Trusera Ai-Bom OpenSource (n8n and more)

AI-BOM is a tool designed to help organizations keep track of all the artificial intelligence (AI) components they use. This includes AI agents, models, and APIs. It's important because many companies don't know exactly what AI they are using, which can create security problems. With new rules like the EU AI Act coming soon, having a complete list of AI components will be required.

Benefits

AI-BOM makes it easy to find and list all AI parts in your systems. It helps identify security risks from AI tools that haven't been properly checked. The tool provides a risk score for each AI component found. It can create reports in formats needed for compliance, like CycloneDX SBOMs, and also for security tools like GitHub Code Scanning. AI-BOM can even stop automated processes like software builds if it finds serious issues.

Use Cases

This tool can be used in many ways. It can scan your code to find AI components. It also works with AI frameworks like LangChain and CrewAI, and detects models from providers such as OpenAI and Google. AI-BOM can scan AI containers, cloud AI services, and even specific AI nodes within tools like n8n. For developers, it offers SDKs to monitor AI agent activity in real time and check security policies. There's also a VS Code extension for scanning directly within your coding environment.

Vibes

AI-BOM is an open-source project, meaning its code is publicly available and can be improved by the community. It focuses specifically on AI and LLM related components, which is different from general scanning tools. Users can integrate it into their development process to ensure AI usage is secure and compliant.

Additional Information

AI-BOM is an open-source project available under the Apache License 2.0. It has received community contributions and offers various integrations, including a special node for n8n workflows that provides a dashboard of AI security risks. The project also includes features for policy enforcement and visualization of scan results.