OMB Individually Reported

Software Supply Chain Security Research

Exact public inventory row

Description

The AI is intended to solve the problem of time-consuming manual research into security vulnerabilities for third-party software as part of the Software Security Review process. Currently, a manual process handles a limited number of issues per day, and a backlog of over 200 issues exists, with each issue potentially taking hours of human effort for research.

AI / analytics pattern

Generative AI: AI that generates new or synthetic content (e.g., images, videos, audio, text, code).

Automation level / stage

a) Pre-deployment – The use case is in a development or acquisition status.

Controls / human review

ATO: Not reported; PIA: Not published