Mend.io has launched Mend AI, a tool dedicated to securing AI models and AI-generated code in response to the increasing integration of artificial intelligence in software development. The tool aims to provide transparency, insights, and support for security and compliance teams in managing AI components within their codebases.
Mend.io, an established name in application security, has announced the launch of Mend AI, a tool aimed at addressing the current challenges in AI security. Designed to identify, track, and secure AI models and AI-generated code, this tool emerges in response to the growing integration of artificial intelligence in software development and the concomitant security and regulatory concerns.
The new offering comes amid an increasing trend where developers are leveraging platforms like Hugging Face for pre-trained AI models and large language models (LLMs) to generate functionalities and programmes. However, security measures for these AI components have lagged behind, leading to vulnerabilities that organisations are striving to address.
“Understanding the components within their codebases is critical for organisations using AI,” remarked Rami Sass, co-founder and CEO of Mend.io. He went on to explain that Mend AI can identify and provide critical information, including license, version, and security notices, for over 350,000 AI models currently indexed on Hugging Face, which is considered the most popular open-source AI library and community.
Mend AI aims to increase transparency through advanced bill of materials (BOM) support tailored for AI models. This AI-BOM provides a comprehensive overview of direct, transitive, and artificial intelligence components and dependencies used in applications. The introduction of Mend AI is also an enhancement to Mend SCA, a well-regarded software composition analysis tool, now extended to cover the AI aspects of the software supply chain.
The tool’s insights are designed to help security and compliance teams maintain an accurate inventory of AI usage within their codebase, ensuring the deployment of the latest and most secure versions of AI models. Furthermore, it aids in making informed policy and governance decisions, an aspect of growing importance given the evolving legal and regulatory frameworks around AI.
As AI technology and related vulnerability tracking frameworks continue to develop, Mend.io has committed to evolving Mend AI alongside its other products to address these emerging security challenges. This move appears to be part of a broader trend within tech companies to bolster the security and compliance aspects of their AI and software development tools.
Mend.io, recognised for its suite of application security tools used by leading companies such as IBM, Google, and Capital One, is positioning Mend AI as a solution to bridge the security gap between rapid AI innovation and stringent security requirements. The company’s approach emphasises providing developers and security teams with distinct yet complementary tools to manage application risks more proactively.
For additional information on Mend AI, more details can be found on the company’s website.
Contact:
Marc Brailov, Mend.io
Phone: +1 630-390-4198
Email: [email protected]
Website: https://www.mend.io
