# infrastructure
83 articlestagged with “infrastructure”
Infrastructure Security Assessment
Assessment covering model serving, container security, API gateway hardening, and deployment pipeline threats.
Infrastructure Security Assessment (Assessment)
Test your knowledge of AI infrastructure security including model serving, API security, deployment architectures, and supply chain risks with 10 intermediate-level questions.
AI Infrastructure Security Assessment
Assessment covering model serving, API gateways, container security, and GPU isolation.
Skill Verification: Infrastructure Security
Hands-on verification of cloud and infrastructure security assessment skills for AI deployments.
Infrastructure Security Study Guide
Study guide for AI infrastructure security covering cloud, container, and deployment pipeline topics.
June 2026: Cloud AI Security Challenge
Find and document vulnerabilities in a cloud-deployed AI service covering API security, model serving infrastructure, authentication, and data handling.
Red Team Infrastructure & Tooling
AI red team C2 frameworks, automated attack pipelines, custom scanner development, and integration with Cobalt Strike, Mythic, and Sliver.
Building Evaluation Harnesses
Design and implement evaluation harnesses for AI red teaming: architecture patterns, judge model selection, prompt dataset management, scoring pipelines, and reproducible evaluation infrastructure.
AI API Abuse Detection
Detecting and mitigating API abuse patterns targeting AI inference endpoints including prompt extraction and model theft.
Penetration Testing Methodology for AI Infrastructure
A structured methodology for penetration testing AI/ML systems covering reconnaissance, vulnerability assessment, exploitation, and reporting
Threat Modeling for AI Infrastructure Using STRIDE
Systematic threat modeling methodology for AI/ML systems using STRIDE, data flow diagrams, and attack trees tailored to machine learning pipelines
Zero Trust Architecture for AI Infrastructure
Implementing and attacking zero trust principles across ML training pipelines, inference endpoints, and model registries
Service Mesh Security for AI Microservices
Securing inter-service communication in AI systems using Istio, Linkerd, and Envoy with focus on inference pipelines and model serving architectures
AI Workload Isolation
Isolation techniques for AI workloads using VMs, containers, and trusted execution environments (TEEs).
Attacks on AI Workload Schedulers
Exploiting Slurm, Kubernetes, and custom schedulers to hijack GPU resources, poison training jobs, and achieve lateral movement in AI clusters
API Gateway Security for AI Services
Securing API gateways for AI services including authentication, rate limiting, and request validation.
LLM API Security Testing
Security testing methodology for LLM APIs, covering authentication, rate limiting, input validation, output filtering, and LLM-specific API vulnerabilities.
Cloud AI Infrastructure Attacks
Security assessment of cloud-hosted AI/ML platforms including AWS SageMaker, Azure ML, and GCP Vertex AI -- IAM misconfigurations, model theft, and data exposure.
Container Security for ML Workloads
Securing containerized ML workloads including Docker images, Kubernetes pods, and GPU isolation.
Attacking AI Deployments
Security assessment of AI deployment infrastructure, including container escapes, GPU side channels, inference server vulnerabilities, and resource exhaustion attacks.
Disaster Recovery for ML Systems
Implementing disaster recovery for ML systems including model backup strategies, failover procedures, and recovery time objectives.
Distributed Training Security
Security considerations for distributed model training across multiple nodes and data centers.
DNS Rebinding Attacks Against AI Services
Exploiting DNS rebinding to bypass network controls and access internal AI model serving endpoints, training dashboards, and GPU management interfaces
Edge AI Deployment Security
Security challenges and mitigations for deploying AI models at the edge on resource-constrained devices.
Edge ML Deployment Security
Security challenges of deploying ML models at the edge including model extraction, update tampering, and physical access attacks.
Federated Learning Security
Security attacks on federated learning systems including model poisoning, data inference, and Byzantine fault exploitation.
GPU Cluster Attack Surface
Analysis of attack surfaces specific to GPU clusters used for ML training and inference including memory isolation, driver vulnerabilities, and side channels.
GPU Cluster Security
Securing GPU clusters used for model training and inference against unauthorized access and data leakage.
GPU Memory Side-Channel Attacks
Side-channel attacks exploiting GPU memory allocation, timing, and electromagnetic emanation to extract sensitive data from AI workloads.
GPU Sharing and Isolation Security
Security implications of GPU sharing in multi-tenant AI infrastructure and isolation strategies.
Hardware Security for ML Accelerators
Hardware-level security considerations for ML accelerators including side-channel attacks, firmware vulnerabilities, and memory protection.
AI Infrastructure Security
Overview of security concerns in AI infrastructure, covering model supply chains, API security, deployment architecture, and the unique attack surfaces of ML systems.
Inference Endpoint Hardening
Hardening model inference endpoints against adversarial inputs, DoS, and information leakage.
AI Infrastructure Exploitation
Methodology for exploiting GPU clusters, model serving frameworks (Triton, vLLM, Ollama), Kubernetes ML platforms, cloud AI services, and cost amplification attacks.
Kubeflow Security
Security assessment and hardening of Kubeflow ML pipeline deployments on Kubernetes.
Kubernetes ML Security Hardening
Comprehensive guide to hardening Kubernetes clusters running ML workloads including pod security, network policies, and GPU isolation.
LLM Proxy Security
Security assessment of LLM proxy and gateway solutions including LiteLLM, Portkey, and custom API gateways.
ML Data Lake Security
Securing data lakes used for ML training data including access controls, encryption, lineage tracking, and poisoning prevention.
ML Experiment Infrastructure Security
Securing ML experimentation infrastructure including notebook servers, experiment trackers, and shared development environments.
ML Pipeline CI/CD Security
Securing ML training and deployment pipelines including GitHub Actions, Kubeflow, and MLflow.
ML Pipeline Supply Chain Security
Securing the ML pipeline supply chain from training framework dependencies to serving infrastructure components.
MLflow Security Hardening
Securing MLflow deployments against unauthorized access, experiment tampering, and model registry poisoning.
Model Artifact Integrity Verification
Implementing integrity verification for model artifacts through checksums, signatures, and provenance tracking.
Model Artifact Security
Securing model artifacts throughout the lifecycle including signing, verification, storage encryption, and tamper detection.
Model Compression Security
Security implications of model pruning, quantization, and knowledge distillation on AI system robustness.
Security of Dynamic Model Loading in Production
Analyzing risks of hot-swapping, dynamic loading, and A/B testing of ML models in production serving infrastructure
Model Registry Security
Securing model registries and artifact stores against tampering, poisoning, and unauthorized access.
Model Serialization Attacks
Pickle, SafeTensors, and ONNX deserialization attacks targeting ML model files for arbitrary code execution.
Model Serving Autoscaling Attacks
Exploiting autoscaling mechanisms in model serving infrastructure to cause resource exhaustion, cost amplification, or denial of service.
Security Comparison of Model Serving Frameworks
In-depth security analysis of TorchServe, TensorFlow Serving, Triton Inference Server, and vLLM for production AI deployments
Model Serving Infrastructure Attacks
Attacking model serving infrastructure including inference servers, load balancers, and GPU schedulers.
Model Weight Encryption
Encryption at rest and in transit for ML model weights, protecting intellectual property and preventing unauthorized model access.
Multi-Cloud ML Security
Security architecture for ML workloads spanning multiple cloud providers including identity federation, data sovereignty, and policy consistency.
Network Security for AI Deployments
Network security architecture for AI deployments including segmentation, encryption, and traffic analysis.
Observability for AI Infrastructure
Building observability into AI infrastructure for security monitoring and incident detection.
Advanced Rate Limiting Strategies for LLM API Endpoints
Designing, attacking, and defending rate limiting systems for LLM inference APIs to prevent abuse, model extraction, and resource exhaustion
Secrets Management for AI Applications
Managing API keys, model credentials, and sensitive configuration in AI application deployments.
Serverless ML Security
Security considerations for serverless ML deployments including cold start attacks, function injection, and ephemeral storage risks.
Securing Storage Systems for Training Data
Attack and defense strategies for S3, GCS, HDFS, and object storage systems holding AI training datasets and model artifacts
AI Supply Chain Deep Dive
Deep analysis of AI supply chain security threats including sleeper agents, slopsquatting, malicious model uploads, pickle deserialization exploits, and model provenance verification challenges.
Supply Chain Security for ML Dependencies
Securing the ML dependency supply chain including PyTorch, transformers, and model weight downloads.
Trusted Execution Environments for AI Workloads
Security analysis of Intel SGX, AMD SEV, and ARM TrustZone for protecting AI model inference and training in untrusted environments
Exfiltrating Data Through AI Telemetry and Logging
Using AI system telemetry, logging pipelines, and observability infrastructure as covert channels for data exfiltration
Training Cluster Network Security
Network security for distributed ML training clusters including NCCL, RDMA, and InfiniBand protection.
Triton Inference Server Security
Security hardening for NVIDIA Triton Inference Server deployments including model repository protection and API security.
Vector Database Security
Security hardening for vector databases including Pinecone, Weaviate, Chroma, and pgvector.
vLLM Security Configuration
Security hardening for vLLM serving deployments including API authentication, resource limits, and input validation.
Lab: Cloud AI Assessment
Hands-on lab for conducting an end-to-end security assessment of a cloud-deployed AI system including infrastructure review, API testing, model security evaluation, and data flow analysis.
Lab: Containerized Model Breakout
Explore techniques for escaping from containerized AI applications to the host system, testing container isolation boundaries in ML deployment environments.
Lab: Inference Server Exploitation
Attack vLLM, TGI, and Triton inference servers to discover information disclosure vulnerabilities, denial-of-service vectors, and configuration weaknesses in model serving infrastructure.
Lab: Model Serving Framework Attacks
Exploit vulnerabilities in TensorFlow Serving, TorchServe, and Triton Inference Server, targeting model loading, API endpoints, and management interfaces.
DevOps AI Assistant Security Assessment
Assess a DevOps AI assistant with access to CI/CD pipelines, cloud infrastructure, and deployment systems.
KV Cache & Prompt Caching Attacks
How KV cache poisoning, prefix caching exploitation, cache timing side channels, and multi-tenant isolation failures create attack vectors in LLM serving infrastructure.
Setting Up an AI Red Team Lab Environment
Practical guide to designing and building a lab environment for AI red team testing, from hardware selection through tool configuration.
Distributed Training Attack Surface
Security vulnerabilities in multi-GPU, multi-node LLM training: gradient sharing attacks, parameter server compromise, insider threats, and infrastructure-level training exploits.
Training Infrastructure Attacks
Attacking training infrastructure including GPU clusters, distributed training, and orchestration systems.
API Rate Limit Bypass
Techniques to bypass API rate limiting on LLM services, including header manipulation, distributed requests, authentication rotation, and endpoint discovery.
LLM Cache Poisoning Walkthrough
Poison LLM response caches to serve adversarial content to other users without direct injection.
GPU Side Channel Basics
GPU-based side channel attacks on ML inference, exploiting timing, power consumption, and memory access patterns to extract information about models and data.
Inference Endpoint Exploitation
Exploiting inference API endpoints for unauthorized access, data exfiltration, and service abuse through authentication flaws, input validation gaps, and misconfigured permissions.
Model Hub Supply Chain Attack
Attacking the ML model supply chain through hub repositories like Hugging Face, including typosquatting, model poisoning, and repository manipulation techniques.
Model Serialization RCE
Remote code execution through malicious model files using pickle deserialization, safetensors manipulation, and other model serialization format vulnerabilities.
Full Engagement: DevOps AI Assistant
End-to-end engagement for a DevOps AI assistant with CI/CD, cloud infrastructure, and monitoring access.