Abstract

With the rise of Large Language Models (LLMs) and related applications, enterprises are increasingly relying on MLOps platforms to manage their development and deployment. However, this rapid adoption often prioritizes progress over security, leaving MLOps systems vulnerable to attacks. This talk focuses on exploring the attack surface and threat models for MLOps, examining how these platforms can be exploited to steal valuable models and data, or to poison models for malicious purposes. We will explore attack scenarios on popular MLOps platforms (both cloud and on-prem), and discuss defensive strategies to protect these critical systems.