# mlflow
標記為「mlflow」的 7 篇文章
實驗追蹤攻擊
針對 ML 實驗追蹤系統(MLflow、Weights & Biases)的攻擊,包含 Artifact 注入與資料外洩。
experiment-trackingmlflowwandbreconnaissancedata-exfiltration
MLflow 安全強化
MLflow 部署的安全強化,包含認證、Artifact 儲存、網路與 API 存取控制。
infrastructuremlflowmlopsexperiment-tracking
模型註冊表投毒
針對模型註冊表的投毒攻擊,包含 Typo-squatting、依賴混淆與供應鏈劫持。
model-registrymlflowwandbsupply-chainpoisoningartifact-security
實驗追蹤安全
ML 實驗追蹤系統中的安全風險:會被記錄什麼、哪些是敏感內容,以及追蹤平台為何成為攻擊者尋求智財與管線存取的高價值目標。
experiment-trackingmlflowwandbmetadatasecretsml-security
MLflow 攻擊 Surface
安全 analysis of MLflow: tracking server authentication weaknesses, artifact store access control, model registry tampering, SQL injection in tracking queries, and exploitation techniques for both open-source and managed deployments.
mlflowtracking-servermodel-registrysql-injectionartifact-storeauthentication
ML 實驗追蹤安全
保護 MLflow、Weights & Biases、Neptune 等實驗追蹤系統。
llmopsexperiment-trackingsecuritymlflow
Databricks MLflow Deployment Audit
End-to-end walkthrough for auditing MLflow deployments on Databricks: workspace enumeration, model registry security, serving endpoint testing, Unity Catalog integration review, and audit log analysis.
databricksmlflowmodel-registryunity-catalogserving-endpointswalkthrough