedx+xml; version=1.3`.
48+
Specific versions of CycloneDX can be specified by using the version parameter. For example: `application/vnd.cyclonedx+xml; version=1.3`.
4449

4550
The officially supported media type for Protocol Buffer format is `application/x.vnd.cyclonedx+protobuf`.
4651

0 commit comments

Comments
 (0)