Continuously discover, inventory, govern, and report every AI asset—from foundation models and prompts to datasets, agents, MCP servers, deployments, APIs, and runtime environments.
Know your AI. Govern your AI. Secure your AI.
AI-BOM DISCOVERY
Know Your AI Supply Chain
OpsMx continuously discovers and catalogs every AI asset across your environment—from foundation models to runtime deployments and governance evidence.
Traditional SBOMs inventory software. Modern AI applications require visibility into models, prompts, agents, datasets, MCP servers, and more. Without an AI-BOM, organizations cannot answer:
Inventory alone is not governance. OpsMx transforms AI-BOM into a complete AI governance platform.
Automatically identify AI assets across your environment.
Understand ownership, business context, and sensitivity.
Identify AI security risks and policy violations.
Maintain approvals, model lineage, and policy evidence.
Assign owners, generate remediation guidance, and track fixes.
Continuously validate that governance controls remain effective.
Models
Datasets
Prompts
Agents
MCP Servers
Applications
Deployments
Policy Violations
Critical Risks
Compliance Score
Verified Fixes
AI-BOM Coverage
| Framework | AI Inventory | Risk Visibility | Governance Evidence | Audit Reporting |
|---|---|---|---|---|
| EU AI Act | ||||
| NIST AI RMF | ||||
| ISO/IEC 42001 | ||||
| OWASP Top 10 for LLM | ||||
| OWASP Agentic AI | ||||
| OWASP MCP Security | ||||
| Executive Order 14110 | ||||
| Enterprise AI Governance |
Inventory every AI asset—not just models.
Automatically detect changes as AI systems evolve.
Track agents, MCP servers, tool permissions, and autonomous workflows.
Correlate AI assets with vulnerabilities, APIs, secrets, identities, and runtime exposure.
Assign owners, approvals, reviews, remediation tasks, and verification.
Generate executive dashboards and audit-ready evidence.
An AI Bill of Materials (AI-BOM) is a comprehensive inventory of every AI asset in an organization—from foundation models and prompts to datasets, agents, MCP servers, deployments, and runtime environments. Unlike traditional SBOMs that catalog software packages, AI-BOMs capture the complete AI supply chain.
Traditional SBOMs inventory software packages and dependencies. AI-BOMs go further to catalog AI-specific assets like foundation models, fine-tuned models, prompts, agents, MCP servers, datasets, and governance controls. AI-BOMs are dynamic and continuous, not static snapshots.
Models (foundation, fine-tuned, open-source), prompts (system, templates, chains), datasets (training, fine-tuning, RAG), agents, MCP servers, AI applications, APIs, frameworks, deployments, runtime services, governance evidence, and security controls.
OpsMx uses continuous discovery across code repositories, package managers, container registries, cloud environments, Kubernetes clusters, and runtime monitoring to automatically identify AI assets, catalog their configurations, and detect changes.
Yes. OpsMx specifically tracks agentic AI systems including autonomous agents, their workflows, tool orchestration, MCP servers, available tools, permissions, authentication, and connections to enterprise systems.
AI-BOM provides the foundation for governance by enabling ownership assignment, model approvals, risk classification, compliance mapping, audit evidence generation, remediation tracking, and continuous verification of governance controls.
The EU AI Act, Executive Order 14110, NIST AI RMF, and emerging enterprise AI governance frameworks all require organizations to maintain comprehensive inventories of AI systems and demonstrate governance controls.
Yes. OpsMx generates executive dashboards, audit logs, compliance mapping, risk registers, remediation evidence, and governance audit trails that satisfy regulatory and enterprise audit requirements.
Automatically generate AI Bills of Materials covering models, prompts, datasets, agents, MCP servers, deployments, and runtime environments—while continuously supporting AI governance and compliance.