OMB Individually Reported
Software Supply Chain Security Research
Exact public inventory row
Description
The AI is intended to solve the problem of time-consuming manual research into security vulnerabilities for third-party software as part of the Software Security Review process. Currently, a manual process handles a limited number of issues per day, and a backlog of over 200 issues exists, with each issue potentially taking hours of human effort for research.
AI / analytics pattern
Generative AI: AI that generates new or synthetic content (e.g., images, videos, audio, text, code).
Automation level / stage
a) Pre-deployment – The use case is in a development or acquisition status.
Controls / human review
ATO: Not reported; PIA: Not published