Mend.io Launches Mend AI

Securing AI is a top cybersecurity priority and concern for governments and businesses alike. Developers have easy access to pre-trained AI models through platforms like Hugging Face and to AI-generated functions and programs through large language models (LLMs) like GitHub Co-Pilot. 

This access has spurred developers to create innovative software at an enormously fast pace. But in the wake of all the excitement and innovation, organizations are still figuring out how to secure their software and keep it compliant.

We know our customers need to identify, track, and secure their AI and AI-generated code so we’re proud to announce the launch of our new tool, Mend AI.

As with any open source component, the first thing organizations need to know is what is present in their codebase. Mend AI can identify and provide information – including license, version, and any security notices – for all 350K AI models indexed on Hugging Face, the world’s most popular open source AI library and community. 

With these insights, security and compliance teams can keep track of AI usage in their codebase, ensure the latest and most secure versions of AI models are being used, and make wise policy and governance decisions for their organizations.

Mend AI is in active development in collaboration with our customers.

We are already developing new features that will help them stay secure including: 

• AI code snippet detection to identify AI-generated code
• AI-BOM to give a holistic view of code including AI models
• Gender bias detection to deflect potential legal issues and foster inclusion

As AI technology and AI vulnerability tracking frameworks emerge and mature, we will continue to evolve Mend AI and our other products to meet the challenges of modern application security.

Because Mend AI addresses critical, emerging, and growing needs for our customers using AI models, it is included with our gold-standard software composition analysis tool, Mend SCA, at no additional cost.