Hex: AI/ML Model Security Scanner by Layerd AI

Hex is a free, source-available, enterprise-grade security scanner for AI and machine learning models. Version 4.0.1 adds proper ML-BOM support, context-aware scanner gating, and a 99%+ false-positive reduction on clean pre-trained model scans while keeping all 30 specialised security scanner modules available.

Key Capabilities

  • v4.0.1 with 30 scanner modules and context-aware scanner gating
  • Supply chain security with real-time CVE feeds and CVSS v3.1 scoring
  • Proper ML-BOM generation: CycloneDX 1.5, SPDX 2.3, and CycloneDX-VEX companion output
  • Backdoor and model poisoning detection for neural networks and classical models
  • LLM security analysis covering prompt injection and jailbreak resistance
  • RAG security: knowledge base poisoning and retrieval manipulation detection
  • Federated learning security and differential privacy verification
  • Adversarial robustness testing against FGSM, PGD, CW, and AutoAttack
  • Supports 15+ ML model formats: .pkl, .safetensors, .onnx, .pt, .h5, and more
  • CI/CD ready with JSON, SARIF, XML, CycloneDX, SPDX, and VEX output formats

Compliance Standards

Hex helps AI/ML teams meet the following regulatory and industry compliance requirements:

  • OWASP AI Top 10 — complete coverage
  • EU AI Act — conformity assessment support
  • NIST AI Risk Management Framework (AI RMF)
  • SOC2 AI security controls
  • GDPR and CCPA data governance requirements

Get Started in Seconds

Hex runs entirely via Docker — no installation required beyond the container runtime:

docker run --rm -v $(pwd):/scan:ro layerd/hex:4.0.1 /scan --clear

Hex produces a full security report including a security score, vulnerability details, SBOM, and compliance mapping. The report can be exported as JSON, SARIF, or XML for integration with GitHub Actions, GitLab CI, Jenkins, and other CI/CD pipelines.

What's New in v4.0.1

Version 4.0.1 is a quality and correctness release focused on real-world pre-trained model scanning:

  • Proper ML-BOM generation with CycloneDX 1.5, SPDX 2.3, purl linkage, and CycloneDX-VEX output
  • 99.3% false-positive reduction on clean HuggingFace GPT-2 style pre-trained scans
  • Context-aware scanner gating that skips non-applicable modules on pre-trained models
  • New --all-scanners flag to bypass gating and force all 30 scanners to run
  • Parallel SHA-256 hashing, configurable hash ceilings, and Git-LFS provenance extraction
  • Poisoning scanner crash fix, tighter data-file detection, and improved PII validation

Architecture

Hex is built on a modular scanner architecture. Each scanner is an independent module that analyses a specific attack surface. Scanners run in parallel inside the Docker container, producing results in under 60 seconds for most models. The platform integrates with Hugging Face Hub, Docker registries, and local model repositories.

Licence

Hex is distributed under the Apache License, Version 2.0, subject to the Commons Clause License Condition v1.0. The Commons Clause restricts selling the Software or services substantially derived from it. Copyright 2026 Layerd AI. The source code is available on GitHub. Contributions and bug reports are welcome.

About Layerd AI

Layerd AI builds security and governance tools for AI/ML teams. Hex is our flagship source-available product, trusted by security engineers and ML platform teams to identify risks before models reach production.