Sonatype announced
artificial intelligence and machine learning (AI/ML) component detection, a first-of-its-kind capability, available as part of
Sonatype Lifecycle.
This technology fundamentally changes the way organizations select and
monitor AI/ML software components, enabling them to accelerate software
development while effectively managing the risks associated with AI.
The adoption of AI - particularly generative AI - in software development is rapidly growing. According to Sonatype's 9th annual State of the Software Supply Chain report,
there was a staggering 135% increase in the usage of AI/ML Components
within corporate environments compared to the previous year. By the end
of January 2024, this number saw an additional 20% increase in a matter
of months. Further, Gartner reported that by 2027,
70% of professional developers will use AI powered coding tools. The
widespread acceptance of AI is not only due to its expanding utility but
also its transformative impact on speeding up software development.
"Organizations must be prepared for the wave of behavioral AI and
generative AI that is already radically shaping the future of software
development, much like open source did when Maven Central
first launched in 2003. This is an exciting time for software
development productivity and innovation; the data shows that enterprises
adopting AI in new product innovation and software supply chains are
disrupting competitors and moving faster than ever before," said
Mitchell Johnson, Chief Product Development Officer at Sonatype. "At
the same time, AI/ML introduces a whole new set of risks so it is
crucial to have the data, precise identification, legal compliance, and
policy enforcement in place to understand where and how these new
capabilities are being used - without slowing anyone down."
Sonatype's new AI/ML component detection offers unrivaled visibility
and control of AI/ML in the software you build. This enables you to
safely use the best AI/ML suppliers in your software, transforming your
software development lifecycle and security review processes - all with
the same Sonatype platform you trust to optimize your open source
usage.
Key Functions of AI/ML Component Detection:
-
AI/ML Usage Monitoring and Component Categorization:
Gain visibility into AI usage and monitor its impact through
comprehensive data insights and component categorization. Simply put,
answer the question of where and how AI and GenAI are being used in your
development organization.
-
AI Usage Management: Set
policy constraints based on AI/ML taxonomies to effectively manage and
control AI usage. Apply existing Sonatype Lifecycle policies to your
AI/ML components for universal consistency.
-
Internal Detection of AI Models:
Maintain a comprehensive catalog and index of AI/ML models and datasets
to detect open source AI models used internally as well as modified
versions of those AI models via our ground-breaking detection technology
Sonatype's Artificial Intelligence Component Detection is a
game-changer for software development teams, providing them with the
tools they need to innovate and stay ahead in today's fast-paced
technology landscape. With this new feature, organizations can
confidently embrace AI/ML components while mitigating security, legal,
and quality risks.