AI
AI
AI
Sonatype adds new tools to secure open-source AI and ML models in software supply chains
Software supply chain management firm Sonatype Inc. today announced new capabilities to help organizations securely integrate, manage and govern open-source artificial intelligence and machine learning models through the software development lifecycle, as well as data training and deployment processes.
The new capabilities seek to address the challenges arising from the growing use of open-source AI and machine learning models within customer software supply chains. Sonatype argues that the same challenges that apply to traditional open-source software consumption, including dependency management and open-source malware, also apply to AI, machine learning and large language models.
To manage open-source AI and machine learning usage in software supply chains, Sonatype now provides proactive defense against malicious AI models. The platform blocks harmful models from entering repositories before they can cause damage, helping teams maintain a secure development environment.
Sonatype also offers centralized access to AI and machine learning models through Hugging Face proxy repositories to allow development teams to efficiently store and manage models as part of their modern DevOps workflows.
On the policy management front, Sonatype now enables organizations to detect AI and machine learning components and scan Hugging Face models while setting usage policies. Doing so gives developers the flexibility to select safe, compliant models with full visibility into how they are used.
Additionally, Sonatype now delivers enterprise-grade observability and compliance for AI and machine learning models to strengthen security strategies and help organizations stay aligned with global regulations as AI adoption grows.
“It has never been easier for organizations to integrate open-source AI models into software,” said Brian Fox, co-founder and chief technology officer at Sonatype. “But with open source, AI consumption comes the same risk facing users of traditional open source.”
Fox, along with Tyler Warden, senior vice president of product at Sonatype, spoke with theCUBE, SiliconANGLE Media’s livestream studio, in March 2024, when they discussed the company’s approach to the software lifecycle and bill of materials.
Image: SiliconANGLE/Ideogram
A message from John Furrier, co-founder of SiliconANGLE:
Your vote of support is important to us and it helps us keep the content FREE.
One click below supports our mission to provide free, deep, and relevant content.
Join our community on YouTube
Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.
THANK YOU
