This project is dedicated to curating a comprehensive list of resources, tools, and best practices at the intersection of Machine Learning Security Operations (MLSecOps), and Development Security Operations (DevSecOps). Our goal is to provide a centralized hub for professionals, researchers, and enthusiasts who are passionate about integrating security into the development and deployment of machine learning systems.
MLSecOps is an emerging field that focuses on the secure and efficient operation of machine learning models in production environments. It combines the principles of DevSecOps with the unique challenges of machine learning, emphasizing the importance of security, privacy, and compliance throughout the ML lifecycle.
DevSecOps extends the traditional DevOps framework by incorporating security practices into the entire software development process. It aims to automate security checks and integrate them seamlessly into the CI/CD pipeline, ensuring that security is a fundamental part of the development workflow.
In this repository, you will find:
- Resources: Articles, papers, and tutorials on MLSecOps and DevSecOps.
- Tools: A curated list of open-source tools for securing ML models and development pipelines.
- Best Practices: Guidelines and methodologies for implementing security measures in ML projects.
- Case Studies: Real-world examples of successful MLSecOps and DevSecOps implementations.
- Community: Links to forums, conferences, and groups where you can connect with others interested in these fields.
Article anlysis this DSO pipeline 👉 DevSecOps: A journey to protect your applications
Article anlysis this MLO pipeline 👉 MLSECOPS: Secure your Large Language Model (LLM) applications
- How MLSecOps Can Reshape AI Security
- MLSecOps Explained: Building Security Into ML & AI
- The Comprehensive Evolution Of DevSecOps In Modern Software Ecosystems
- Deploying a Netflix Clone on EKS Using a DevSecOps Pipeline
- DevSecOps (DevOps) Project: Deploying a Petshop Java-Based Application with CI/CD, Docker, and Kubernetes
| Title | Abstract |
|---|---|
| Integrating MLSecOps in the Biotechnology Industry 5.0 | Biotechnology Industry 5.0 is advancing with the integration of cutting-edge technologies like Machine Learning (ML), the Internet Of Things (IoT), and cloud computing. It is no surprise that an industry that utilizes data from customers and can alter their lives is a target of a variety of attacks. This chapter provides a perspective of how Machine Learning Security Operations (MLSecOps) can help secure the biotechnology Industry 5.0. The chapter provides an analysis of the threats in the biotechnology Industry 5.0 and how ML algorithms can help secure with industry best practices. This chapter explores the scope of MLSecOps in the biotechnology Industry 5.0, highlighting how crucial it is to comply with current regulatory frameworks. With biotechnology Industry 5.0 developing innovative solutions in healthcare, supply chain management, biomanufacturing, pharmaceuticals sectors, and more, the chapter also discusses the MLSecOps best practices that industry and enterprises should follow while also considering ethical responsibilities. Overall, the chapter provides a discussion of how to integrate MLSecOps into the design, deployment, and regulation of the processes in biotechnology Industry 5.0. |
| Security Risks and Best Practices of MLOps: A Multivocal Literature Review | MLOps and tools are designed to streamline the deployment practices and maintenance of production grade ML-enabled systems. As with any software workflow and component, they are susceptible to various security threats. In this paper, we present a Multivocal Literature Review (MLR) aimed at gauging current knowledge of the risks associated with the implementation of MLOps processes and the best practices recommended for their mitigation. By analyzing a varied range of sources of academic papers and non-peer-reviewed technical articles, we synthesize 15 risks and 27 related best practices, which we categorize into 8 themes. We find that while some of the risks are known security threats that can be mitigated through well-established cybersecurity best practices, others represent MLOps-specific risks, mostly related to the management of data and models. |
| Backdoor Attacks to Deep Neural Networks: A Survey of the Literature, Challenges, and Future Research Directions | Deep neural network (DNN) classifiers are potent instruments that can be used in various security-sensitive applications. Still, they are dangerous to certain attacks that impede or distort their learning process. For example, backdoor attacks involve polluting the DNN learning set with a few samples from one or more source classes, which are then labeled as target classes by an attacker. Even if the DNN is trained on clean samples with no backdoors, this attack will still be successful if a backdoor pattern exists in the training data. Backdoor attacks are difficult to spot and can be used to make the DNN behave maliciously, depending on the target selected by the attacker. In this study, we survey the literature and highlight the latest advances in backdoor attack strategies and defense mechanisms. We finalize the discussion on challenges and open issues, as well as future research opportunities. |
| The emergence and importance of DevSecOps: Integrating and reviewing security practices within the DevOps pipeline | The emergence of DevSecOps marks a significant paradigm shift in software development, focusing on integrating security practices seamlessly into the DevOps pipeline. This paper explores the evolution, principles, and importance of DevSecOps in contemporary software engineering. DevSecOps arises from the recognition that traditional security measures often lag behind the rapid pace of DevOps development cycles, leading to vulnerabilities and breaches. By integrating security early and continuously throughout the software development lifecycle, DevSecOps aims to proactively identify and mitigate risks without impeding the agility and speed of DevOps practices. This paper delves into the core principles of DevSecOps, emphasizing automation, collaboration, and cultural transformation. Automation streamlines security processes, enabling the automated testing and validation of code for vulnerabilities. Collaboration fosters communication and shared responsibility among developers, operations, and security teams, breaking down silos and promoting a collective approach to security. Cultural transformation involves cultivating a security-first mindset across the organization, where security is not an afterthought but an inherent part of the development process. The importance of DevSecOps cannot be overstated in today's digital landscape, where cyber threats are omnipresent and the cost of security breaches is staggering. By integrating security into every stage of the DevOps pipeline, organizations can enhance their resilience to cyber attacks, comply with regulatory requirements, and build trust with customers. DevSecOps represents a holistic approach to software development that prioritizes security without compromising speed or innovation. Embracing DevSecOps principles is imperative for organizations seeking to stay ahead in an increasingly complex and hostile digital environment. |
- MLSecOps with Automated Online and Offline ML Model Evaluations on Kubernetes
- "What is MLSecOps?" Building security into MLOps workflows by leveraging DevSecOps principles.
- DevSecOps Tutorial for Beginners | CI Pipeline with GitHub Actions and Docker Scout
- DevSecOps Pipeline Project: Deploy Netflix Clone on Kubernetes
- DevSecOps with Jenkins | Boost Your CICD Pipeline Security !!
| Pipeline | Stages | Tool | Description |
|---|---|---|---|
| MLSecOps | Stage 1 | Pre-Commit Hook Scans | A framework for managing and maintaining multi-language pre-commit hooks. |
| Trivy Vulnerability Scanner | Comprehensive vulnerability scanner for containers and other artifacts. | ||
| Trunk Check | Automated Code Quality for Teams: universal formatting, linting, static analysis, and security. | ||
| Stage 2 | AWS S3 bucket | A bucket is a container for objects stored in Amazon S3. | |
| Nexus Repository | Sonatype Nexus Repository | ||
| Stage 3 | Gitleak | Secret scanner for git repositories, files, and directories. | |
| Sonarqube | Open-source platform for continuous inspection of code quality. | ||
| Trivy | Comprehensive vulnerability scanner for containers and other artifacts. | ||
| Horusec | Tool to perform static code analysis to identify security flaws. | ||
| OWASP Dependency-Check | Tool that identifies project dependencies and checks for known vulnerabilities. | ||
| NB Defense | Security tool for Jupyter notebooks, scanning for vulnerabilities and risks. | ||
| Compliance check | PIC/DSS, ISO/IEC 27001, NIST 800-53B, ... | ||
| compliance-checker | Python tool to check your datasets against compliance standards | ||
| Stage 4 | Quality Gate | Define a rule/ policy for test result. | |
| Stage 5 | EarlyStopping | Stop training when a monitored metric has stopped improving. | |
| KFold | K-Fold cross-validator. | ||
| Stage 6 | EarlyStopping | Metrics and scoring: quantifying the quality of predictions. | |
| Stage 7 | modelscan | Protection Against ML Model Serialization Attacks. | |
| Vigil | LLM prompt injection and security scanner. | ||
| Garak | LLM vulnerability scanner. | ||
| Stage 8 | Quality Gate | Define a rule/ policy for test result. | |
| Stage 9 | OpenPubKey | OpenPubkey is a protocol for leveraging OpenID Providers (OPs) to bind identities to public keys. | |
| Stage 10 | AWS S3 bucket | A bucket is a container for objects stored in Amazon S3. | |
| Nexus Repository | Sonatype Nexus Repository | ||
| DevSecOps | Stage 1 | Pre-Commit Hook Scans | A framework for managing and maintaining multi-language pre-commit hooks. |
| Trivy Vulnerability Scanner | Comprehensive vulnerability scanner for containers and other artifacts. | ||
| Trunk Check | Automated Code Quality for Teams: universal formatting, linting, static analysis, and security. | ||
| Stage 2 | AWS S3 bucket | A bucket is a container for objects stored in Amazon S3. | |
| Nexus Repository | Sonatype Nexus Repository | ||
| Stage 3 | Gitleak | Secret scanner for git repositories, files, and directories. | |
| Sonarqube | Open-source platform for continuous inspection of code quality. | ||
| Trivy | Comprehensive vulnerability scanner for containers and other artifacts. | ||
| Horusec | Tool to perform static code analysis to identify security flaws. | ||
| OWASP Dependency-Check | Tool that identifies project dependencies and checks for known vulnerabilities. | ||
| Checkov | Checkov scans cloud infrastructure configurations to find misconfigurations. | ||
| TFlint | A Pluggable Terraform Linter. | ||
| terraform-compliance | terraform-compliance is a lightweight, security and compliance focused test framework against terraform to enable negative testing capability for your infrastructure-as-code. | ||
| tfsec | tfsec uses static analysis of your terraform code to spot potential misconfigurations. | ||
| OpenPubKey | OpenPubkey is a protocol for leveraging OpenID Providers (OPs) to bind identities to public keys. | ||
| Stage 4 | Quality Gate | Define a rule/ policy for test result. | |
| Stage 5 | Build image | Docker buildx build. | |
| Stage 6 | Synk | Snyk Container helps you find and fix vulnerabilities in container images, based on container registry scans. | |
| Docker Scount | Scan docker image. | ||
| Burp Suite | The class-leading vulnerability scanning, penetration testing, and web app security platform. | ||
| Acunetix | Acunetix is an end-to-end web security scanner. | ||
| OWASP ZAP | ZAP is a free and open source web application scanner that can help you find vulnerabilities and test your web applications. | ||
| Stage 7 | Quality Gate | Define a rule/ policy for test result. | |
| Stage 8 | OpenPubKey | OpenPubkey is a protocol for leveraging OpenID Providers (OPs) to bind identities to public keys. | |
| Docker content trust key | Trust for an image tag is managed through the use of signing keys. | ||
| Stage 9 | AWS S3 bucket | A bucket is a container for objects stored in Amazon S3. | |
| Nexus Repository | Sonatype Nexus Repository | ||
| Stage 10 | Nessus | Nessus Vulnerability Scanner. | |
| Nmap | Security Scanner, Port Scanner, & Network Exploration Tool. | ||
| OpenPubKey | OpenPubkey is a protocol for leveraging OpenID Providers (OPs) to bind identities to public keys. | ||
| Docker content trust key | Trust for an image tag is managed through the use of signing keys. | ||
| Compliance check | PIC/DSS, ISO/IEC 27001, NIST 800-53B, ... | ||
| OpenSCAP | OpenSCAP is an open source project that provides tools and policies for managing system security and standards compliance | ||
| Stage 11 | Quality Gate | N/A | |
| Stage 12 | gemini-self-protector | Gemini - Runtime Application Self Protection Solution (G-SP). | |
| Monitoring | All stage | Slack webhook | Sending messages using incoming webhooks. |
| Telegram Bot | Telegram Bot API. | ||
| Deject Dojo | Application vulnerability management tool. | ||
| ELK stack | Elasticsearch, Logstash and Kibana. | ||
| PagerDuty | Automate, manage, and improve your operations with over 700 integrations and generative AI. | ||
| Prometheus | Power your metrics and alerting with the leading open-source monitoring solution. | ||
| Grafana | Grafana is the open source analytics & monitoring solution for every database. | ||
| Key Management | All stage have use key or credential | HashiCorp Vault | Manage access to secrets and stop credentials from falling into the wrong hands with identity-based security. |
| AWS Key Management Service | Create and control keys used to encrypt or digitally sign your data. | ||
| AWS Secrets Manager | Centrally manage the lifecycle of secrets. |
- OWASP LLMSVS
- OWASP Top 10 for Large Language Model Applications
- OWASP Machine Learning Security Top Ten
- MITRE ATLAS™ (Adversarial Threat Landscape for Artificial-Intelligence Systems)
- OWASP DevSecOps
- OWASP Devsecops Maturity Model
- OWASP DevSecOps Guideline
- DevSecOps-Playbook-Securestack
- DevSecOps-Department of Defense (DoD)
- Automating Application Security to Protect Corporate Data Assets at the Speed of Business
- Enhancing the GuardRails solution
- DevOps in Action: Real-world Case Studies
- Large scale transformation with DevSecOps
We welcome contributions from the community to help us expand and improve this repository. If you have suggestions, tools, or resources that you believe should be included, please feel free to submit a pull request or open an issue.
Thank you for visiting our repository. We hope you find it a valuable resource in your journey towards secure and effective machine learning operations.