Snyk: AI Agents Don't Ask Permission: Building an AI-BOM for Visibility & Control

Traditional AppSec approaches can’t always see the real risks hiding inside AI-native apps, from prompt injection to data leakage and hidden agent behavior.

In this hands-on technical session, learn how to discover, assess and govern your AI assets with AI-BOM, MCP Scan, and other free-to-use tools from Snyk Labs.

You’ll learn how to:

• Automatically map models, dependencies, datasets and MCP tooling to generate an AI-BOM with Evo by Snyk
• Run MCP Scans and AI Red Teaming to uncover AI risks before they hit production
• Run these tools from the CLI with the exact commands to reproduce everything on your own

You'll see live demos of how to start scanning, generate actionable evidence, and feed results back into developer workflows.