Codenotary is including new capabilities to its SBOM.sh service, which supplies free evaluation of software program payments of supplies (SBOMs).
In keeping with the corporate, the updates had been made in consideration of AI purposes, and the instrument now treats datasets as software program provide chain artifacts.
“Conventional SBOM instruments had been constructed for an earlier period – focusing totally on supply code to enhance visibility into the software program provide chain,” mentioned Moshe Bar, CEO and co-founder of Codenotary. “Safety groups are swimming in SBOMs, however they’re not getting the actionable readability they want — particularly as AI transforms software program with AI purposes are constructed on datasets that are fully ignored by conventional SBOMs.”
It now supplies documentation of dataset sources, licensing phrases, and governance controls, which helps organizations be extra audit-ready.
SBOM.sh additionally now captures lineage metadata, equivalent to base-model origins, fine-tuning historical past, model identifiers, and replace pathways.
Moreover, for monitoring and observability functions, it gives visibility into inference endpoints, entry controls, runtime integrations, and monitoring hooks.
And eventually, the instrument now embeds possession and approval context into AI artifacts.
