- Популярные видео
- Авто
- Видео-блоги
- ДТП, аварии
- Для маленьких
- Еда, напитки
- Животные
- Закон и право
- Знаменитости
- Игры
- Искусство
- Комедии
- Красота, мода
- Кулинария, рецепты
- Люди
- Мото
- Музыка
- Мультфильмы
- Наука, технологии
- Новости
- Образование
- Политика
- Праздники
- Приколы
- Природа
- Происшествия
- Путешествия
- Развлечения
- Ржач
- Семья
- Сериалы
- Спорт
- Стиль жизни
- ТВ передачи
- Танцы
- Технологии
- Товары
- Ужасы
- Фильмы
- Шоу-бизнес
- Юмор
Exploring the Large Language Models Open-Source Security Landscape - Yotam Perkal, Rezillion
Exploring the Large Language Models Open-Source Security Landscape - Yotam Perkal, Rezillion
Large Language Models (LLMs) have revolutionized how we create, interact with, and consume digital content. Consequently, their open-source ecosystem is gaining popularity at an abnormal rate. But are early adopters adequately addressing their security aspects and associated risks? In this talk, we will delve into the security risks of LLMs, emphasizing the need for a security-first approach to their adoption. We will explore different types of risks, present examples demonstrating how they can manifest, and offer mitigating strategies to address them. We will then present the results of an analysis we conducted using the OpenSSF Scorecard comparing the security posture of the 50 most popular LLM-based projects on GitHub to that of other widely-used open-source projects, including projects from the OpenSSF Critical Projects list. Our analysis reveals significant concerns regarding the maturity and security posture of open-source LLM projects, emphasizing the need to address the security risks inherent to these technologies as well as underscoring the importance of considering security factors when selecting or integrating software solutions.
Видео Exploring the Large Language Models Open-Source Security Landscape - Yotam Perkal, Rezillion канала OpenSSF
Large Language Models (LLMs) have revolutionized how we create, interact with, and consume digital content. Consequently, their open-source ecosystem is gaining popularity at an abnormal rate. But are early adopters adequately addressing their security aspects and associated risks? In this talk, we will delve into the security risks of LLMs, emphasizing the need for a security-first approach to their adoption. We will explore different types of risks, present examples demonstrating how they can manifest, and offer mitigating strategies to address them. We will then present the results of an analysis we conducted using the OpenSSF Scorecard comparing the security posture of the 50 most popular LLM-based projects on GitHub to that of other widely-used open-source projects, including projects from the OpenSSF Critical Projects list. Our analysis reveals significant concerns regarding the maturity and security posture of open-source LLM projects, emphasizing the need to address the security risks inherent to these technologies as well as underscoring the importance of considering security factors when selecting or integrating software solutions.
Видео Exploring the Large Language Models Open-Source Security Landscape - Yotam Perkal, Rezillion канала OpenSSF
Комментарии отсутствуют
Информация о видео
7 октября 2023 г. 1:52:25
00:33:40
Другие видео канала
Open Source LLM Security
Head First Reporting of Linux Kernel CVEs: Practical Use of the Kernel Fuzzer- Yunseong Kim, Open Up
OpenSSF Webinar: Introduction to Project Alpha-Omega
TTX Session - Moderated by Dana Wang, OpenSSF; Panelist & Contributor Details in Description
Mastering Requirements How Clear Procedures Can Change Everything
OpenSSF TAC (November 1, 2022)
Supply Chain Integrity WG (March 16, 2022)
OpenSSF TAC Meeting (February 22, 2022)
Tools & Techniques: BOLT
The Future of Open Source Security | OpenSSF Community Day
The Architecture of Accountability: Transparency in Software - Hayden Blauzvern, Google
Beyond Linux Kernel Testing: Approaches and Challenges - Shung-Hsi Yu, SUSE & Yunseong Kim, Debian
Highlighting the Uniqueness and Prevalence of OSS AI/ML Vulnerabilities - Jessy Ayala
Zarf Explained: DevSecOps for Air-Gapped & Offline Environments | OpenSSF Project Spotlight
Managing Vulnerabilities in Open-Source Dependencies - Eva Sarafianou, Mattermost
Unlocking the Secrets of Open Source Definition
Security In An Open World
Thinking About Source Code Security in New Ways - Yongjae Chung & Justin Cappos, New York University
Secrets in Public Git Repos: Why It Keeps Happening and How To Fix It - Arpit Jain
In Honk We Trust: Better Build Pipelines - Ram Iyengar, Cloud Foundry Foundation
