The Manifest Blog

AI at Black Hat USA 2025

From the Black Hat USA 2025 conference in Las Vegas, Daniel Bardenstein shares firsthand insights on AI’s rise as a top CISO concern, the lack of AI risk management tools, vulnerability overload, and third-party risk blind spots.

Implementing AI Transparency

Discover how security leaders can achieve AI transparency and mitigate risks. Learn how to build AI inventories, use AI Bills of Materials (AIBOMs), and integrate risk assessments to secure AI at scale. Ask ChatGPT

Why AI Transparency Can't Wait

CISOs, CTOs, and CEOs face rising AI risks without visibility into their AI supply chains. Discover why AI transparency is urgent, how regulatory pressures are mounting, and how early adopters can gain a competitive edge with proactive AI governance. Ask ChatGPT

Fast Response to a Critical JavaScript CVE-2025-7783

A critical flaw (CVE-2025-7783) in the JavaScript form-data library impacts millions of apps. Learn which versions are vulnerable, how Manifest worked through the weekend to assess and notify customers, and why SBOMs are key to rapid discovery and remediation.

Bringing SBOMs to AI

Learn why CISA’s new AI SBOM Tiger Team guide defines the future of AI governance, risk management, and transparency. Discover what an AI software bill of materials is, and why your organization needs one.

Congress Demands AI Transparency

New NDAA provisions mandate unprecedented AI transparency for the DoD, exposing critical gaps in model visibility and control. Learn how AI SBOMs and governance are now essential for national security.

The Future of Medical Device Security Is Transparent

The FDA's June 2025 cybersecurity guidance emphasizes transparency and AI security for medical devices. Learn how SBOMs, VEX documents, and Manifest's platform can help you achieve compliance and enhance patient safety.

The Doctor Will See Your SBOM Now

SBOMs help healthcare organizations meet FDA cybersecurity requirements while gaining critical visibility into the software supply chain behind medical devices.

One Step Forward, One Step Back: What the Executive Order Gets Right and What It Misses on Software and AI Risk

New federal mandates are reshaping software and AI supply chain security. Learn how Manifest can help you meet Executive Order requirements with SBOMs, cryptography inventories, open-weight AI risk assessments, and scalable practices.

EasyJSON - What is actually going on?

Introducing Korea’s Digital Medical Products Act (DMPA) and Manifest Available in Korean

What the DMPA requires from medical device manufacturers, and how companies can comply with the DMPA

Announcing Manifest’s FedRAMP High Authorization

Manifest SBOM management capability receives FedRAMP High authorization

XZ: Avoiding FUD and Learning Lessons

Learn which lessons the software supply chain cybersecurity community can take from the XZ compromise

SBOMs Take Center Stage in the EU’s Cyber Resilience Act

Learn how the Cyber Resilience Act enhances the security of digital products and services while elevating the importance of SBOMs to secure software supply chains.

What the NIS2 Directive Means for SBOMs

Learn how the EU’s NIS2 Directive elevates the importance of SBOMs to secure software supply chains.

Getting Started with SBOMs: The Basics

The basics of SBOM and its value for security, third party risk management, and compliance.

On Our Air Force AIBOM Award

The United States Air Force makes a critical investment in Manifest’s artificial intelligence bill of materials (AIBOM) capability.

The SBOMs Go Abroad

The Cyber Resilience Act and our support for all 24 official EU languages.

The Power of ‘And’

Manifest now supports the CSAF VEX format, adding to existing support for the OpenVEX standard.

SBOM’s Missing Ingredient: Ketchup

Comparing industry pushback to food labeling to modern pushback on software transparency.

Manifest now supports VEX!

Announcing Manifest’s new VEX feature, allowing customers to easily generate and share information about vulnerabilities.

Introducing Manifest

Manifest announces seed funding to accelerate growth.

Towards Secure and Transparent Software

The status quo is no longer acceptable.