Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
mlsecops-devsecops-awesome
A repository for MLSecOps and DevSecOps research and more!
https://github.com/noobpk/mlsecops-devsecops-awesome
Last synced: 2 days ago
JSON representation
-
Repository Overview
-
π₯ MLSecOps Pipeline
-
π₯ DevSecOps Pipeline
-
-
Resources
-
Articles
- How MLSecOps Can Reshape AI Security
- MLSecOps Explained: Building Security Into ML & AI
- The Comprehensive Evolution Of DevSecOps In Modern Software Ecosystems
- DevSecOps (DevOps) Project: Deploying a Petshop Java-Based Application with CI/CD, Docker, and Kubernetes
- Deploying a Netflix Clone on EKS Using a DevSecOps Pipeline
- How MLSecOps Can Reshape AI Security
- MLSecOps Explained: Building Security Into ML & AI
- The Comprehensive Evolution Of DevSecOps In Modern Software Ecosystems
- Deploying a Netflix Clone on EKS Using a DevSecOps Pipeline
- DevSecOps (DevOps) Project: Deploying a Petshop Java-Based Application with CI/CD, Docker, and Kubernetes
-
Cousers
-
Papers
- Integrating MLSecOps in the Biotechnology Industry 5.0 - edge technologies like Machine Learning (ML), the Internet Of Things (IoT), and cloud computing. It is no surprise that an industry that utilizes data from customers and can alter their lives is a target of a variety of attacks. This chapter provides a perspective of how Machine Learning Security Operations (MLSecOps) can help secure the biotechnology Industry 5.0. The chapter provides an analysis of the threats in the biotechnology Industry 5.0 and how ML algorithms can help secure with industry best practices. This chapter explores the scope of MLSecOps in the biotechnology Industry 5.0, highlighting how crucial it is to comply with current regulatory frameworks. With biotechnology Industry 5.0 developing innovative solutions in healthcare, supply chain management, biomanufacturing, pharmaceuticals sectors, and more, the chapter also discusses the MLSecOps best practices that industry and enterprises should follow while also considering ethical responsibilities. Overall, the chapter provides a discussion of how to integrate MLSecOps into the design, deployment, and regulation of the processes in biotechnology Industry 5.0. |
- Integrating MLSecOps in the Biotechnology Industry 5.0 - edge technologies like Machine Learning (ML), the Internet Of Things (IoT), and cloud computing. It is no surprise that an industry that utilizes data from customers and can alter their lives is a target of a variety of attacks. This chapter provides a perspective of how Machine Learning Security Operations (MLSecOps) can help secure the biotechnology Industry 5.0. The chapter provides an analysis of the threats in the biotechnology Industry 5.0 and how ML algorithms can help secure with industry best practices. This chapter explores the scope of MLSecOps in the biotechnology Industry 5.0, highlighting how crucial it is to comply with current regulatory frameworks. With biotechnology Industry 5.0 developing innovative solutions in healthcare, supply chain management, biomanufacturing, pharmaceuticals sectors, and more, the chapter also discusses the MLSecOps best practices that industry and enterprises should follow while also considering ethical responsibilities. Overall, the chapter provides a discussion of how to integrate MLSecOps into the design, deployment, and regulation of the processes in biotechnology Industry 5.0. |
- Security Risks and Best Practices of MLOps: A Multivocal Literature Review - enabled systems. As with any software workflow and component, they are susceptible to various security threats. In this paper, we present a Multivocal Literature Review (MLR) aimed at gauging current knowledge of the risks associated with the implementation of MLOps processes and the best practices recommended for their mitigation. By analyzing a varied range of sources of academic papers and non-peer-reviewed technical articles, we synthesize 15 risks and 27 related best practices, which we categorize into 8 themes. We find that while some of the risks are known security threats that can be mitigated through well-established cybersecurity best practices, others represent MLOps-specific risks, mostly related to the management of data and models. |
- Security Risks and Best Practices of MLOps: A Multivocal Literature Review - enabled systems. As with any software workflow and component, they are susceptible to various security threats. In this paper, we present a Multivocal Literature Review (MLR) aimed at gauging current knowledge of the risks associated with the implementation of MLOps processes and the best practices recommended for their mitigation. By analyzing a varied range of sources of academic papers and non-peer-reviewed technical articles, we synthesize 15 risks and 27 related best practices, which we categorize into 8 themes. We find that while some of the risks are known security threats that can be mitigated through well-established cybersecurity best practices, others represent MLOps-specific risks, mostly related to the management of data and models. |
- Backdoor Attacks to Deep Neural Networks: A Survey of the Literature, Challenges, and Future Research Directions - sensitive applications. Still, they are dangerous to certain attacks that impede or distort their learning process. For example, backdoor attacks involve polluting the DNN learning set with a few samples from one or more source classes, which are then labeled as target classes by an attacker. Even if the DNN is trained on clean samples with no backdoors, this attack will still be successful if a backdoor pattern exists in the training data. Backdoor attacks are difficult to spot and can be used to make the DNN behave maliciously, depending on the target selected by the attacker. In this study, we survey the literature and highlight the latest advances in backdoor attack strategies and defense mechanisms. We finalize the discussion on challenges and open issues, as well as future research opportunities. |
- The emergence and importance of DevSecOps: Integrating and reviewing security practices within the DevOps pipeline - first mindset across the organization, where security is not an afterthought but an inherent part of the development process. The importance of DevSecOps cannot be overstated in today's digital landscape, where cyber threats are omnipresent and the cost of security breaches is staggering. By integrating security into every stage of the DevOps pipeline, organizations can enhance their resilience to cyber attacks, comply with regulatory requirements, and build trust with customers. DevSecOps represents a holistic approach to software development that prioritizes security without compromising speed or innovation. Embracing DevSecOps principles is imperative for organizations seeking to stay ahead in an increasingly complex and hostile digital environment. |
- Backdoor Attacks to Deep Neural Networks: A Survey of the Literature, Challenges, and Future Research Directions - sensitive applications. Still, they are dangerous to certain attacks that impede or distort their learning process. For example, backdoor attacks involve polluting the DNN learning set with a few samples from one or more source classes, which are then labeled as target classes by an attacker. Even if the DNN is trained on clean samples with no backdoors, this attack will still be successful if a backdoor pattern exists in the training data. Backdoor attacks are difficult to spot and can be used to make the DNN behave maliciously, depending on the target selected by the attacker. In this study, we survey the literature and highlight the latest advances in backdoor attack strategies and defense mechanisms. We finalize the discussion on challenges and open issues, as well as future research opportunities. |
- The emergence and importance of DevSecOps: Integrating and reviewing security practices within the DevOps pipeline - first mindset across the organization, where security is not an afterthought but an inherent part of the development process. The importance of DevSecOps cannot be overstated in today's digital landscape, where cyber threats are omnipresent and the cost of security breaches is staggering. By integrating security into every stage of the DevOps pipeline, organizations can enhance their resilience to cyber attacks, comply with regulatory requirements, and build trust with customers. DevSecOps represents a holistic approach to software development that prioritizes security without compromising speed or innovation. Embracing DevSecOps principles is imperative for organizations seeking to stay ahead in an increasingly complex and hostile digital environment. |
-
Tutorials
- DevSecOps Tutorial for Beginners | CI Pipeline with GitHub Actions and Docker Scout
- DevSecOps Pipeline Project: Deploy Netflix Clone on Kubernetes
- DevSecOps with Jenkins | Boost Your CICD Pipeline Security !!
- MLSecOps with Automated Online and Offline ML Model Evaluations on Kubernetes
- "What is MLSecOps?" Building security into MLOps workflows by leveraging DevSecOps principles.
- DevSecOps Tutorial for Beginners | CI Pipeline with GitHub Actions and Docker Scout
- DevSecOps Pipeline Project: Deploy Netflix Clone on Kubernetes
- "What is MLSecOps?" Building security into MLOps workflows by leveraging DevSecOps principles.
- MLSecOps with Automated Online and Offline ML Model Evaluations on Kubernetes
- DevSecOps with Jenkins | Boost Your CICD Pipeline Security !!
-
-
Best Practices
-
Cousers
- OWASP LLMSVS
- OWASP Top 10 for Large Language Model Applications
- OWASP Machine Learning Security Top Ten
- MITRE ATLASβ’ (Adversarial Threat Landscape for Artificial-Intelligence Systems)
- OWASP DevSecOps
- OWASP Devsecops Maturity Model
- DevSecOps-Department of Defense (DoD)
- OWASP DevSecOps Guideline
- DevSecOps-Playbook-Securestack
- OWASP LLMSVS
- OWASP Top 10 for Large Language Model Applications
- OWASP Machine Learning Security Top Ten
- MITRE ATLASβ’ (Adversarial Threat Landscape for Artificial-Intelligence Systems)
- OWASP DevSecOps
- OWASP DevSecOps Guideline
- DevSecOps-Playbook-Securestack
- DevSecOps-Department of Defense (DoD)
-
-
Case Studies
-
Cousers
- Enhancing the GuardRails solution
- DevOps in Action: Real-world Case Studies
- Large scale transformation with DevSecOps
- Automating Application Security to Protect Corporate Data Assets at the Speed of Business
- Enhancing the GuardRails solution
- DevOps in Action: Real-world Case Studies
- Large scale transformation with DevSecOps
-
-
Community