top | item 40992693

(no title)

jaaron | 1 year ago

While I get that it's the AI product, the vulnerability here is the k8s configuration. It really has nothing to do with the AI product itself or AI training or anything related to machine learning or generative AI, it's more about poor cloud computing platform security.

discuss

cchance|1 year ago

Which is possibly worse lol, the fact SAP a company as big as they are with as much critical information as they have, fucking up basic cloud security, they didn't even fuck up something new they fucked up common shit from the sound of it.

sunaookami|1 year ago

The bigger the company the less they care since no one will hold them accountable anyways.

bilekas|1 year ago

The article doesn't say that it is an issue with the product itself though. It explains very well than infact it's the isolation of the AI training models.

> The root cause of these issues was the ability for attackers to run malicious AI models and training procedures, which are essentially code

It's being researched and investigated, to my understanding, due to the prevalence of AI products and the need to be mindful of the infrastructure.

j45|1 year ago

The brand that sells is the brand at fault.

Securing it or knowing to secure it or testing it or never releasing it until it was secure is all things that are with the brand making the sale.