Mend.io Launches Advanced AI Security Tool

Mend.io, an application security leader, today announced the launch of Mend AI, a unique new tool designed to identify, track, and secure AI models and AI-generated code. As AI continues to drive rapid innovation in software development, ensuring its secure and responsible use has become a top priority for both governments and businesses.

The Need for AI Security

With the rise of pre-trained AI models on platforms like Hugging Face and AI-generated functions from large language models (LLMs), security has not kept pace. Organizations are still determining how to integrate AI components into their software in a secure, safe, and compliant manner.

Introducing Mend AI

“As with open-source components, the first thing organizations must know is what is present in their code bases. Mend AI can identify and provide information—including license, version, and any security notices—for all 350,000 AI models indexed on Hugging Face, the world’s most popular open-source AI library and community.”

Rami Sass, co-founder and CEO of Mend.io

Mend AI also provides increased transparency into applications with advanced bill of materials (AI-BOM) support for AI models. The AI-BOM offers a comprehensive view of the direct, transitive, and artificial intelligence components and dependencies used in an application.

Enhancing Software Composition Analysis

Mend AI enhances Mend SCA, the gold-standard software composition analysis tool, to cover the AI-based portion of the modern software supply chain. Using these insights, security and compliance teams can keep track of AI usage in their codebase, ensuring the latest and most secure versions of AI models are used and making informed policy and governance decisions.

Continuous Evolution

As AI technology and vulnerability tracking frameworks emerge and mature, Mend.io will continue to evolve Mend AI, along with its other products, to meet emerging application security challenges.

Start Managing Application Risk

Mend.io provides all the tools needed to build a mature, proactive AppSec program that effectively manages application risk. Their approach to AppSec helps dev and sec teams work together effectively.

For Developers and Security Teams

Mend.io offers a repo-centric approach for dev teams, providing prioritized, actionable insights integrated into their existing processes. For security teams, Mend.io offers a powerful platform that provides complete visibility and control over all tools and environments.

Seamless Integrations

Mend.io ensures that AppSec tools are not roadblocks but enablers. With seamless integrations into tools that teams already use, such as GitHub, Azure DevOps, Bitbucket Cloud, Bitbucket Data Center, GitLab, or Artifactory, Mend.io keeps the development burden low while increasing adoption rates.

Our Mission

At Mend.io, we believe that AppSec should be necessary, not a necessary evil. Effective AppSec programs require dev teams and security teams to work together, reconciling their different priorities to lower application risk.

About Mend.io

Trusted by the world’s leading companies, including IBM, Google, and Capital One, Mend.io’s enterprise suite of application security tools is designed to help you build and manage a mature, proactive AppSec program. Mend understands the different AppSec requirements of developers and security teams. Unlike other AppSec solutions that force everyone to use a single tool, Mend helps them work in harmony by giving each team different, but complementary, tools—enabling them to stop chasing vulnerabilities and start proactively managing application risk.