Hex: AI/ML Model Security Scanner by Layerd AI

Hex is a free, open-source, enterprise-grade security scanner for AI and machine learning models. Version 3.0.0 ships with 30 specialised security scanners that detect supply chain attacks, backdoors, adversarial vulnerabilities, model poisoning, RAG security threats, federated learning risks, and compliance violations — all in a single Docker command.

Key Capabilities

  • 30 security scanners — 18 new advanced AI/ML modules introduced in v3.0.0
  • Supply chain security with real-time CVE feeds and CVSS v3.1 scoring
  • Multi-format SBOM generation: CycloneDX and SPDX 2.3 with AI/ML metadata
  • Backdoor and model poisoning detection for neural networks and classical models
  • LLM security analysis covering prompt injection and jailbreak resistance
  • RAG security: knowledge base poisoning and retrieval manipulation detection
  • Federated learning security and differential privacy verification
  • Adversarial robustness testing against FGSM, PGD, CW, and AutoAttack
  • Supports 15+ ML model formats: .pkl, .safetensors, .onnx, .pt, .h5, and more
  • CI/CD ready with JSON, SARIF, and XML output formats

Compliance Standards

Hex helps AI/ML teams meet the following regulatory and industry compliance requirements:

  • OWASP AI Top 10 — complete coverage
  • EU AI Act — conformity assessment support
  • NIST AI Risk Management Framework (AI RMF)
  • SOC2 AI security controls
  • GDPR and CCPA data governance requirements

Get Started in Seconds

Hex runs entirely via Docker — no installation required beyond the container runtime:

docker run layerd/hex scan --path ./models --output sarif

Hex produces a full security report including a security score, vulnerability details, SBOM, and compliance mapping. The report can be exported as JSON, SARIF, or XML for integration with GitHub Actions, GitLab CI, Jenkins, and other CI/CD pipelines.

What's New in v3.0.0

Version 3.0.0 is the largest release to date, adding 18 new security modules:

  • Model Poisoning Detection — identifies compromised training pipelines
  • Federated Learning Security — detects Byzantine attacks and gradient poisoning
  • RAG Security Scanner — prevents knowledge base and retrieval manipulation attacks
  • Regulatory Compliance Engine — automated EU AI Act and NIST AI RMF mapping
  • Differential Privacy Auditor — verifies epsilon/delta privacy guarantees
  • Enhanced LLM Security — extended prompt injection and jailbreak detection

Architecture

Hex is built on a modular scanner architecture. Each scanner is an independent module that analyses a specific attack surface. Scanners run in parallel inside the Docker container, producing results in under 60 seconds for most models. The platform integrates with Hugging Face Hub, Docker registries, and local model repositories.

Licence

Hex is distributed under the Apache License, Version 2.0, subject to the Commons Clause License Condition v1.0. The Commons Clause restricts selling the Software or services substantially derived from it. Copyright 2026 Layerd AI. The source code is available on GitHub. Contributions and bug reports are welcome.

About Layerd AI

Layerd AI builds security and governance tools for AI/ML teams. Hex is our flagship open-source product, trusted by security engineers and ML platform teams to identify risks before models reach production.