AI Bill of Materials for Modern AI Applications

Continuously discover, inventory, govern, and report every AI asset—from foundation models and prompts to datasets, agents, MCP servers, deployments, APIs, and runtime environments.

Know your AI. Govern your AI. Secure your AI.

See AI-BOM Demo

AI-BOM DISCOVERY

Know Your AI Supply Chain

OpsMx continuously discovers and catalogs every AI asset across your environment—from foundation models to runtime deployments and governance evidence.

ModelsPromptsDatasetsAgentsMCP ServersApplicationsDeploymentsGovernance

Why AI-BOM Matters

Traditional SBOMs inventory software. Modern AI applications require visibility into models, prompts, agents, datasets, MCP servers, and more. Without an AI-BOM, organizations cannot answer:

Which models are deployed?
Which prompts are in production?
Which datasets trained the model?
Which AI agents have privileged access?
Which MCP servers expose enterprise systems?
Which applications use this model?
Which model versions are running?
Which risks remain unresolved?

Complete AI Asset Inventory

Models

  • Foundation models
  • Fine-tuned models
  • Open-source models
  • Hosted models
  • Model versions
  • Hashes

Prompts

  • System prompts
  • Prompt templates
  • Prompt chains
  • Prompt versions
  • Owners
  • Repositories

Datasets

  • Training datasets
  • Fine-tuning datasets
  • RAG knowledge bases
  • Embeddings
  • Vector databases
  • Data lineage

Agents

  • AI agents
  • Autonomous workflows
  • Tool orchestration
  • Agent ownership
  • Policies

MCP Servers

  • MCP servers
  • Available tools
  • Permissions
  • Authentication
  • Connected systems

AI Applications

  • Business applications
  • Internal copilots
  • Customer-facing AI
  • Application ownership

APIs

  • Inference APIs
  • LLM endpoints
  • REST APIs
  • Authentication
  • Rate limits

Frameworks

  • LangChain
  • LlamaIndex
  • Semantic Kernel
  • OpenAI SDK
  • Anthropic SDK
  • Google GenAI

Deployments

  • Cloud
  • Kubernetes
  • Containers
  • Serverless
  • Regions
  • Environments

Runtime

  • Inference services
  • Scaling
  • Usage
  • Latency
  • Versions
  • Health

Governance

  • Risk classification
  • Approvals
  • Model cards
  • Owners
  • Exceptions
  • Policies

Security

  • Prompt injection
  • Jailbreak
  • Data leakage
  • Model integrity
  • Secrets
  • API exposure

Beyond AI Inventory

Inventory alone is not governance. OpsMx transforms AI-BOM into a complete AI governance platform.

Discover

Automatically identify AI assets across your environment.

Classify

Understand ownership, business context, and sensitivity.

Secure

Identify AI security risks and policy violations.

Govern

Maintain approvals, model lineage, and policy evidence.

Remediate

Assign owners, generate remediation guidance, and track fixes.

Verify

Continuously validate that governance controls remain effective.

AI Governance Dashboard

Models

Datasets

Prompts

Agents

MCP Servers

Applications

Deployments

Policy Violations

Critical Risks

Compliance Score

Verified Fixes

AI-BOM Coverage

AI Security & Compliance

FrameworkAI InventoryRisk VisibilityGovernance EvidenceAudit Reporting
EU AI Act
NIST AI RMF
ISO/IEC 42001
OWASP Top 10 for LLM
OWASP Agentic AI
OWASP MCP Security
Executive Order 14110
Enterprise AI Governance

Why OpsMx AI-BOM

Complete AI Visibility

Inventory every AI asset—not just models.

Continuous Discovery

Automatically detect changes as AI systems evolve.

Built for Agentic AI

Track agents, MCP servers, tool permissions, and autonomous workflows.

Security Context

Correlate AI assets with vulnerabilities, APIs, secrets, identities, and runtime exposure.

Governance Workflow

Assign owners, approvals, reviews, remediation tasks, and verification.

Enterprise Reporting

Generate executive dashboards and audit-ready evidence.

Works Across Your AI Stack

OpenAI
Anthropic
Azure OpenAI
Amazon Bedrock
Google Vertex AI
Ollama
Hugging Face
LangChain
LlamaIndex
Semantic Kernel
Pinecone
Weaviate
Milvus
GitHub
GitLab
Docker
Kubernetes
AWS
Azure
Google Cloud

Frequently Asked Questions

An AI Bill of Materials (AI-BOM) is a comprehensive inventory of every AI asset in an organization—from foundation models and prompts to datasets, agents, MCP servers, deployments, and runtime environments. Unlike traditional SBOMs that catalog software packages, AI-BOMs capture the complete AI supply chain.

Traditional SBOMs inventory software packages and dependencies. AI-BOMs go further to catalog AI-specific assets like foundation models, fine-tuned models, prompts, agents, MCP servers, datasets, and governance controls. AI-BOMs are dynamic and continuous, not static snapshots.

Models (foundation, fine-tuned, open-source), prompts (system, templates, chains), datasets (training, fine-tuning, RAG), agents, MCP servers, AI applications, APIs, frameworks, deployments, runtime services, governance evidence, and security controls.

OpsMx uses continuous discovery across code repositories, package managers, container registries, cloud environments, Kubernetes clusters, and runtime monitoring to automatically identify AI assets, catalog their configurations, and detect changes.

Yes. OpsMx specifically tracks agentic AI systems including autonomous agents, their workflows, tool orchestration, MCP servers, available tools, permissions, authentication, and connections to enterprise systems.

AI-BOM provides the foundation for governance by enabling ownership assignment, model approvals, risk classification, compliance mapping, audit evidence generation, remediation tracking, and continuous verification of governance controls.

The EU AI Act, Executive Order 14110, NIST AI RMF, and emerging enterprise AI governance frameworks all require organizations to maintain comprehensive inventories of AI systems and demonstrate governance controls.

Yes. OpsMx generates executive dashboards, audit logs, compliance mapping, risk registers, remediation evidence, and governance audit trails that satisfy regulatory and enterprise audit requirements.

Know Every AI Asset. Govern Every AI System.

Automatically generate AI Bills of Materials covering models, prompts, datasets, agents, MCP servers, deployments, and runtime environments—while continuously supporting AI governance and compliance.

Request a Demo