Trials and demos
How to buy

Cisco Foundation AI

AI supply chain

Overview

What Is AI Supply Chain Risk Management?

AI Supply Chain Risk Management involves securing the path AI models take from development to deployment, ensuring that all elements of the AI lifecycle—whether open-source models or proprietary code—comply with security, licensing, and governance standards.

Our partnerships

Hugging Face

We are proud to provide enhanced malware scanning for every public file on Hugging Face.

Read the official announcement here.

Cisco

Our threat intelligence powers Cisco Security products like Secure AccessSecure Endpoint, and Secure Email.

Read more about our integrations here and here.

Our AI Supply Chain Risk Management solutions focus on:

Real-time enforcement

Prevents the download of risky AI models at the moment of access, blocking issues like malicious payloads, non-compliant licenses, or models from prohibited sources.

Early-stage protection

Guards against shadow AI use, where models are downloaded outside of official pipelines.

Comprehensive policy management

Ensures that AI models meet internal and external compliance standards before they are used.

Our approach

1) Pre-Download Enforcement Engine

We provide an enforcement layer that blocks risky models before they are ever downloaded or executed. This technology is integrated into Cisco Secure Access and Cisco Secure Endpoint, preventing risky models from entering the system at the earliest stage.

2) Policy-Driven Risk Management

Our solution allows enterprises to create custom policies around AI model sourcing, licensing, and security. It identifies and blocks models with problematic licensing (e.g., GPL, AGPL), malicious payloads, or models sourced from prohibited regions, ensuring complete risk management.

3) Seamless Integration

Our tools integrate seamlessly into Cisco's security products, providing a unified defense strategy that works across developer environments, endpoints, and cloud infrastructures.

Why AI Supply Chain Risk Management Matters

As the use of open-source AI models and third-party libraries increases, security teams face mounting pressure to prevent compliance, security, and legal issues. Traditional scanning tools—often employed too late in the development process—fail to address these risks early enough.

Our AI Supply Chain Risk Management tools enable organizations to:

Block risky models before they reach development environments, minimizing potential security or compliance breaches.

Ensure AI models align with company policies around licensing, security, and origin.

Avoid costly rework or legal challenges arising from unvetted open-source models.

The Foundation AI solution

Our security-specific foundation models deliver the control and compliance benefits of open-source with the performance and usability of proprietary systems—eliminating the traditional trade-offs.

Contact us