Integrate the CycloneDX Gradle Plugin with Vulnetix. Generate a CycloneDX SBOM from your Gradle project, then upload to Vulnetix.
CLI toolCycloneDX
Install & scan
$ # Add to build.gradle (Groovy) or build.gradle.kts (Kotlin):
# plugins { id 'org.cyclonedx.bom' version '1.10.0' }
$ ./gradlew cyclonedxBom
Run CycloneDX Gradle Plugin in CI
Scan on every push and upload the results to Vulnetix:
- name: Generate CycloneDX SBOM run: ./gradlew cyclonedxBom - name: Upload to Vulnetix run: vulnetix upload --file build/reports/bom.json
Centralise CycloneDX Gradle Plugin results in Vulnetix
Upload CycloneDX Gradle Plugin CycloneDX output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.
CycloneDX Gradle Plugin documentation ↗ · Source repository ↗