MOM Call 3: Oct 30, 2025

Overview

The OWASP AIBOM Weekly Call on November 4, 2023, discussed the project’s progress and new member introductions. Aruneesh Salhotra and Raymond Sheh emphasized the importance of OWASP membership for project contributors. Anmol Kumar updated on the prerequisites workstream, highlighting the need for AI dataset versioning and metadata enhancements. Yuvaraj Govindarajulu discussed the tooling workstream’s goal of creating an MVP to integrate AI bill of materials into existing tools. The team also reviewed the project’s growth, including 31 new LinkedIn followers and increased Slack activity. New members, including Raymond Sheh and Arthit Suriyawongkul, shared their backgrounds and contributions.

Action Items

• Anmol to join the SPDX AI calls to stay up-to-date on the latest developments in data set versioning.
• Aruneesh to ensure the work stream information is clearly listed and accessible on the project website.

Outline

Introductions and Meeting Setup

• Aruneesh Salhotra and Raymond Sheh greet everyone and discuss the new member joining.
• Aruneesh Salhotra mentions the possibility of a holiday week affecting attendance.
• Raymond Sheh talks about the general elections in the United States and his own voting experience.
• Aruneesh Salhotra and Raymond Sheh discuss the need for new members to join and be approved for the AIBOM OWASP project.

Membership and Onboarding Process

• Anmol Kumar explains the onboarding process, which involves filling out a Google Form to get a Zoom invite.
• Raymond Sheh mentions not receiving a confirmation email for his Google Form submission.
• Aruneesh Salhotra clarifies that anyone with an interest in AI and related areas can join the project.
• Discussion on the benefits of becoming an OWASP member, especially for workstream leads.

Project Roadmap and Meeting Agenda

• Aruneesh Salhotra outlines the meeting agenda: project roadmap updates, leadership updates, and workstream updates.
• Aruneesh Salhotra mentions the project’s growth, including new followers on LinkedIn and increased Slack activity.
• Discussion on the importance of having a clear project roadmap and timelines.
• Aruneesh Salhotra highlights the need for a balanced approach between OWASP and other formats like SPDX and CycloneDX.

Workstream Overview and Updates

• Aruneesh Salhotra provides an overview of the eight workstreams: prerequisites, formats, tooling, sponsorship, integrity, policy, alliances, and promotion.
• Yuvi explains the foundational best practices workstream and its focus on creating a minimal set of best practices.
• Discussion on the importance of aligning the project with existing standards like SPDX and CycloneDX.
• Anmol Kumar provides an update on the prerequisites workstream, focusing on data set versioning and the need for structured metadata.

Tooling and Content Workstreams

• Yuvi discusses the tooling workstream’s goal of creating an MVP to demonstrate AI bill of material formats in existing tools.
• Arthit Suriyawongkul suggests looking into existing schemas and formats developed by the British Standards Institute.
• Raymond Sheh emphasizes the importance of coordinating efforts with other tooling projects like SPDX to avoid duplicating work.
• Aruneesh Salhotra suggests adding links to the project’s goals and objectives on the public-facing website.

Content and Webpage Improvements

• Anmol Kumar provides an update on the webpage improvements, including adding tabs and making the content clearer.
• Discussion on the need for a modern, user-friendly website to better represent the project.
• Aruneesh Salhotra emphasizes the importance of having a clear and accessible website for new members and stakeholders.
• The team discusses the need for ongoing improvements and updates to the website based on feedback and suggestions.