SAIL

/

Build - AI Security Posture Management

/

Insecure ML & Data Pipeline Jobs

3.5

.

Insecure ML & Data Pipeline Jobs

sail
3.5
Risk

Insecure ML & Data Pipeline Jobs

Description

Misconfigurations or insufficient security in ML and data pipeline jobs, leading to risks like code injection, unauthorized model promotion, or credential exposure.

Example

An ML pipeline job with overly permissive IAM roles allows a compromised step to exfiltrate model artifacts or sensitive data

Assets Affected

Pipeline Job

Coding agent (config)

Dataset / RAG

Model files

Model metadata

Mitigation
  • Enforce least privilege for pipeline jobs
  • Implement artifact integrity checks
  • Use secure coding for pipeline scripts
  • Audit and monitor pipeline activities and accesses
Standards Mapping
  • ISO 42001: A.6.2.6, A.7.2
  • NIST AI RMF: MEASURE 2.7, MAP 4.2