# mlflow
7 articlestagged with “mlflow”
Attacking Experiment Tracking Systems
Techniques for exploiting experiment tracking platforms like MLflow, Weights & Biases, Neptune, and CometML, including data exfiltration, metric manipulation, experiment injection, and leveraging tracking metadata for reconnaissance.
MLflow Security Hardening
Securing MLflow deployments against unauthorized access, experiment tampering, and model registry poisoning.
Poisoning Model Registries
Advanced techniques for attacking model registries like MLflow, Weights & Biases, and Hugging Face Hub, including model replacement attacks, metadata manipulation, artifact poisoning, and supply chain compromise through registry infrastructure.
Experiment Tracking Security
Security risks in ML experiment tracking systems: what gets logged, what is sensitive, and how tracking platforms become high-value targets for attackers seeking intellectual property and pipeline access.
MLflow Attack Surface
Security analysis of MLflow: tracking server authentication weaknesses, artifact store access control, model registry tampering, SQL injection in tracking queries, and exploitation techniques for both open-source and managed deployments.
ML Experiment Tracking Security
Securing experiment tracking systems like MLflow, Weights & Biases, and Neptune.
Databricks MLflow Deployment Audit
End-to-end walkthrough for auditing MLflow deployments on Databricks: workspace enumeration, model registry security, serving endpoint testing, Unity Catalog integration review, and audit log analysis.