Safeguard
Tag

aibom

Safeguard articles tagged "aibom" — guides, analysis, and best practices for software supply chain and application security.

22 articles

Buyer's Guides

Best ASPM Tools in 2026: Application Security Posture Management Compared

An honest buyer's guide to the best ASPM tools in 2026 — Apiiro, ArmorCode, Cycode, Snyk AppRisk, OX Security, and Safeguard — with a fair blurb and a best-for line for each, plus how AIBOM and supply chain risk reshape the category.

Jun 8, 20268 min read
Buyer's Guides

Best SCA Tools in 2026: Software Composition Analysis Compared

An honest comparison of the best SCA tools in 2026 — Snyk, Endor Labs, Socket, Mend, Sonatype, JFrog, Trivy, and Safeguard — covering reachability analysis, malicious-package detection, SBOM/AIBOM, and remediation, with a clear best-for line for each.

Jun 3, 20268 min read
AI Security

What Are AI Bills of Materials (AIBOMs)

What is an AI Bill of Materials (AIBOM), why do SBOM tools like Sonatype fall short on AI components, and how do teams build one in 2025.

Jun 3, 20268 min read
Buyer's Guides

Snyk Alternatives in 2026: 8 Options Compared

An honest, opinionated guide to the best Snyk alternatives in 2026 — Endor Labs, Socket, Mend, Aikido, Semgrep, Sonatype, Trivy, and Safeguard — with a fair blurb and a 'best for' line for each, plus where reachability and remediation actually matter.

Jun 1, 20268 min read
AI Security

An Engineering Guide to AI Bill of Materials (AIBOM)

An AIBOM extends the SBOM to models, datasets, and prompts. What goes in one, how CycloneDX 1.6 encodes it, and how to generate it in CI without a documentation project.

May 25, 20266 min read
AI Security

Model Weights as Supply Chain Artifacts: Signing and Provenance

A 4 GB safetensors file deserves the same signing, hashing, and provenance discipline as a container image. How to actually do it with Sigstore, OCI registries, and AIBOMs.

Apr 26, 20266 min read
Software Supply Chain Security

AI BOM Spec Comparison: CycloneDX ML-BOM in 2026

AI bills of materials moved from proposal to procurement requirement. A practical comparison of CycloneDX ML-BOM, SPDX 3.0 AI profile, and what to ship in 2026.

Jan 29, 20266 min read
AI Security

CycloneDX ML-BOM in 1.7: Implementation Guide

CycloneDX 1.7 was published in October 2025 and adopted by the General Assembly in December. We unpack what the ML-BOM capability means in practice for AI inventory.

Jan 15, 20267 min read
AI Security

What an AI Bill of Materials is and why enterprises need one

An AI bill of materials (AIBOM) inventories the models, data, and dependencies behind an AI system. Here's what it is and why enterprises need one.

Dec 15, 20257 min read
AI Security

SPDX 3.0 AI Profile: Building an AIBOM in Practice

SPDX 3.0 was published in March 2025 with a dedicated AI profile and a Dataset profile. We walk through how to produce a defensible AIBOM in SPDX format alongside or in place of CycloneDX.

Sep 18, 20257 min read
aibom (Page 2) — Safeguard Blog