# sbom
標記為「sbom」的 6 篇文章
Agent Supply Chain Attacks
Compromising AI agents through poisoned packages, backdoored MCP servers, malicious model registries, and weaponized agent frameworks -- including the Postmark MCP breach and NullBulge campaigns.
Capstone: Build an AI Supply Chain Security Tool
Build a tool that scans, audits, and monitors the security of AI/ML supply chains including model provenance, dependency integrity, and artifact verification.
Model Signing and Verification
Defense-focused guide to implementing cryptographic model signing and verification, covering Sigstore for ML, certificate management, SBOM generation for AI systems, and deployment-time verification workflows.
代理 Supply Chain 攻擊s
Compromising AI agents through poisoned packages, backdoored MCP servers, malicious model registries, and weaponized agent frameworks -- including the Postmark MCP breach and NullBulge campaigns.
Capstone: Build an AI Supply Chain 安全 工具
Build a tool that scans, audits, and monitors the security of AI/ML supply chains including model provenance, dependency integrity, and artifact verification.
模型 Signing and Verification
防禦-focused guide to implementing cryptographic model signing and verification, covering Sigstore for ML, certificate management, SBOM generation for AI systems, and deployment-time verification workflows.