◈ AI Security Intelligence ← All terms
Governance  ·  Glossary

Software Bill of Materials (SBOM) for AI

Definition
A formal inventory of all components in an AI system—including training data sources, model versions, dependencies, and external tools used by agents. An AI SBOM provides transparency into what is inside the AI system and enables risk assessment of the supply chain.
Why it matters
Buyers and regulators increasingly require AI SBOMs to understand what data trained a model, whether it contains proprietary or harmful material, and whether dependencies are compromised. An AI SBOM is the foundation for due diligence and compliance.
Demonstrated by recent findings
OWASP Dependency-Track 5.0 Generally Available — Enterprise-Scale SBOM Platform with AI/ML Model Inventory and Supply Chain Integrity VerificationCISA + G7 Joint Guidance: "Software Bill of Materials for AI – Minimum Elements"
References
OWASP Dependency-Track 5.0NIST SP 800-161r1 — Cybersecurity Supply Chain Risk ManagementCISA + G7 Joint Guidance: Software Bill of Materials for AI – Minimum Elements
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →