Manifest introduces Manifest AI Risk, the latest module part of the Manifest Platform, designed to help security and compliance teams secure their AI supply chains. An AI transparency and governance solution, Manifest AI Risk illuminates vulnerabilities, provenance, software dependencies, and legal risks in AI models and their training data. The AI Risk module includes enterprise capabilities for continuous monitoring, inventory, and reporting across an organization’s entire AI infrastructure. Manifest eliminates bottlenecks, enabling executives to evaluate AI risks in minutes instead of weeks. Manifest AI Risk provides a robust framework for managing AI supply chain risks, enforcing policies, and facilitating rapid incident response at enterprise speed and scale: AI Bill of Materials (AIBOM) Engine: The industry’s first AIBOM functionality automatically discovers and inventories GenAI models, custom ML models, and AI-enabled applications across development and production environments. It tracks approved and requested models in a single dashboard while scanning source code to detect embedded AI models. Combining continuous discovery with real-time vulnerability monitoring, the engine transforms weeks-long manual evaluations into two-click assessments with instant visibility into model provenance and risks. AI Governance Policy Engine: Manifest AI Risk enforces AI governance policies by continuously monitoring development across open-source and custom models. It restricts outdated models, originating from high-risk countries, that have prohibited licenses or lack training data transparency. Integrated with DevSecOps workflows, it detects models in source code and notebooks, triggering alerts when policies are violated. Beyond compliance, it delivers operational intelligence for strategic business decisions. AI Risk Dashboard: Provides executive-grade visibility into AI supply chain risks with business-focused communication. The dashboard enables organizations to evaluate open-weight models from Hugging Face and other sources for undocumented training data, policy misalignment, and licensing restrictions. Automated prioritization highlights critical vulnerabilities, while strategic reporting supports board-level decision-making.