AI systems are evolving rapidly, creating challenges for security programs. Cisco’s AI Bill of Materials (AI BOM), part of Cisco AI Defense, addresses this by providing a comprehensive inventory of AI assets. Unlike traditional Software Bills of Materials (SBOM), which focus on packages, AI BOM offers deep visibility into AI-specific components such as models, agents, tools, and workflows. It identifies and maps these assets through codebase and container scans, establishing a clear dependency graph essential for security and governance.
This innovative tool aids organizations in managing AI supply chain risks by pinpointing unauthorized models, shadow tools, and incomplete audit trails. Cisco’s AI Defense enhances AI application security through discovery, detection, and protection strategies, ensuring a consistent approach to safeguarding AI applications. As an open-source utility, AI BOM invites community contributions and integration into developer workflows, reinforcing its role in securing the AI lifecycle. Explore more on GitHub: https://github.com/cisco-ai-defense/aibom.
Source link
