Federal / Audit / Finance

Software Supply Chain Security Research

Exact public inventory row

Description

The AI is intended to solve the problem of time-consuming manual research into security vulnerabilities for third-party software as part of the Software Security Review process. Currently, a manual process handles a limited number of issues per day, and a backlog of over 200 issues exists, with each issue potentially taking hours of human effort for research.

AI / analytics pattern

Generative AI

Automation level / stage

a) Pre-deployment - The use case is in a development or acquisition status.

Expected benefit

Efficiency, productivity, service quality

Controls / human review

Inventory row should be validated against agency governance and M-25-21 controls.