Risk
Insecure ML & Data Pipeline Jobs
Description
Misconfigurations or insufficient security in ML and data pipeline jobs, leading to risks like code injection, unauthorized model promotion, or credential exposure.
Example
An ML pipeline job with overly permissive IAM roles allows a compromised step to exfiltrate model artifacts or sensitive data
Assets Affected
Pipeline Job
Coding agent (config)
Dataset / RAG
Model files
Model metadata
Mitigation
- Enforce least privilege for pipeline jobs
- Implement artifact integrity checks
- Use secure coding for pipeline scripts
- Audit and monitor pipeline activities and accesses
Standards Mapping
- ISO 42001: A.6.2.6, A.7.2
- NIST AI RMF: MEASURE 2.7, MAP 4.2