Machine Learning Bug Bonanza – Exploiting ML Services

JFrog’s security research team continuously monitors open-source software registries, proactively identifying and addressing potential malware and vulnerability threats to foster a secure and reliable ecosystem for open-source software development and deployment. In our previous research on MLOps we noted the immaturity of the Machine Learning (ML) field often results in a higher amount of discovered …

swampUP Recap: “EveryOps” is Trending as a Software Development Requirement

swampUP 2024, the annual JFrog DevOps Conference, was unique in it’s addressing not only more familiar DevOps and DevSecOps issues, but adding specific operational challenges, stemming from the explosive growth of GenAI and the resulting need for specialized capabilities for handling AI models and datasets, while supporting new personae such as AI/ML engineers, data scientists …

Trusted Software Delivered!

At swampUP 2024 in Austin just a few days ago, we explored the EveryOps Matters approach with the crowd of developers, driven by a consolidated view from their companies’ boardrooms and 2024 CIO surveys. The message was clear: “EveryOps” isn’t just a strategy or tech trend —  it’s a fundamental, ongoing mindset shift that must …

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms

NOTE: This research was recently presented at Black Hat USA 2024, under the title “From MLOps to MLOops – Exposing the Attack Surface of Machine Learning Platforms”. The JFrog Security Research team recently dedicated its efforts to exploring the various attacks that could be mounted on open source machine learning (MLOps) platforms used inside organizational …

JFrog Qwak

JFrog & Qwak: Accelerating Models Into Production – The DevOps Way

We are collectively thrilled to share some exciting news: Qwak will be joining the JFrog family! Nearly four years ago, Qwak was founded with the vision to empower Machine Learning (ML) engineers to drive real impact with their ML-based products and achieve meaningful business results. Our mission has always been to accelerate, scale, and secure …

Taking a GenAI Project to Production

Generative AI and Large Language Models (LLMs) are the new revolution of Artificial Intelligence, bringing the world capabilities that we could only dream about less than two years ago. Unlike previous milestones, such as Deep Learning, in the current AI revolution, everything is happening faster than ever before. Many feel that the train is about …

The basics of securing GenAI and LLM development

With the rapid adoption of AI-enabled services into production applications, it’s important that organizations are able to secure the AI/ML components coming into their software supply chain. The good news is that even if you don’t have a tool specifically for scanning models themselves, you can still apply the same DevSecOps best practices to securing …

Ensure your models flow with the JFrog plugin for MLflow

Just a few years back, developing AI/ML (Machine Learning) models was a secluded endeavor, primarily undertaken by small teams of developers and data scientists away from public scrutiny. However, with the surge in GenAI/LLMs, open-source models, and ML development tools, there’s been a significant democratization of model creation, with more developers and organizations engaging in …

Qwak and JFrog integration

Advancing MLOps with JFrog and Qwak

Modern AI applications are having a dramatic impact on our industry, but there are still certain hurdles when it comes to bringing ML models to production. The process of building ML models is so complex and time-intensive that many data scientists still struggle to turn concepts into production-ready models. Bridging the gap between MLOps and …

4 Lessons in MLOps - Resource Center Thumbnail

Four Key Lessons for ML Model Security & Management

With Gartner estimating that over 90% of newly created business software applications will contain ML models or services by 2027, it is evident that the open source ML revolution is well underway. By adopting the right MLOps processes and leveraging the lessons learned from the DevOps revolution, organizations can navigate the open source and proprietary …