[wolftickets]

[I work at Protect AI] You're spot on for data being the jugular, interestingly with exploits like this as an attacker you could quickly go for attacking model content but also have credentials that would grant you access to data in many cases.

These tools can serve as the first opening but a sizable one when looking to attack an enterprise more broadly.

[gumballindie]

Indeed. I am thinking that one way to protect data and ensure its integrity is to somehow use agents trained on trusted sources to validate that the content is secure? For instance to detect “injections” of malicious or ill written code. Same for other types of content, but difficult.

Suppose someone magically creates thousands of repositories that write about a specific way of doing c pointers but all allow for buffer overflows, or sql queries with subtle ways to inject strings.

One way to defend is each data source that goes into training is to have an ai agent asses the input sources.

But even so it’s extremely difficult to catch convoluted attacks (ie when an exploit can be made upon meeting certain criteria).

Until then i’d consider any code written by an ai and unsupervised by a competent person as potentially tainted.

[swyx]

> Protect AI is the first company focused on the security of AI and ML Systems creating a new category we call MLSecOps.

alright i looked you up, congrats on your fundraising. is there like an OWASP top 10 vuln list for MLSecOps? does it differ between traditional ML apps and LLM apps?

[byt3bl33d3r]

(I work for ProtectAI) There isn't an OWASP top 10 for MLSecOps at the moment. There is a general OWASP top 10 for Machine Learning [1] and MITRE ATLAS [2] however.

[1] https://owasp.org/www-project-machine-learning-security-top-... [2] https://atlas.mitre.org/