An open standard capable of representing systems with software components in as SBOMs (Software Bill of Materials) and other AI, data and security references supporting a range of risk management use cases.
The SPDX specification is a freely available international open standard (ISO/IEC 5692:2021).
SPDX is organized in areas of interest or profiles focused on specific user needs.
Sep 4, 2024
Check out this great new Linux Foundation paper on implementing SBOMs and how it helps with license compliance and application security. Author Ibrahim Haddid provides great insights into this important topic. SPDX is prominently featured.
Jul 9, 2024
In case you missed it, the Linux Foundation excitedly announced the latest version of SPDX. It's a great summary of the cool new architecture, use cases and features.
