AI Supply Chain Security
Important
This scanner is only for select early adopters. This section will be updated as features are developed.
AI Supply Chain Security (AISC) provides clear insight into the AI components embedded throughout your software. As AI becomes a foundational part of modern development, it is increasingly difficult to know which models, agents, prompts, datasets, vector stores, and MCP components are present in your code or how they are being used. This lack of visibility creates Shadow AI inside the code itself, introducing untracked dependencies, unclear data flows, and compliance challenges.
AISC addresses this problem by discovering and classifying AI assets directly from your code and configuration. It detects a representative set of AI components, including:
AI models (pre-trained/fine-tuned): recognized through standard loading calls and references to model artifacts or repositories
AI Libraries (Core ML): Core ML frameworks. (ex: PyTorch, TensorFlow, scikit-learn.)
AI SDKs: Packages used to interact with LLM APIs and manage authentication, requests, streaming, and responses (ex: .openai SDK, anthropic SDK, vertexai lib, cohere client, huggingface_hub API clients)
With AISC, you gain the visibility needed to uncover hidden AI exposure, evaluate risk early, and apply governance with confidence, bringing transparency and control to your AI-enabled projects.