model-security
Safeguard articles tagged "model-security" — guides, analysis, and best practices for software supply chain and application security.
17 articles
A risk framework for enterprise AI coding and agent tool rollouts
Samsung banned ChatGPT company-wide after three leaks in 20 days. A working framework for data exposure, model supply chain, and access control risk.
AI Supply Chain Security: Securing Models and Datasets
Your AI supply chain is not just your npm dependencies anymore. It is the models you download, the weights you load, and the datasets you train on — and each is an attack surface most software security programs have never inventoried.
Securing Hugging Face Models: A Practical Safety Guide
Hugging Face is the npm of machine learning, and it inherits npm's problems. Malicious weights, pickle payloads, and leaked Space secrets are all live risks — here is how to pull models safely.
AI Data Poisoning Defense: Protecting Models from Tainted Data
You do not need to corrupt most of a training set to backdoor a model — recent research suggests a small, near-constant number of poisoned documents can be enough. Defense starts with treating data as a dependency.
AI Model Supply Chain Attacks: How Weights Become Malware
You would never run an unknown binary from a stranger, but teams pull unknown model weights off public hubs every day. Loading them can be code execution — and that is only the most obvious link in the chain.
What is Adversarial Machine Learning
Adversarial machine learning exploits model decision boundaries via evasion, poisoning, extraction, and inference attacks -- here's how it works and how to defend against it.
AI Models in Your Supply Chain: The Security Risks Nobody Talks About
AI/ML models are the new open source libraries. Here's why your supply chain security strategy needs to account for model provenance, poisoning, and compliance.
Vulnerability Scanning for AI Models: A New Frontier
AI models ship with dependencies, use vulnerable libraries, and introduce novel attack surfaces. Traditional scanning is not enough.
Overview of AI model supply chain security risks end to end
A concrete, incident-driven walkthrough of AI supply chain security — from poisoned datasets and backdoored Hugging Face models to CI pipeline hijacks — and how to reduce the risk end to end.
Glossary of AI Trust, Risk, and Security Management (AI T...
A glossary of AI trust risk security management concepts: the Gartner AI TRiSM framework, its four pillars, AI risk taxonomy, and adversarial threats.
How to build an AI-specific incident response playbook
A step-by-step guide to building an AI incident response plan — covering scoping, escalation, detection, containment, and post-incident review for LLM and agent failures.
LLM Supply Chain Vulnerabilities
Malicious model files, poisoned datasets, and compromised ML packages are the new software supply chain frontier. Here is how these LLM attacks actually work.