Products
netrise-platform-icon
NetRise Platform
Analyze compiled code to create accurate SBOMs and uncover risk within the software that actually executes on your devices and throughout your enterprise.
provenance-1
NetRise Provenance
Understand risk associated with open-source software components: origin, maintainers, and repository health across ecosystems
ZeroLens-icon
NetRise ZeroLens
Identify weaknesses in compiled software before bad actors find and exploit them.
integration-menu-img
Integrations
NetRise integrates seamlessly into your workflow. Explore our ecosystem to secure your software supply chain.
Solutions
Solutions

Explore our comprehensive solutions designed to meet diverse industry needs and use cases, ensuring security, compliance, and maximum efficiency.

Featured Solution
Improve software transparency and continuous monitoring
Deliver Software Supply Chain Security as a Managed Service
Use Cases
ph_seal-check-light
Compliance Adherence
Ensure compliance with global standards.
ph_chart-scatter-light
Continuous Monitoring
Real-time insights and alerts.
ph_warning-light
Holistic Risk Visibility
Achieve full visibility on vulnerabilities.
ph_list-checks-light
Inventory & Querying
Track and manage software assets.
ph_hand-coins-light-1
SBOM Management
Maintain comprehensive software bills.
LockKey-Menu-Icon
Post-Quantum Cryptography Compliance
Be ready when quantum computing arrives.
ph_shield-check-light
EU CRA Compliance
Prove CRA readiness with evidence.
ph_graph-light
Provenance Intelligence
Understand origins, maintainers, and risk
ph_link-light
Managed Software Supply Chain Security
Visibility into what is inside software and where it comes from
By Industry
ph_user-rectangle-light
Consulting Firms
Solutions for consultancy needs.
ph_barbell
Device Manufacturers
Compliance and security across devices.
ph_building-office-light
Enterprise Corporations
Security for large-scale environments.
ph_bank-light
Government Organizations
Reliable public sector solutions.
ph_ambulance-light
Healthcare
Secure and compliant healthcare data.
ph_lightning-light
Power & Utilities
Manage risk in critical infrastructure.
Resources
Explore NetRise

Find product docs, customer success stories, and company updates in one place.

Latest Resources
netrise-eu-cra-data-sheet-featured-img
NetRise & the EU Cyber Resilience Act (CRA): Compliance Data Sheet
Company
ph_users-three-light
About Us
Learn about NetRise
ph_briefcase-light
Careers
Explore careers with NetRise
ph_calendar-star-light
Events
Conferences, Webinars, and Podcasts
ph_shield-check-light
Security
Review NetRise security and compliance practices
ph_megaphone-light
Press Releases
Latest NetRise product and company updates
ph_newspaper-clipping-light
News & Awards
NetRise in the news, industry trends, and awards
Resource Library
note-light
Product Documents
Learn the platform, fast — briefs and data sheets
thumbs-up-light
Customer Success Stories
Outcome-focused stories from teams building and buying secure software
ph_newspaper-light
Deeper Dives
eBooks, Whitepapers, and longer-form content
ph_note-pencil-light
Blog
Stay informed with our latest articles
ph_microphone-light
Webinars, Podcasts, and Videos
Watch and listen on demand
ph_books-light
All Resources
Explore our full resource library by topic, industry, or asset
Blog Partners
Schedule a Demo
Schedule a Demo
NetRise Platform Apr 17, 2026 4min read

Introducing AI Models and Components Identification

Security teams have more data than ever. But AI often remains a blind spot.

As AI models and related artifacts become more common inside firmware and software packages, security teams need a way to identify them, understand what they are, and determine how they fit into broader risk, compliance, and policy decisions.

Organizations increasingly want better visibility into what is actually inside their software, including AI-related components. AI is not fundamentally different from other software, but it often carries more uncertainty and more scrutiny, which makes clear visibility and context especially important.

That can slow down investigations when teams need clear answers about what is inside an asset.

  • What AI models are present in this asset?
  • Who produced them?
  • Where are they located?
  • How should they be tracked within the SBOM?

AI Models and Components Identification, now available in the NetRise platform, brings that visibility into the existing SBOM workflow. It identifies AI models and components in scanned binary images and surfaces that information directly within the SBOM, so teams can manage them with the same confidence they apply to the rest of the stack.

See AI Artifacts Inside the SBOM

AI Models and Components Identification helps teams identify AI-related artifacts and include them directly in the SBOM.

Instead of treating model files as unknown binaries, teams can now see them as part of the software inventory they already use to investigate risk.

AI artifacts are not inherently different from other software components. They are part of the same supply chain and benefit from the same visibility, validation, and analysis.

 

 

This gives security teams clearer evidence of what is actually inside an asset and extends SBOM visibility to include AI-related software components.

Quickly Identify AI-Related Components

Investigating AI inside an asset should not require a separate workflow.

A new AI Components toggle in the SBOM filter bar allows teams to instantly narrow the table to AI-classified rows only. The row count updates dynamically based on the filtered dataset, and the toggle works alongside existing severity and grouping filters.

That means teams can quickly:

  • filter AI-related entries within large SBOMs
  • combine AI filtering with other views already used for investigation
  • understand the scope of AI usage inside a given asset without leaving the existing analysis workflow

 

Identify the Providers Associated With Each Component

Knowing that an AI-related artifact exists is only part of the picture.

Teams also need to understand who is behind it.

When provider information is available, NetRise surfaces it directly in the SBOM and in the component drawer through a filterable Provider column. This makes it easier to identify components associated with organizations such as OpenAI, Anthropic, Google, or Hugging Face, including cases where a single component is associated with multiple providers.

That additional context helps teams quickly identify which AI components are present and who is behind them during investigation.

Understand Model Details in Context

AI Models and Components Identification adds deeper model intelligence directly into the component drawer.

For AI-classified components, NetRise can display an AI model details section with information about what the artifact is, how it was created, and how it is structured.

 

This gives teams the context needed to quickly understand what a model is, how it was built, and where it came from, with details such as:

Identity

  • filename
  • file format
  • file path or directory location

Provenance

  • producer framework, such as PyTorch or TensorFlow
  • export toolchain, such as tf2onnx or the TFLite converter
  • opset version for ONNX artifacts
  • model name, description, provider, and license where embedded metadata is available

Structure

  • architecture family, such as MobileNetV2, BERT, DistilBERT, or LLaMA-style models
  • approximate parameter count
  • approximate layer or operation count
  • input and output shapes and data types

Supported formats include ONNX, TFLite, SafeTensors, TensorRT, and pickle.

Together, these details give teams the context that helps security practitioners understand what kind of model is present and how it fits into the software they are analyzing.

Built for Imperfect and Real-World Artifacts

AI artifacts are not always packaged cleanly or fully inspectable through application security testing tools.

AI Models and Components Identification is designed to make those limitations clear rather than hide them.

For AI-classified components that do not contain detected model artifacts, NetRise can indicate that no model artifacts were found and clarify that the package was classified as AI-related based on its dependency signature.

For pickle artifacts such as .pkl and .pickle files that cannot be fully inspected through static analysis, NetRise can display an unverified badge along with a note that the contents could not be fully inspected.

This helps teams distinguish between confirmed findings and analysis limitations, making the results more transparent and more useful during investigation.

Extending SBOM Visibility to AI

Software composition analysis has traditionally focused on packages, dependencies, vulnerabilities, and licenses.

NetRise already extends this visibility to areas such as secrets, cryptographic artifacts, and configuration risk. Now it also includes AI.

By incorporating AI models and components directly into the SBOM, NetRise gives teams a more complete view of modern software assets. Security teams can incorporate AI artifacts into the same SBOM workflow they already use to analyze software risk, without introducing a separate or disconnected process.

That makes it easier to bring AI visibility into broader security, compliance, and governance efforts without introducing a disconnected process.

A Clearer Way to Track AI in Software

AI is becoming part of the software supply chain.

Security teams need to be able to see it.

With AI Models and Components Identification, NetRise helps organizations identify AI artifacts inside scanned images, surface provider and model details, and track that intelligence directly within the SBOM.

AI becomes another source of information to act on — not a blind spot.

NetRise made firmware and embedded software analyzable.

AI Models and Components Identification makes the AI inside them visible and easier to investigate.

Stay up to date with the news

Sign Up To Get Our Free Insights Delivered To Your Inbox

Real person here 👉