[ad_1]
Today, Hugging Face provides a brand new mannequin on common each 7 seconds, and the platform now hosts practically 1.9 million fashions obtainable to builders worldwide. This unprecedented scale — pushed by contributors globally, spanning each trusted establishments and unbiased creators — fuels a wave of innovation whereas additionally reinforcing the necessity to safe the AI provide chain.
As highlighted in our earlier evaluation, AI provide chain dangers now permeate each stage of the AI lifecycle — from susceptible software program dependencies and malicious or backdoored mannequin information to poisoned or non-compliant datasets. Given this complexity, it’s more and more difficult for any single group to handle these points alone. Effective safety of the AI panorama requires shut collaboration throughout the neighborhood to safe AI.
Elevating AI Supply Chain Security with Hugging Face
At Cisco, we’re on a mission to assist each group on the planet securely execute their AI technique. Today, we’re taking this mission a step additional. We’re excited to announce a strategic relationship between the Foundation AI group at Cisco and Hugging Face, bringing collectively the world’s main AI mannequin hub with Cisco’s experience in securing digital infrastructure.
As a part of this expanded collaboration, Cisco Foundation AI will present the platform and scanning of each public file uploaded to Hugging Face — AI mannequin information and different information alike — in a unified malware scanning functionality powered by custom-fit detection capabilities in an up to date ClamAV engine.
By combining Hugging Face’s central position in open-source AI with Cisco’s complete malware scanning capabilities, this permits extra rigorous mannequin vetting, early detection of vulnerabilities, and shared menace intelligence — constructing better belief and stronger safety throughout your complete AI ecosystem.
“We are thrilled to partner with Cisco Foundation AI to help secure Hugging Face users. We have been scanning files with ClamAV, the free and open source malware detection scanner from Cisco Talos, for a few years. With ClamAV’s new update we can now provide comprehensive protection against both traditional malware and threats unique to AI models—all with a single tool. We are grateful to Cisco to becoming our partner to scan all files uploaded to Hugging Face. By combining our leadership in open-source AI with Cisco’s deep cybersecurity expertise, we’re empowering organizations and individuals worldwide to adopt AI with confidence”
Julien Chaumond, CTO, Hugging Face
In addition, because of our collaboration, we’re democratizing AI mannequin antimalware:
- ClamAV can now detect malicious code in AI fashions– We are releasing this functionality to the world. For free. In addition to its protection of conventional malware, ClamAV can now detect deserialization dangers in widespread mannequin file codecs equivalent to .pt and .pkl (in milliseconds, not minutes). This enhanced performance is obtainable in the present day for everybody utilizing ClamAV.
- ClamAV is the one antivirus engine centered on AI danger in VirusTotal– ClamAV is the one antivirus engine to detect malicious fashions in each Hugging Face and VirusTotal – a well-liked menace intelligence platform that may scan uploaded fashions.
We’re proud to ship our work on AI provide chain safety to Cisco prospects and now, the better AI and safety neighborhood. More is on the way in which to assist defend AI builders from provide chain dangers.
Learn More
The Cisco Foundation AI group not too long ago launched Cerberus, a 24/7 guard for the AI provide chain. Cerberus inspects fashions as they enter Hugging Face, sharing leads to standardized menace feeds that Cisco Security merchandise use to construct and implement granular entry insurance policies for the AI provide chain.
With the discharge of ClamAV 1.5, Cisco brings deeper visibility into the AI mannequin provide chain to the safety neighborhood. ClamAV 1.5 provides native assist for figuring out AI mannequin information throughout scanning to permit for model-specific detection logic and safer dealing with of embedded threats. Together with our signature updates (which don’t require ClamAV 1.5) to ClamAV, ClamAV is now positioned as a foundational instrument for securing the rising AI mannequin ecosystem. These capabilities are additionally obtainable throughout the Cisco portfolio of merchandise with our Talos menace intelligence providers.
Users of Cisco Secure Access can configure learn how to present entry to Hugging Face repositories, block entry to potential threats in AI fashions, block AI fashions with dangerous licenses, and implement compliance insurance policies on AI fashions that originate from delicate organizations or politically delicate areas.
We beforehand launched protections for Secure Endpoint, Secure Email Threat Defense, Secure Access and Secure Firewall. All current customers of Cisco Secure Endpoint and Email Threat Defense are protected towards malicious AI Supply Chain artifacts.
For extra info on the Foundation AI group, try our web site and be happy to ship us a message!
We’d love to listen to what you suppose! Ask a query and keep linked with Cisco Security on social media.
Cisco Security Social Media
Share: