SBOMator AI/ML Add-on

SBOMator AI/ML SBOM Add-on — Coming Soon · ESL
Coming Soon

AI/ML SBOM Add-on

Bring AI transparency to your software supply chain. Our upcoming AI/ML SBOM Add-on extends SBOMator with the elements regulators now expect for AI-enabled products — aligned with the G7 SBOM for AI — Minimum Elements (2026).

G7
Aligned
3
Checking Levels
100%
Air-Gap Ready
🔔 Notify Me at Launch Explore SBOMator
G7 SBOM for AI alignment stamp
Aligned with G7 SBOM for AI (2026)

What’s coming in the AI/ML SBOM Add-on

Traditional SBOMs miss the components that actually drive risk in an AI system — model weights, datasets, external inference APIs, and accelerators. The add-on closes that gap.

🧠

Local Model Detection

Discovers AI/ML artifacts across your codebase and hashes them as first-class SBOM components.

  • .onnx, .pt, .safetensors
  • .gguf and quantized formats
  • Framework detection
🌐

External AI API Inventory

Identifies calls to hosted inference services so your supply chain is fully documented.

  • OpenAI, Anthropic, Gemini
  • Azure AI & AWS Bedrock
  • Notebooks & scripts scanned
📜

G7-Aligned CycloneDX

Reports enriched with AI-specific properties so auditors can filter, query, and prove compliance.

  • esl:ai_sbom_profile
  • esl:ai_sbom_check_level
  • Model & dataset metadata
🛰️

Air-Gap Ready

Bundled offline guidance — no internet required. Built for classified, medical, and industrial environments.

  • Offline HTML guides
  • No telemetry
  • Same air-gap workflow
🔐

Separate License Key

Activates with its own 16-digit key. Never overwrites your base SBOMator license — buy it only when you need it.

  • Keys starting with 9
  • UI controls stay disabled until activated
  • Zero disruption to existing scans
⚙️

Infrastructure Awareness

Enumerates accelerator and runtime dependencies so your AI stack is fully accounted for.

  • CUDA, TensorRT, ROCm
  • Accelerator drivers
  • Inference runtimes

Three Checking Levels

Match effort to compliance need. Switch any time — settings persist in your .esl-project file alongside existing scan configuration.

Minimum

AI Inventory Only
  • Detects AI/ML frameworks
  • Finds local model artifacts
  • Hashes every artifact
  • Fast, lightweight scan
Recommended

Medium

Metadata + Compliance Profile
  • Parses Hugging Face metadata
  • Reads config.json & model cards
  • Detects dataset manifests
  • Captures intended use & data flow

Maximum

Deep AI Supply-Chain Review
  • Scans notebooks & training scripts
  • Identifies external AI service calls
  • Enumerates inference infrastructure
  • Runs security & data-min checklist
G7 SBOM for AI alignment stamp

Aligned with the G7 SBOM for AI — Minimum Elements (2026)

Directly supports the seven G7 clusters — Metadata, System-Level Properties, Models, Datasets, Infrastructure, Security Properties, and KPIs. Published jointly by the G7 Cybersecurity Working Group, BSI, and CISA.

Be first in line at launch

The AI/ML SBOM Add-on is in active development. Leave your email and we’ll let you know the moment it ships.

We’ll only email you about the AI/ML Add-on launch. No spam, ever.