Mend.io introduces Mend AI to address the growing concerns surrounding AI security in software development. The tool aims to identify, track, and secure AI models and code, filling a crucial gap in current AI usage practices.
Mend.io Rolls Out Tool to Address Emerging AI Security Concerns
TEL AVIV, Israel and BOSTON, June 10, 2024 – In response to growing concerns over the security of artificial intelligence (AI) in software development, Mend.io has announced the launch of Mend AI. This new tool aims to identify, track, and secure AI models and AI-generated code, addressing a significant gap in current AI usage practices.
AI technology has rapidly evolved over recent years, offering vast potential for innovative software development. Platforms like Hugging Face provide developers with access to pre-trained AI models, and large language models (LLMs) allow for the creation of AI-generated functions and programs. However, security protocols surrounding the use of these AI components have not advanced at the same pace, leading to potential vulnerabilities.
“Just as organizations need to understand the open-source components in their software, they also need a clear picture of the AI elements they are using,” explained Rami Sass, co-founder and CEO of Mend.io. “Mend AI offers the ability to identify and provide detailed information about AI models, including their licenses, versions, and any associated security notices.”
One of the key features of Mend AI is its ability to index over 350,000 AI models from Hugging Face, which is a prominent open-source AI library and community. This indexing function is intended to help organisations ensure they are using secure and up-to-date AI models in their software.
Additionally, Mend AI offers increased transparency for developers through advanced bill of materials (BOM) support for AI models. The AI-BOM provides a comprehensive overview of all direct, transitive, and AI components and dependencies present within an application. This feature enhances Mend.io’s existing software composition analysis (SCA) tool by incorporating AI-based elements within the modern software supply chain.
The insights provided by Mend AI are intended to support security and compliance teams in tracking AI usage within their codebases. This enables them to ensure that the latest and most secure versions of AI models are being employed, thereby aiding in the formulation of informed policy and governance decisions. As the landscape of AI technology and vulnerability tracking frameworks evolves, Mend.io plans to update Mend AI accordingly to address future security challenges.
The move comes amid increasing scrutiny from governments and businesses to manage AI development responsibly and securely. With regulatory frameworks still in development, tools like Mend AI could play a crucial role in helping organizations remain compliant while leveraging AI’s benefits.
Mend.io is known for its suite of application security tools, which aims to assist organizations in developing proactive application security (AppSec) programmes. Their portfolio is used by several leading companies, including IBM, Google, and Capital One, and is designed to address the varying needs of developers and security teams.
For further information on Mend AI, visit the Mend.io website.
Contact Information:
Marc Brailov, Mend.io
Phone: 1 630-390-4198
Email: [email protected]
About Mend.io:
Mend.io provides a suite of application security tools utilised by some of the world’s leading companies. Their solutions are designed to help organisations build and manage mature AppSec programmes, offering different tools tailored to the needs of both developers and security teams.
