Agents
Execution-bound advisory automation for agentic AI: a reproducible AIBOM-driven CSAF-VEX framework
The article presents a framework that integrates Software Bill of Materials (SBOM) and AI Bill of Materials (AIBOM) with structured runtime telemetry to automate execution-bound advisories for agentic AI systems. It computes exploitability using both static and runtime data, generating cryptographically signed CSAF VEX advisories validated through deterministic replay. The evaluation involved around 10,000 component entries across synthetic workloads, which is significant for practitioners as it enhances security measures in AI deployments by providing a reproducible method for assessing and mitigating vulnerabilities.
agentic-airuntime-telemetryautomation