[FEEDBACK]: Include MLOps vulnerabilties somewhere in the Supply Chain Security category

[mik0w]

Type

Suggestions for Improvement

What would you like to report?

Context One of the parts of the supply chain in modern ML systems is MLOps software - like i.e. MLFlow, Prefect etc. Those systems are vulnerable to classic web based attacks and they seem to be "misconfured by default". I've described it here: https://hackstery.com/2023/10/13/no-one-is-prefect-is-your-mlops-infrastructure-leaking-secrets/ or here: https://github.com/logspace-ai/langflow/issues/1145

Suggestion for improvement I'd suggest including MLOps-related vulnerabilities in the ML06 (or maybe in some other categories as well? I am open for suggestions).

Code of Conduct

• [X] I agree to follow this project's Code of Conduct

[sagarbhure]

In my view it should be in ML06, However is should be better renamed with ML from AI supply chain i believe to keep ourself distinct, How would you recommend adding these in the existing ML06, keeping the attacks generic to other packages

[shsingh]

Hi @mik0w I definitely think we should look at including the ecosystem of MLOps software. I am not sure that it all falls within supply chain though. Keen to hear your thoughts on this.

[shsingh]

Hi @mik0w I agree we should look at renaming this from the current "AI Supply Chain"... the renaming was done as feedback (ref: #85 ) but in the cleanup perhaps we could have chosen something more apt. I think "Machine Learning Supply Chain Attacks" is more apt.

What are your thoughts?