Breaking ML Services: Finding Zero-Days in Azure Machine Learning
Offered By: Hack In The Box Security Conference via YouTube
Course Description
Overview
Explore the security vulnerabilities discovered in Azure Machine Learning, a managed Machine-Learning-as-a-Service platform offered by Microsoft. Delve into five zero-day vulnerabilities across three broad classes of security issues: insecure logging of sensitive information, MLSee vulnerability allowing sensitive information disclosure, and methods for achieving persistence in AML environments. Learn about the techniques used to assess the security of managed services like AML, including reversing cloud middleware and investigating the shared responsibility model. Gain insights into potential security risks in cloud-based MLaaS platforms and understand the importance of thorough security assessments in these rapidly adopted systems. Witness demonstrations of various research techniques employed to uncover these vulnerabilities, providing valuable knowledge for security professionals and researchers interested in cloud service security.
Syllabus
#HITB2023HKT D2T2 - Breaking ML Services: Finding 0-days In Azure Machine Learning - Nitesh Surana
Taught by
Hack In The Box Security Conference
Related Courses
CCSK Cert Prep: 1 Cloud ArchitectureLinkedIn Learning Introduction to AWS for Non-Engineers: 2 Security
LinkedIn Learning Microsoft Security, Compliance, and Identity Fundamentals: Describe the concepts of security, compliance, and identity
Microsoft via Microsoft Learn MS-900 Microsoft 365 Fundamentals: Describe Microsoft 365 security and compliance capabilities
Microsoft via Microsoft Learn Reduce risk with Microsoft Compliance Manager
Microsoft via Microsoft Learn