MLOps.community

MLSecOps is Fundamental to Robust AISPM // Sean Morgan // #257

Aug 30, 2024

Sean Morgan, Chief Architect at Protect AI and a pivotal figure in the TensorFlow Addons community, shares insights on the crucial role of MLSecOps in AI Security. He discusses the need for proactive security integration in MLOps compared to traditional DevOps, emphasizing vulnerabilities in AI models. Sean highlights the challenges of managing model artifacts, securing open-source AI frameworks, and adopting a zero-trust strategy. He also calls for collaborative efforts within the MLSecOps community to enhance overall machine learning security.

42:35

Creator website

Episode guests

Sean Morgan

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Integrating security practices into the AIML lifecycle is vital to protecting against vulnerabilities that could otherwise emerge in hastily developed models.

Establishing a security-first culture within MLOps teams enhances innovation while ensuring that security measures are seamlessly integrated into the development process.

Deep dives

The Importance of Security in MLOps

Security is often overlooked in the MLOps community compared to the more established practices seen in DevOps. The rapid pace of innovation in machine learning can lead teams to prioritize speed over security, ultimately leading to vulnerabilities that could have been addressed from the start. Integrating security measures at every phase of model development is crucial to ensure that it doesn’t get added as an afterthought before deployment. Emphasizing a proactive approach to security helps alleviate the risks associated with hastily developed models.

Intro

3min

Securing MLOps: Balancing Innovation and Safety

20min

Addressing Challenges in Model Artifacts and Vulnerability Scanning

3min

Building a Security-First Community in MLSecOps

2min

Securing Open Source AI Frameworks

10min

The Importance of Zero Trust and Clear Ownership in Security Protocols

2min

Prioritizing Security in Machine Learning Operations

2min

Sean Morgan is an active open-source contributor and maintainer and is the special interest group lead for TensorFlow Addons. Learn more about the platform for end-to-end AI Security at https://protectai.com/. MLSecOps is Fundamental to Robust AI Security Posture Management (AISPM) // MLOps Podcast #257 with Sean Morgan, Chief Architect at Protect AI. // Abstract MLSecOps, which is the practice of integrating security practices into the AIML lifecycle (think infusing MLOps with DevSecOps practices), is a critical part of any team’s AI Security Posture Management. In this talk, we’ll discuss how to threat model realistic AIML security risks, how you can measure your organization’s AI Security Posture, and most importantly how you can improve that security posture through the use of MLSecOps. // Bio Sean Morgan is the Chief Architect at Protect AI. In prior roles he's led production AIML deployments in the semiconductor industry, evaluated adversarial machine learning defenses for DARPA research programs, and most recently scaled customers on interactive machine learning solutions at AWS. In his free time, Sean is an active open-source contributor and maintainer, and is the special interest group lead for TensorFlow Addons. // MLOps Jobs board https://mlops.pallet.xyz/jobs // MLOps Swag/Merch https://mlops-community.myshopify.com/ // Related Links Sean's GitHub: https://github.com/seanpmorgan MLSecOps Community: https://community.mlsecops.com/ --------------- ✌️Connect With Us ✌️ ------------- Join our slack community: https://go.mlops.community/slack Follow us on Twitter: @mlopscommunity Sign up for the next meetup: https://go.mlops.community/register Catch all episodes, blogs, newsletters, and more: https://mlops.community/ Connect with Demetrios on LinkedIn: https://www.linkedin.com/in/dpbrinkm/ Connect with Sean on LinkedIn: https://www.linkedin.com/in/seanmorgan/ Timestamps: [00:00] Sean's preferred coffee [00:10] Takeaways [01:39] Register for the Data Engineering for AI/ML Conference now! [02:21] KubeCon Paris: Emphasis on security and AI [05:00] Concern about malicious data during training process [09:29] Model builders, security, pulling foundational models, nuances [12:13] Hugging Face research on security issues [15:00] Inference servers exposed; potential for attack [19:45] Balancing ML and security processes for ease [23:23] Model artifact security in enterprise machine learning [25:04] Scanning models and datasets for vulnerabilities [29:23] Ray's user interface vulnerabilities lead to attacks [32:07] ML Flow vulnerabilities present significant server risks [36:04] Data ops essential for machine learning security [37:32] Prioritized security in model and data deployment [40:46] Automated scanning tool for improved antivirus protection [42:00] Wrap up

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

MLOps.community

MLSecOps is Fundamental to Robust AISPM // Sean Morgan // #257

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

The Importance of Security in MLOps

Challenges with Data and Supply Chain Vulnerabilities

Addressing Model Vulnerabilities and Threats

Creating a Security-First Culture in MLOps

Remember Everything You Learn from Podcasts