Search

Mr. OS
Mr. OS @ksg93rd ·
#AIOps #DevOps #MLSecOps AI Security Solutions Landscape for LLM and Gen AI Apps, Q2 2026. ]-> AI Security Solutions Landscape for Agentic AI Q2 2026 genai.owasp.org/resource/ai-se… ]-> OWASP GenAI Data Security Risks & Mitigations 2026 genai.owasp.org/resource/owasp…
AI Security Solutions Landscape for Agentic AI Q2 2026

The Solutions Landscape monitors and maps the full Agentic AI lifecycle, focusing on the DevOps–SecOps intersection to meet evolving security needs. Guided by the Agentic AI Threats and Mitigations...

From genai.owasp.org
52
Mr. OS
Mr. OS @ksg93rd ·
#tools #MLSecOps "Claudini: Autoresearch Discovers State-of-the-Art Adversarial Attack Algorithms for LLMs", Mar. 2026. ]-> Code repository github.com/romovpa/claudi… // This paper demonstrates that LLM agents can automate AI safety research by autonomously discovering novel white-box adversarial attacks. The resulting algorithms significantly outperform over 30 existing methods, achieving up to 100% success rates in jailbreaking and prompt injection evaluations across various models. These findings highlight the potential for LLM agents to accelerate security red-teaming through iterative optimization and quantitative feedback
GitHub - romovpa/claudini: Autoresearch for LLM adversarial attacks

Autoresearch for LLM adversarial attacks. Contribute to romovpa/claudini development by creating an account on GitHub.

From github.com
2
1
732
Mr. OS
Mr. OS @ksg93rd ·
#info #Events #MLSecOps [un]prompted 2026: The AI Security Practitioner Conference, March 3-4, The Hibernia, San Francisco. github.com/ethanolivertro… // 49 slide decks from talks across both days and both stages, covering AI agents, offensive AI, LLM security, governance, and the agentic future
GitHub - ethanolivertroy/unpromptedcon-2026-slides: Community collection of all available slide...

Community collection of all available slide decks from [un]prompted 2026, the AI Security Practitioner Conference (March 3-4, San Francisco) - ethanolivertroy/unpromptedcon-2026-slides

From github.com
1
132
Mr. OS
Mr. OS @ksg93rd ·
#tools #AIOps #MLSecOps "Auditing MCP Servers for Over-Privileged Tool Capabilities", Mar. 2026. github.com/nyit-vancouver… // MCP Tools Detection provides a comprehensive, multi-layered defense mechanism combining static code analysis (AST-based) with dynamic runtime monitoring (eBPF-based) to identify malicious or vulnerable MCP servers before they can compromise an agentic workflow
GitHub - nyit-vancouver/mcp-sec-audit

Contribute to nyit-vancouver/mcp-sec-audit development by creating an account on GitHub.

From github.com
129
Mr. OS
Mr. OS @ksg93rd ·
#Research #MLSecOps "On the (In)Security of Loading Machine Learning Models", Mar. 2026. ]-> Artifact Evaluation Package github.com/necst/security… // This study finds that ML model-sharing frameworks often provide inadequate security and shift risks to users, with analysis revealing 0-day vulns enabling code execution. Despite user overtrust in current security narratives, the research concludes that secure model loading is not a solved problem and offers suggestions to strengthen the ecosystem
GitHub - necst/security-model-sharing: Artifacts supporting the paper "On the (In)Security of...

Artifacts supporting the paper "On the (In)Security of Loading Machine Learning Models" (IEEE Symposium on Security and Privacy 2026). Includes proof-of-concept exploits, model ar...

From github.com
250
Mr. OS
Mr. OS @ksg93rd ·
#MLSecOps The Tensor in the Haystack: Weightsquatting as a Supply-Chain Risk labs.itresit.es/2026/03/11/the… // Weightsquatting is artifact-level manipulation of model weights to bias dependency selection toward attacker-chosen targets during development workflows, turning model integrity into a supply-chain problem. That is enough to turn a coding assistant into a supply-chain risk..
The Tensor in the Haystack: Weightsquatting as a Supply-Chain Risk

By Javier Medina ( X / LinkedIn) TL;DR Weightsquatting is artifact-level manipulation of model weights to bias dependency selection toward attacker-chosen targets during development …

From labs.itresit.es
118
Mr. OS
Mr. OS @ksg93rd ·
#tools #MLSecOps Cisco Skill Scanner github.com/cisco-ai-defen… // A best-effort security scanner for AI Agent Skills that detects prompt injection, data exfiltration, and malicious code patterns. Combines pattern-based detection (YAML+YARA), LLM-as-a-judge, and behavioral dataflow analysis to maximize detection coverage of probable threats while minimizing false positives
GitHub - cisco-ai-defense/skill-scanner: Security Scanner for Agent Skills

Security Scanner for Agent Skills. Contribute to cisco-ai-defense/skill-scanner development by creating an account on GitHub.

From github.com
258
Mr. OS
Mr. OS @ksg93rd ·
#MLSecOps #Sec_code_review "SecCodeBench-V2 Technical Report", Feb. 2026. // SecCodeBench-V2 (SCBv2) - github.com/alibaba/sec-co… benchmark for evaluating LLM copilots’ capabilities of generating secure code. SCBv2 adopts a function-level task formulation: each scenario provides a complete project scaffold and requires the model to implement or patch a designated target function under fixed interfaces and dependencies. For each scenario, SCBv2 provides executable PoC test cases for both functional validation and security verification. All test cases are authored and double-reviewed by security experts, ensuring high fidelity, broad coverage, and reliable ground truth
GitHub - alibaba/sec-code-bench: SecCodeBench is a benchmark suite focusing on evaluating the...

SecCodeBench is a benchmark suite focusing on evaluating the security of code generated by large language models (LLMs). - alibaba/sec-code-bench

From github.com
1
221
Mr. OS
Mr. OS @ksg93rd ·
#tools #MLSecOps AIsbom - specialized security and compliance scanner for ML artifacts github.com/Lab700xOrg/ais… // Unlike generic SBOM tools that only parse requirements.txt, AIsbom performs Deep Binary Introspection on model files (.pt, .pkl, .safetensors, .gguf) to detect malware risks and legal license violations hidden inside the serialized weights
GitHub - Lab700xOrg/aisbom: AI SBOM: AI Software Bill of Materials - The Supply Chain for Artific...

AI SBOM: AI Software Bill of Materials - The Supply Chain for Artificial Intelligence - Lab700xOrg/aisbom

From github.com
370
Mr. OS
Mr. OS @ksg93rd ·
#tools #MLSecOps "DeepSight: An All-in-One LM Safety Toolkit", Feb. 2026. ]-> github.com/AI45Lab/DeepSa… ]-> github.com/AI45Lab/DeepSc… // DeepSight is low-cost, reproducible, efficient, and highly scalable large-scale model safety evaluation project consisting of a evaluation toolkit DeepSafe and a diagnosis toolkit DeepScan
GitHub - AI45Lab/DeepSafe: All-in-One Safety Evaluation Framwork

All-in-One Safety Evaluation Framwork. Contribute to AI45Lab/DeepSafe development by creating an account on GitHub.

From github.com
199
Mr. OS
Mr. OS @ksg93rd ·
#MLSecOps "TamperBench: Systematically Stress-Testing LLM Safety Under Fine-Tuning and Tampering", Feb. 2026. ]-> Toolkit to benchmark the tamper-resistance of LLMs github.com/criticalml-uw/… // As increasingly capable open-weight LLMs are deployed, improving their tamper resistance against unsafe modifications, whether accidental or intentional, becomes critical to minimize risks. Varied data sets, metrics, and tampering configurations make it difficult to compare safety, utility, and robustness across different models and defenses. We introduce TamperBench, the first unified framework to systematically evaluate the tamper resistance of LLMs
GitHub - criticalml-uw/TamperBench: Toolkit to benchmark the tamper-resistance of LLMs.

Toolkit to benchmark the tamper-resistance of LLMs. - criticalml-uw/TamperBench

From github.com
2
137
Mr. OS
Mr. OS @ksg93rd ·
#tools #hardening #MLSecOps Detecting and Monitoring OpenClaw (clawdbot, moltbot) 1⃣. OpenClaw Detection Scripts github.com/knostic/opencl… // Detection scripts for MDM deployment to identify OpenClaw installations on managed devices 2⃣. OpenClaw Telemetry Plugin github.com/knostic/opencl… // Captures tool calls, LLM usage, agent lifecycle, and message events 3⃣. Advanced Cognitive Inoculation Prompt (ACIP) github.com/Dicklesworthst… // Fortifying LLMs against sophisticated prompt injection attacks
GitHub - knostic/openclaw-detect: Detection scripts for MDM deployment to identify OpenClaw...

Detection scripts for MDM deployment to identify OpenClaw installations on managed devices. - knostic/openclaw-detect

From github.com
162
Mr. OS
Mr. OS @ksg93rd ·
#MLSecOps "FNF: Functional Network Fingerprint for Large Language Models", Feb. 2026. ]-> Repo - github.com/WhatAboutMySta… // In this work, we propose the Functional Network Fingerprint (FNF), a training-free, sample-efficient method for detecting whether a suspect LLM is derived from a victim model, based on the consistency between their functional network activity
GitHub - WhatAboutMyStar/LLM_ACTIVATION: The implement of "Brain-Inspired Exploration of Functional...

The implement of "Brain-Inspired Exploration of Functional Networks and Key Neurons in Large Language Models", "Pruning Large Language Models by Identifying and Preservi...

From github.com
189