Improving modern software supply chain security: From AI models to container images

Improving modern software supply chain security: From AI models to container images The growing complexity of supply chain security Cryptographic integrity with Trusted Artifact Signer 1.3 Securing AI models Enterprise-grade high availability Transparency and monitoring Comprehensive analysis with Trusted Profile Analyzer 2.2 License compliance at scale Streamlined container security AI supply chain visibility The power of integration Looking forward Red Hat Product Security About the author Meg Foley More like this Blog post Blog post Original podcast Original podcast Keep exploring Browse by channel Automation Artificial intelligence Open hybrid cloud Security Edge computing Infrastructure Applications Virtualization Share The software supply chain has evolved dramatically in recent years. Today's applications integrate countless components—from open source libraries and container images to AI models and training datasets. Each element represents a potential security risk that organizations must understand, verify, and continuously monitor. As supply chain attacks increase in frequency and sophistication, enterprises need comprehensive solutions that provide both artifact integrity and deep visibility into their software dependencies. Red Hat's latest releases of Red Hat Trusted Artifact Signer 1.3 and Red Hat Trusted Profile Analyzer 2.2 deliver a powerful combination of cryptographic signing capabilities and advanced supply chain analysis, addressing a full spectrum of modern software security challenges, including the emerging complexities of AI-powered applications. Modern applications are built from diverse components that create an intricate web of dependencies. Traditional software includes operating system (OS) packages, application libraries, and container base images. But today's AI-powered applications introduce additional complexity with machine learning (ML) models, training datasets, and inference frameworks—each requiring specialized security considerations. This complexity creates multiple attack vectors. Malicious actors can compromise software at build time by injecting code into repositories, at distribution time by replacing legitimate packages with malicious versions, or at deployment time by exploiting weak verification processes. The 2025 supply chain attack on popular npm packages demonstrated that a single compromised component can affect thousands of downstream organizations. Trusted Artifact Signer 1.3 helps to address these challenges by providing enterprise-grade cryptographic signing and verification for all software artifacts.