Overview
The OWASP AIBOM Call #14 focused on advancing Phase 2 execution, including progress across workstreams, growth in sponsorships, and increased collaboration efforts with academia and industry. The session emphasized operationalizing deliverables such as the AI BOM 101 guide, strengthening the content and engagement strategy, and accelerating contributions across tooling and documentation. The project continues to show strong momentum with new sponsors, community growth, and upcoming conference participation.
Key Highlights
Project Growth & Sponsorships
- New Silver Sponsor: PredictGuard announced (5th sponsor total, more in pipeline)
- Additional sponsors under discussion (pending confirmation)
- Sponsorship goal: $100,000 for the year
- Continued engagement with Manifest Cyber and others
Community & Collaboration
- Active outreach to universities in Washington DC and Texas
- Goal: bring in researchers, professors, and academic contributors
- New collaboration opportunities introduced (India-based AI governance org)
- Continued expansion of global participation
Conferences & Events
- Submissions for:
- Black Hat (in-person event proposed)
- AI Engineer World Fair (June July, SF)
- Recommendation to track:
- Upcoming conferences
- CFPs
- Member speaking engagements
Phase 2 Execution (Current Focus)
- Workstreams and deliverables finalized
- Transition from planning → execution
- Focus areas:
- AI BOM 101 Guide
- Tooling & standards consolidation
- Engagement strategy
- Next phases:
- Phase 3: Operationalization
- Phase 4: Amplification
Workstream Updates
Foundations (AI BOM 101)
- Table of contents and author assignments finalized
- First draft deadline: April 28
- Next steps:
- Cross-review between authors
- Standardize language and structure
- Improve readability and formatting
- Proposal: Weekly 30-min sync (Mon/Wed)
Policy
- Weekly cadence established: Thursdays 9 AM EST
- Ongoing development of policy frameworks and alignment
Threat Intelligence
- Defined structure for threats and subcategories
- Work paused temporarily, resuming by end of April
- Future focus:
- Vulnerability mapping (CVE alignment)
- Dependency on Foundations output
Content & Marketing
- Activities:
- Blogs, LinkedIn posts, visuals
- Event-based promotion (OWASP LA, local meetups)
- New contributors joining (design + content support)
- Need identified:
- Content pipeline / roadmap
- Monthly visibility to broader group
Collaboration & Alliances
- University partnerships progressing
- Expect new academic participants in upcoming calls
- Continued expansion of ecosystem partnerships
Tooling & Community Input
- Call to action:
- Submit AI BOM tools (builders, users, contributors)
- Goal:
- Create a centralized AI BOM tools index
- Provide a “ready reckoner” for practitioners
AI BOM 101 Timeline
- Draft sections: next 2 weeks
- Full draft cycles: ~6 weeks total
- Includes:
- Writing
- Review cycles
- Editing and formatting
Key Discussions
- Need for content visibility (LinkedIn/blogs) even before final outputs
- Importance of structured engagement strategy and pipeline
- Clarification on how workstreams integrate into a unified output
- Consideration of global regulations (EU, India, NIST) as inputs to AI BOM
Action Items
Content & Engagement
- Build and share content pipeline (blogs, visuals, posts)
- Increase LinkedIn visibility for ongoing work
- Coordinate content contributors (design + messaging)
Foundations
- Complete first draft sections by April 28
- Participate in weekly sync calls
- Begin cross-review process
Tooling
- Submit tools to AI BOM index
- Share within networks to increase contributions
Collaboration
- Continue university outreach
- Onboard new contributors and researchers
Sponsorship
- Support onboarding of new sponsors
- Share sponsorship deck with potential partners
Closing Notes
- Strong progress across sponsorships, content, and collaboration
- Transition clearly underway from planning → execution
- Next milestone: AI BOM 101 first draft completion
- Continued emphasis on scaling awareness and participation
