From 66739344d4d9d435d642df3d2553d83befaa0da5 Mon Sep 17 00:00:00 2001
From: "steve.springett" <steve.springett@servicenow.com>
Date: Mon, 16 Dec 2024 14:46:19 -0600
Subject: [PATCH] Initial commit

Signed-off-by: steve.springett <steve.springett@servicenow.com>
---
 MBOM/0x01-Frontispiece.md | 39 +++++++++++++++++++++++++++++++++++++++
 MBOM/0x02-Preface.md      | 31 +++++++++++++++++++++++++++++++
 MBOM/0x03-History.md      |  7 +++++++
 MBOM/0x10-Introduction.md | 11 +++++++++++
 4 files changed, 88 insertions(+)
 create mode 100644 MBOM/0x01-Frontispiece.md
 create mode 100644 MBOM/0x02-Preface.md
 create mode 100644 MBOM/0x03-History.md
 create mode 100644 MBOM/0x10-Introduction.md

diff --git a/MBOM/0x01-Frontispiece.md b/MBOM/0x01-Frontispiece.md
new file mode 100644
index 0000000..9ef301a
--- /dev/null
+++ b/MBOM/0x01-Frontispiece.md
@@ -0,0 +1,39 @@
+<div style="page-break-after: always; visibility: hidden">
+\newpage
+</div>
+# Frontispiece
+
+## About the Guide
+CycloneDX is a modern standard for the software supply chain. It has been ratified as [ECMA-424](https://ecma-international.org/publications-and-standards/standards/ecma-424/) by Ecma International.
+
+The content in this guide results from continuous community feedback and input from leading experts in the software
+supply chain security field. This guide would not be possible without valuable feedback from the CycloneDX Industry
+Working Group (IWG), the CycloneDX Core Working Group (CWG), the many CycloneDX Feature Working Groups (FWG),
+Ecma International Technical Committee 54, and a global network of contributors and supporters.
+
+## Copyright and License
+
+![license](../../images/license.svg)
+
+Copyright © 2025 The OWASP Foundation. 
+
+This document is released under the [Creative Commons Attribution 4.0 International](https://creativecommons.org/licenses/by/4.0/).
+For any reuse or distribution, you must make clear to others the license terms of this work.
+
+<div style="page-break-after: always; visibility: hidden">
+\emptyparagraph
+</div>
+
+First Edition, 00 Month 2025
+
+<div style="page-break-after: always; visibility: hidden">
+\emptyparagraph
+</div>
+
+| Version        | Changes                    | Updated On | Updated By                   |
+|----------------|----------------------------|------------|------------------------------|
+| First Edition  | Initial Release            | 2025-xx-xx | CycloneDX Core Working Group |
+
+<div style="page-break-after: always; visibility: hidden">
+\newpage
+</div>
diff --git a/MBOM/0x02-Preface.md b/MBOM/0x02-Preface.md
new file mode 100644
index 0000000..2599720
--- /dev/null
+++ b/MBOM/0x02-Preface.md
@@ -0,0 +1,31 @@
+# Preface
+
+Welcome to the Authoritative Guide series by the OWASP Foundation and OWASP CycloneDX. In this series, we aim to
+provide comprehensive insights and practical guidance, ensuring that security professionals, developers, and
+organizations alike have access to the latest best practices and methodologies.
+
+At the heart of the OWASP Foundation lies a commitment to inclusivity and openness. We firmly believe that everyone
+deserves a seat at the table when it comes to shaping the future of cybersecurity standards. Our collaborative
+model fosters an environment where diverse perspectives converge to drive innovation and excellence.
+
+In line with this ethos, the OWASP Foundation has partnered with Ecma International to create an inclusive,
+community-driven ecosystem for security standards development. This collaboration empowers individuals to contribute
+their expertise and insights, ensuring that standards like CycloneDX reflect the collective wisdom of the global
+cybersecurity community.
+
+One standout example of this model is OWASP CycloneDX, which has been ratified as an Ecma International standard and is 
+now known as ECMA-424. By leveraging the strengths of both organizations, CycloneDX serves as a cornerstone of security 
+best practices, providing organizations with a universal standard for software and system transparency.
+
+As you embark on your journey through this Authoritative Guide, we encourage you to engage actively with the content
+and join us in shaping the future of cybersecurity standards. Together, we can build a safer and more resilient digital
+world for all.
+
+---
+
+Andrew van der Stock  
+Executive Director, OWASP Foundation
+
+<div style="page-break-after: always; visibility: hidden">
+\newpage
+</div>
diff --git a/MBOM/0x03-History.md b/MBOM/0x03-History.md
new file mode 100644
index 0000000..0412369
--- /dev/null
+++ b/MBOM/0x03-History.md
@@ -0,0 +1,7 @@
+# The Innovative History of OWASP CycloneDX
+
+OWASP CycloneDX has carved a legacy steeped in innovation, collaboration, and a commitment to openness. OWASP
+continues to advance software and system transparency standards, prioritizing capabilities that facilitate risk reduction.
+
+![Timeline](../../images/CycloneDX-History-Timeline.svg)  
+_Source: [https://tc54.org/history](https://tc54.org/history)_
diff --git a/MBOM/0x10-Introduction.md b/MBOM/0x10-Introduction.md
new file mode 100644
index 0000000..fbcfe0d
--- /dev/null
+++ b/MBOM/0x10-Introduction.md
@@ -0,0 +1,11 @@
+# Introduction
+CycloneDX is a modern standard for the software supply chain. At its core, CycloneDX is a general-purpose Bill of
+Materials (BOM) standard capable of representing software, hardware, services, and other types of inventory. CycloneDX 
+is an OWASP flagship project, has a formal standardization process and governance model through 
+[Ecma Technical Committee 54](https://tc54.org), and is supported by the global information security community.
+
+TODO
+
+<div style="page-break-after: always; visibility: hidden">
+\newpage
+</div>