Toqeer Ali Syed, Mohammad Riyaz Belgaum, Salman Jan, Asadullah Abdullah Khan, Saad Said Alqahtani
This paper proposes an AI-driven system for proactive defense in software supply chains, using AI techniques to identify and mitigate vulnerabilities beyond traditional provenance methods.
Software supply chain attacks are increasingly targeting trusted development processes, rendering traditional security measures less effective. This study presents a novel AI-based system that actively identifies and mitigates vulnerabilities in software production. By leveraging advanced AI techniques like large language models and reinforcement learning, the system automates vulnerability detection and response, ensuring more secure software development environments. The approach was tested on real-world setups and showed improved accuracy and efficiency over traditional methods.
