Overview
The OWASP AIBOM Weekly Call on January 13, 2026 (Call #9) marked the first plenary meeting of the year and focused on community growth, new member introductions, sponsorship updates, and progress across core workstreams. The call highlighted a ~20% growth in both LinkedIn and Slack communities, confirmed a new sponsor for the project, and reiterated the 2026 sponsorship target of $200,000. Key discussions centered on consolidating open-source tools related to AI Bills of Materials, advancing AIBOM definitions and taxonomies, restarting the formats workstream, and strengthening collaboration with academia, industry, and a potential Fortune 100 partner—particularly around threat intelligence. The meeting concluded with an open forum for additional introductions and discussion.Action Items
- Collaboration & Threat Intelligence
- Aruneesh Salhotra to connect the Fortune 100 threat-intelligence team with the Threat Intelligence workstream leads (Bakul and Jatin) to explore collaboration.
- Tooling & Formats
- Finalize the consolidated AIBOM tooling list and publish the initial version to the community for feedback (target: January 27, 2026).
- After internal finalization, publish the tooling consolidation externally and solicit broader community feedback and missing-tool nominations.
- Resume and formalize work on AIBOM formats by the end of January 2026.
- Definitions, Taxonomy & Use Cases
- Keep the AIBOM definitions document open for review for one additional week and ensure review links are posted prominently in Slack. to:
- Prepare draft AIBOM taxonomies and use cases and share them in upcoming meetings for community review.
- Policy & Regulations
- Schedule the Policy/Regulations workstream call during the current week to discuss the 2026 roadmap and engagement with academia and regulatory bodies.
Outline
- 1. Welcome, Introduction, and Logistics
- The host opens Call #9 (January 13, 2026), apologizes for minor technical delays, and confirms the meeting is being recorded.
- Participants are reminded that recordings and minutes will be published on the website and YouTube.
- New Year greetings are extended, along with a brief overview of 2026 targets and priorities.
- 2. Introductions of New Members
- Thomas (Czechia) – Completing a master’s degree; working on the AIBOMber project with interests in AI and supply chain security.
- Pankaj Maurya (India) – Tech Lead at BOSCH (BGSW), working on supply chain security and AIBOM creation.
- Vivek (Belgium) – PhD researcher focused on generating AI Bills of Materials and improving transparency and trustworthiness in AI systems.
- New participants are welcomed, and their backgrounds are noted as strong additions to ongoing workstreams.
- 3. Community Growth & 2026 Roadmap
- The team notes approximately 20% growth in both LinkedIn followers and Slack community members since the previous call.
- A high-level overview of the 2026 roadmap is shared, with a reminder that some delivery timelines may shift as workstreams mature.
- Emphasis is placed on maintaining momentum while aligning outputs across workstreams.
- 4. Sponsorship Update
- A new sponsor is confirmed from the prior week.
- The project reiterates its 2026 sponsorship target of $200,000, which will support conference participation, outreach, and sustained development.
- Ongoing sponsorship discussions are noted, including engagement with companies in the Middle East.
- 5. AIBOM Definitions, Taxonomy & Requirements
- The AIBOM definitions document remains open for community review for one more week.
- Ongoing work includes developing taxonomies and initial use cases to support downstream efforts (formats, tooling, policy, and threat intelligence).
- Participants are encouraged to provide direct feedback via shared review links in Slack.
- 6. Tooling Workstream Update
- The tooling workstream provides an update on consolidating open-source tools relevant to AIBOM, including asset discovery, provenance, and vulnerability analysis.
- Work is underway to create a taxonomy for vulnerability exposure aligned with AIBOM concepts.
- Clarification is provided that this effort focuses on tool consolidation and requirements, distinct from other generator-focused initiatives.
- 7. Policy & Regulations Workstream
- Updates are shared on the ongoing expansion of the AI regulations tracking effort.
- Upcoming discussions are planned with academia and regulatory bodies to validate coverage and direction.
- A dedicated workstream call will be scheduled to refine the roadmap and engagement strategy.
- 8. Threat Intelligence & Industry Collaboration
- The Threat Intelligence workstream shares early progress on analyzing vulnerability exposure and building a supporting taxonomy.
- A potential collaboration with a Fortune 100 company is highlighted, with interest in integrating threat intelligence more tightly with AIBOM.
- The importance of global collaboration—across industry and academia—is emphasized as critical to the project’s success.
- 9. Open Forum & Additional Introductions
- The floor is opened for additional comments and introductions.
- Nikhil introduces himself as an Engineering Lead responsible for network security, threat intelligence, and security engineering at a stealth-mode company; he expresses interest in contributing to AIBOM and notes collaboration with Jatin on threat intelligence topics.
- Participants are encouraged to continue discussions asynchronously via Slack.
- 10. Closing Remarks
- The host thanks participants for their engagement and contributions.
- Community members are encouraged to stay active in Slack and workstream meetings as 2026 initiatives progress.
