AI is putting enormous pressure on federal mission stacks, and agencies need security processes that keep pace with the expanding attack surface. It has practically rebuilt how teams write software, detect threats, analyze intelligence, automate workflows, and support mission decisions. For defense organizations, especially those responsible for intelligence, electronic warfare, cyber, and software-enabled systems, AI is now foundational to operations.
Agencies are no longer buying software in the traditional sense. They're buying dynamic systems assembled from open source libraries, containers, AI models, machine learning frameworks, commercial components, vendor code, APIs, build tools, and increasingly, AI-generated code. Many of those parts change continuously; some are introduced by developers, some are pulled automatically by build systems, some are suggested by AI coding assistants, and some arrive embedded in vendor products. This is exposing a critical security gap because most organizations lack visibility into the models, dependencies, open source components, and automated systems behind their AI-driven software.
The June 2026 AI Executive Order Raises the Stakes
The Executive Order (EO), Promoting Advanced Artificial Intelligence Innovation and Security, makes clear that AI adoption and cybersecurity are now inseparable national priorities. The EO directs agencies to promote AI innovation while hardening government and private-sector information systems, protecting American intellectual property, and cultivating advanced AI-enabled capabilities. It also prioritizes the cyber defense of National Security Systems, Department of War information systems, and civilian federal systems.
For federal buyers, the most important signal is that secure AI adoption needs to be operationalized. The EO specifically calls for AI-enabled defensive tools, access to cybersecurity services for federal agencies and critical infrastructure operators, and an AI cybersecurity clearinghouse to coordinate vulnerability scanning, validation, remediation, and patch distribution.
The EO also addresses frontier models through classified benchmarking and a voluntary framework for secure early access with trusted partners, while making clear that it does not create a mandatory licensing or pre-clearance regime for AI model development or release.
In practical terms, the government is telling us to build the security, visibility, and coordination mechanisms needed to use AI at mission speed.
AI Introduces Vulnerabilities With Confidence and Speed
AI-assisted development can recommend packages that are outdated, unmaintained, malicious, or license-problematic. Machine learning pipelines can pull models from public repositories without the same rigor agencies apply to traditional software artifacts.
The emergence of advanced cybersecurity models underscores the point. Anthropic's Mythos demonstrates how powerful AI can be for identifying and helping remediate software vulnerabilities, while also raising concerns about how similar capabilities could be misused if access and governance are weak. AI will compress the time between vulnerability discovery and exploitation. Manual governance will not keep pace. A software factory that cannot continuously see, evaluate, and control its components will struggle in an AI-enabled threat environment.
SBOMs Are the Starting Point, Not the Finish Line
Software bills of materials (SBOMs) have become central to federal software supply chain transparency because it can tell you what's inside software. For AI-enabled systems, that question is getting broader.
Federal programs increasingly need visibility into traditional software dependencies, transitive open source packages, containers, cryptographic assets, model files, model provenance, data pipeline components, AI frameworks, runtime environments, and policy exceptions. Emerging AI SBOM concepts extend into AI-specific areas such as model lineage, datasets, training environments, and verifiable provenance. Recent research has framed AIBOMs as a way to capture AI model metadata, environment details, provenance, and lifecycle assurance in machine-verifiable form.
But a bill of materials by itself is not enough. A static SBOM delivered as a compliance artifact at contract award does not protect a mission system six months later when a transitive dependency becomes exploitable, a model is updated, or a malicious package enters a build pipeline. For SBOMs and emerging AI BOMs to matter operationally, they must be continuously generated, continuously enriched with vulnerability and exploitability intelligence, connected to policy, and tied to remediation workflows. That is the difference between documentation and defense.
What This Means for Federal Buyers
Buyers should expect suppliers and internal software factories to prove that they can govern software and AI components continuously across the lifecycle. That means knowing which open source and AI components are approved, where they came from, who introduced them, whether they are vulnerable or malicious, whether safer alternatives exist, and whether the system can produce audit-ready evidence for RMF, ATO, zero trust, SWFT-style acceleration, and supply chain risk management. Two capabilities separate genuine continuous governance from repackaged scanning. The first is prevention at the point of entry: blocking malicious open source and AI models before they reach a developer or a build, not merely detecting them after they have landed. The second is the ability to do this in the environments where federal missions actually run, including fully disconnected and air-gapped enclaves where most commercial tooling cannot operate at all.
NIST's zero trust guidance is especially relevant here. Zero trust moves security away from static network perimeters and toward users, assets, resources, workflows, authentication, authorization, and continuous validation. Applied to software supply chains, that means agencies should not implicitly trust a package, model, container, or generated code snippet simply because it came from a familiar repository, a contractor build, or an approved pipeline. Trust has to be earned, verified, and re-verified.
NIST's RMF guidance also points in the same direction by emphasizing continuous monitoring, near-real-time risk management, and incorporating security and privacy into the system development lifecycle. In an AI-enabled software environment, continuous monitoring must include the components and models that make up the system, not just the deployed endpoint or network boundary.
Govern the Components Before They Become Mission Risk
Sonatype helps organizations automate open source and AI governance across the software development lifecycle. Our position is that the safest component is the one that never enters the environment in the first place.
Sonatype Firewall addresses a gap that most scanning tools are structurally not able to: traditional SCA detects known vulnerabilities, but Sonatype Firewall is purpose-built to block malware, the intentionally malicious code attackers plant in open source ecosystems, at the point of download, before it reaches developer workstations, repositories, or CI/CD pipelines. That prevention extends to malicious AI and ML models pulled from public repositories. In an AI-accelerated threat environment where the window between vulnerability discovery and exploitation is collapsing, prevention at the gate is structurally faster than detection after the fact. After all, the safest component is the one that never enters in the first place.
Sonatype Lifecycle gives teams automated software composition analysis, policy enforcement, contextual risk prioritization, remediation guidance, and visibility into open source and AI model risk across applications and pipelines. It supports SBOM generation and works with SBOM Manager to help organizations move from one-time SBOM creation to sustainable, auditable SBOM governance.
Sonatype SBOM Manager helps teams ingest, manage, monitor, audit, and share SBOMs, including CycloneDX and SPDX formats, while supporting VEX workflows, vulnerability insights, license obligations, containers, and AI model governance. Sonatype notes that SBOM Manager now supports containers, AI models, Legal Pack integration, and expanded coverage across ecosystems, commercial apps, hardware, and OS components.
For AI adoption specifically, Sonatype provides governance capabilities for open source AI and ML usage, including visibility into AI/ML components, policy enforcement, AI-assisted development guardrails through Sonatype Guide, and proactive blocking of malicious AI models before they enter the SDLC.
This matters for federal environments because the operational constraint is not only security. It is speed with evidence. Programs need to deliver faster, reduce rework, satisfy oversight, support mission partner confidence, and maintain cyber posture as components change. Sonatype's intelligence engine draws from extensive open source visibility and research, including analysis of more than 270 million components and insight from large-scale component consumption patterns.
Mission Assurance Through Software Transparency
AI will make federal software delivery faster. It will also make exploitation faster. The organizations that succeed will be those that treat software transparency as a mission assurance requirement, not a paperwork exercise.
For federal buyers, the standard should be that every software and AI-enabled capability comes with continuous visibility into its components, automated policy enforcement before risky artifacts enter the pipeline, machine-readable SBOM and AI component evidence, vulnerability intelligence that goes beyond public databases, and remediation workflows that help developers fix issues without slowing delivery.
The June 2, 2026 EO reinforces that the government wants secure innovation, not innovation theater. It calls for AI-enabled cyber defense, coordinated vulnerability remediation, protection of critical systems, and public-private collaboration. Those goals cannot be achieved with fragmented spreadsheets, manual reviews, or static compliance artifacts.
The next phase of federal cyber modernization will be won inside the software supply chain. The agencies that can see what they are using, control what enters their environment, and continuously prove what changed will be better positioned to adopt AI securely, accelerate software delivery, and protect the mission systems the nation depends on.
Tom Tapley specializes in securing software supply chains for Federal environments, bringing deep expertise in aligning agency security, compliance, and operational requirements with modern technology solutions. With a proven track record in supporting mission-critical systems, he bridges the gap between evolving federal mandates and scalable, secure software practices.
Tags
Comply with SBOM Regulations
Meet regulatory requirements with Sonatype SBOM Manager – a single solution for SBOM monitoring, management, and compliance.