Big Cranium Logo White.png
TrainingHelp Center
Find the insights and best practices about our product.
General
FAQs
System & Network Requirements
Getting Started
My AI Dashboard Overview
Release Notes
2026.4.2 Release Notes
2026.4.1 Release Notes
2026.3.1 Release Notes
2026.2.2 Release Notes
2026.2.1 Release Notes
2026.1.1 Release Notes
2025.12.1 Release Notes
2025.11.1 Release Notes
2025.10.3 Release Notes
2025.10.1 Release Notes
2025.9.1 Release Notes
2025.8.1 Release Notes
2025.7.1 Release Notes
2025.4.1 Release Notes
2025.3.1 Release Notes
2025.1.1 Release Notes
2024.12.1 Release Notes
AI Manager
My AI Systems
My AI Systems Overview
AI System Details Overview
Adding a New AI System
Self-Attesting to a Compliance Framework
Compliance Scoring
Compliance Agent [Beta]
My AI Supply Chain
Supply Chain Overview
Managing Outgoing AI Card Requests
Responding to an AI Card Request
Publishing an AI Card Without a Request
My Vendors Overview
Artifacts
Bill of Materials
Bill of Materials Overview
Creating a Bill of Materials with CodeSensor
Self-Attest to a Bill of Materials
AgentSensor Overview
Technology Search Overview
Document Library
Document Library Overview
Vulnerability Management
Arena Shield
Arena Shield Overview
Shield YAML Implementation Guide
Arena
AI Arena Overview
Vulnerability Assessment
Vulnerability Management
Vulnerability Assessment Overview
Accessing a Vulnerability Assessment
Adversarial Inputs Detector
Vulnerabilities Overview
Settings
User Manager Overview
Detect AI
Integrations
Accessing a Private VCS
Registering SSH for CodeSensor
Integrating Bitbucket with Cranium
Integrating GitHub with Cranium
Integrating GitLab with Cranium
Integrating Azure DevOps with Cranium
Continuous Monitoring Overview
VCS Service Rate Limits
CloudSensor
CloudSensor Overview
Public API
Public API Overview
Authentication & Generating Credentials
Pagination & Incremental Sync
Rate Limits & Error Handling
Endpoint Reference
Bills of Materials
Technology Vulnerabilities
Arena Models
Arena Model Vulnerabilities
Home
Vulnerability Manage...
Vulnerability Assess...
Accessing a Vulnerab...
Accessing a Vulnerability Assessment

Introduction

A Vulnerability Assessment helps identify and address weaknesses within an AI System. This process is tied to the Cranium platform's Bill of Materials (BOM) and AI Arena, leveraging detailed component inventories and model penetration tests to uncover potential risks. The platform generates insights into known vulnerabilities and weaknesses by examining the software, dependencies, and configurations listed in the BOM, helping organizations proactively mitigate threats. This guide will walk you through accessing a Vulnerability Assessment from the Bill of Materials and the AI System Manager pages.

Access via Bill of Materials

Navigate to the Bill of Materials List

To access a Vulnerability Assessment, start by navigating to the Bill of Materials List. In the navigation drawer, click the Artifacts section, then select Bill of Materials.

Access the Vulnerability Assessment

The Cranium platform automatically conducts a Vulnerability Assessment once a Bill of Materials is generated. In the Bill of Materials List, either create a new Bill of Materials or locate an existing Bill of Materials that you want to assess. Once located, take note of the BOM name. Next, navigate to the Vulnerability Assessment Tab. The vulnerabilities list is empty when you first visit the Vulnerability Assessment tab. Use the Artifact dropdown to select a Bill of Materials by name. Once selected, the BOM's Vulnerability Assessment and associated metadata will populate the Vulnerabilities List. Use the Models, Technologies, and Other Vulnerabilities tabs to view each category's discovered vulnerabilities and weaknesses.

Access via AI System Manager

Navigate to the AI System for Assessment

To access a Vulnerability Assessment, start by navigating to the AI System you want to assess. In the navigation drawer, click the AI Manager section, then select My AI Systems. Locate the AI System for assessment and click the View Details button.

Access the Vulnerability Assessment

The Cranium platform automatically conducts a Vulnerability Assessment once a Bill of Materials is generated. In the Artifacts Overview, either add a Bill of Materials as an artifact or locate an existing Bill of Materials you want to assess. Once located, take note of the BOM name. Next, navigate to the Vulnerability Assessment Tab. If you have more than one BOM attached to the AI System, the vulnerabilities list will be empty when you first visit the Vulnerability Assessment tab. Use the Artifact dropdown to select a Bill of Materials by name. Once selected, The BOM's Vulnerability Assessment and associated metadata will populate the Vulnerabilities List. Use the Models, Technologies, and Other Vulnerabilities tabs to view each category's discovered vulnerabilities and weaknesses.

Did this answer your question?
Related Articles
AI Arena Overview
AI System Details Overview
Bill of Materials Overview
Creating a Bill of Materials with CodeSensor
My AI Systems Overview
Vulnerability Assessment Overview
Arena Shield Overview