Get the report

Beyond the Black Box: How AI is Forcing a Rethink of Software Supply Chain

In our survey of 300+ security leaders and practitioners, executives reported high confidence in AI governance, while AppSec and Product Security teams reported more gaps, more friction, and less visibility into what AI is actually running in production.

Teams are investing in transparency. But the reality is messier than the narrative.

Download the report to understand why.

  • 60% of respondents create SBOMs, but more than 50% of organizations aren't consuming or managing their SBOMs in practice

  • 63% of survey participants report their organizations have shadow AI, indicating widespread unmanaged usage

  • 45.7% of global respondents have experienced legal risks due to AI model licensing or provenance

  • 57.8% of AppSec respondents share that AI is governed separately from the software supply chain

Progress is real. Alignment is not.

This report highlights a real discrepancy between security leaders and the practitioners on the ground when it comes to AI governance and software supply chain security. Download the report to get a picture of reality.

Get the report

BLOG

The Manifest Brief

March 19, 2026

Software Supply Chain Security Is a Board-Level Risk

March 12, 2026

C/C++, Nix, and the Software Supply Chain You’re Missing

Learn how Manifest delivers C/C++ SBOM generation, Nix vulnerability visibility, reachability analysis, and binary inspection to prioritize real software supply chain risk.

March 3, 2026

The AI Readiness Gap Is Real

New research reveals a critical AI readiness gap: 73% of executives believe their AI security is mature, but AppSec teams report fragmentation. Download the Beyond the Black Box report to benchmark your organization, understand the risks of Shadow AI, and learn how unified transparency can reduce friction and accelerate adoption.

Explore more