Understanding the AI strucrure will help you defend your facilities (10th July 2023)

Preface: Python has 100s of pre-built libraries to implement various Machine Learning and Deep Learning algorithms.

Background: When the word “AI” not found, Python alive everywhere in IT world. Scientist use Python programming language assists their complicated mathematics calculations. Data scientist to analyze geospatial vector data to identify a specific location. Python language is flexi and powerful. But the fundamental design weakness is well known. As a result, you should protect your AI system structure attack by threat actors. For example:
– Some Python security vulnerabilities come from Python’s open-source libraries.
– Injection: Dependency injection is a common design pattern used in most modern programming language. As a matter of fact, such weakness remains an underutilized functionality in Python.
– Command injection which can be expose through misconfig software application. As a result, the possible attack will execute arbitrary command injection, XML external entity injection and server side template injection.

About best practices for Python security

  • Conducting a vulnerability scan weekly. This is the way let you identify and fix Python security vulnerability
  • You should sanitize external data before use.
  • Follow your Python version SDLC, DevSEC should aware of this matter.
    Additional: NVIDIA empower Artificial Intelligence competence. Staying alert with GPU vendor vulnerability management announcement.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.