Secure Software Supply for AI

This is an Apple Books audiobook narrated by a digital voice based on a human narrator.

As artificial intelligence systems increasingly depend on complex software pipelines, pre-trained components, and third-party artifacts, weaknesses in the software supply chain have become a direct source of model risk. Traditional application security controls are no longer sufficient for protecting AI systems.

Secure Software Supply for AI connects modern software supply chain security practices with the realities of machine learning and model deployment. Written for DevSecOps, security, and platform engineering leaders, this book explains why frameworks such as SLSA and SBOM are essential for managing AI-related risk.

This volume translates supply chain security concepts into practical steps for AI environments, focusing on how to secure model artifacts, training pipelines, dependencies, and deployment workflows. It bridges the gap between software assurance and model governance.

Key areas covered include:
How software supply chain threats impact AI modelsApplying SLSA principles to training and inference pipelinesBuilding and maintaining SBOMs for model artifactsSecuring dependencies, tooling, and build environmentsLinking supply chain controls to model risk managementEvidence and controls auditors and regulators expect to see
Designed for organizations operating AI at scale, this book provides a strategic yet actionable roadmap for integrating supply chain security into AI governance, reducing exposure to tampering, integrity failures, and downstream operational risk.