Standards bodies, open-source projects, and commercial vendors are already building meaningful momentum for realizing the promise of AI BOM.

OWASP, with its CycloneDX SBOM standard, and the Linux Foundation, with its SPDX standard, have both released AI-specific extensions. The OWASP AI SBOM Initiative holds weekly open meetings and has developed the OWASP AI BOM Generator, the first open-source tool to automatically generate AIBOMs from Hugging Face models in CycloneDX format. And the SPDX standard added dedicated AI and dataset profiles in version 3.0, providing field mappings for model training and data provenance. Meanwhile, the OpenSSF AI/ML Working Group formalized a model-signing specification in 2025, with contributions from Google, HiddenLayer, and NVIDIA. Additionally, CISA’s AI SBOM Tiger Team published foundational guidance in 2025, though the agency’s significant personnel cuts this year have cast uncertainty over many of its ongoing initiatives. 

Related:Is 2026 the Year AI Bills of Materials Get Real?

On the commercial side, vendors are adding AI BOM capabilities to their platforms. Manifest Cyber released its AI supply chain security product in summer 2025, developed in partnership with major IT, defense, and automotive companies, and has been running an AIBOM generator for over 18 months. Cycode launched AI & ML Inventory and AI BOM generation in October 2025 as part of its application security posture management platform. JFrog is extending its platform to manage AI models with the same rigor as software artifacts, unveiling a Universal MCP Registry in March 2026. Apiiro and others are building similar integrations. Academic work is progressing too — a January 2026 paper introduced AIBoMGen, a proof-of-concept platform for generating cryptographically signed AIBOMs during model training.

Regulatory pressure is also adding a sense of urgency. The EU AI Act comes into full effect in August 2026, with documentation requirements that align directly with AI BOM content. Organizations deploying high-risk AI systems must have conformity assessments completed, technical documentation finalized, and EU database registration in place by that date. The act specifically requires logging capabilities that cover situations where the system might present a risk, data for post-market monitoring, and operational monitoring by deployers, all of which align with the provenance and telemetry documentation that AI BOMs are designed to capture.

US regulators are moving too. New language in the FY26 National Defense Authorization Act requires vendors selling software to the DoD to account for AI components in their SBOMs — effectively mandating AI BOMs for defense contractors. Additionally, the SEC has identified AI governance as an examination priority for 2026, and examiners are asking pointed questions about AI policies and governance even without new dedicated rules. 

Plus, cyber insurers are following the same playbook they used after ransomware reshaped underwriting in 2021. Carriers are beginning to condition coverage on AI governance documentation, treating the absence of a model inventory as a risk signal rather than an oversight. CyberCube’s April 2026 Global Threat Briefing recommends that underwriters evaluate “the governance of AI agents, including permissions, API scope control, logging, and segregation of duties.” These are the kinds of controls that agentic-ready AI BOMs could help organizations document and demonstrate.

AI BOM adoption remains largely aspirational as the industry races to define standards and build practical tooling before regulatory deadlines hit. Read Is 2026 the Year AI Bill of Materials Get Real? to see how security leaders are addressing the current visibility challenges. 





Source link

#

Comments are closed