Your existing AppSec investments remain critical, but AI has fundamentally expanded your attack surface. Models, agents, prompts, MCP servers, and embeddings are now production dependencies, yet they’re invisible to traditional scanning, ungoverned by existing policies, and absent from compliance reporting. This creates both immediate risk exposure and regulatory blind spots. With frameworks like the EU AI Act and ISO 42001 introducing new AI governance requirements, organizations need visibility and control over AI assets, not just traditional software components. Grounded in OWASP LLM03:2025 and validated by Checkmarx Zero research, this e-book includes: 10 critical AI supply chain risks from poisoned models and counterfeit packages to MCP tool poisoning and licensing violations, with real-world examples and practical mitigation strategies for each. Four-stage AI supply chain maturity model to honestly assess your current AI security posture and prioritize next steps based on your organization’s readiness. Intro to the AI-BOM framework extending traditional SBOMs to capture AI assets, meeting emerging compliance requirements and giving you complete supply chain visibility. Thumbnails Document Outline Attachments Layers Current Outline Item Previous Next Highlight All Match Case Match Diacritics Whole Words Highlight color Thickness Show all Color Size Color Thickness Opacity Add image Open Print Save Current Page Go to First Page Go to Last Page Rotate Clockwise Rotate Counterclockwise Text Selection Tool Hand Tool Page Scrolling Vertical Scrolling Horizontal Scrolling Wrapped Scrolling No Spreads Odd Spreads Even Spreads Document Properties… Toggle Sidebar Find Previous Next Highlight Text Draw Add or edit images Presentation Mode Print Save Tools Zoom Out Zoom In Automatic Zoom Actual Size Page Fit Page Width 0% 50% 75% 100% 125% 150% 200% 300% 400% Enter the password to open this PDF file: Cancel OK File name: - File size: - Title: - Author: - Subject: - Keywords: - Creation Date: - Modification Date: - Creator: - PDF Producer: - PDF Version: - Page Count: - Page Size: - Fast Web View: - Close Choose an option Alt text (alternative text) helps when people can’t see the image or when it doesn’t load. Add a description Aim for 1-2 sentences that describe the subject, setting, or actions. Mark as decorative This is used for ornamental images, like borders or watermarks. Cancel Save Preparing document for printing… 0% Cancel
