Integrate the CycloneDX Maven Plugin with Vulnetix. Generate a CycloneDX SBOM from your Maven project including all dependencies, then upload to Vulnetix.
CLI toolCycloneDX
Install & scan
$ # No separate install required — invoke directly via Maven # Or add to pom.xml for persistent configuration: # <plugin> # <groupId>org.cyclonedx</groupId> # <artifactId>cyclonedx-maven-plugin</artifactId> # <version>2.9.1</version> # </plugin> $ mvn org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom
Run CycloneDX Maven Plugin in CI
Scan on every push and upload the results to Vulnetix:
- name: Generate CycloneDX SBOM run: mvn org.cyclonedx:cyclonedx-maven-plugin:makeAggregateBom -DoutputFormat=json - name: Upload to Vulnetix run: vulnetix upload --file target/bom.json
Centralise CycloneDX Maven Plugin results in Vulnetix
Upload CycloneDX Maven Plugin CycloneDX output to the Vulnetix platform to deduplicate findings, prioritise them with EPSS, CISA KEV and Coalition ESS exploit intelligence, and track remediation across every scanner in a single queue.
CycloneDX Maven Plugin documentation ↗ · Source repository ↗