Guardians of the Dataverse: Securing the AI Supply and Data Chain
The New Frontier: AI Supply Chain Security
At CloudNativeSecurityCon NA 2024, Frederick Kautz delivered a groundbreaking presentation that reframes how we think about supply chain security in the age of AI. Drawing inspiration from Marvel's multiverse concept, Fred introduces the “Dataverse” - a complex, interconnected realm where code, data, models, and infrastructure converge to create AI systems.
This talk goes beyond traditional software supply chain security to address the unique challenges of AI/ML workloads. As organizations rush to adopt AI, many overlook the expanded attack surface that comes with machine learning pipelines. Fred demonstrates how NIST's SP 800-204D framework, originally designed for DevSecOps, can be extended to protect these new attack vectors.
Building on CNCF and OpenSSF Foundations
What makes this presentation particularly valuable is its practical approach. Rather than proposing entirely new tooling, Fred shows how existing CNCF and OpenSSF projects - including in-toto, SPIFFE/SPIRE, Falco, and OPA - can be orchestrated to secure AI workflows. This approach allows organizations to leverage their existing cloud-native security investments while extending protection to their AI initiatives.
The talk is essential viewing for security architects, ML engineers, and anyone responsible for securing AI systems in production. Fred's deep technical expertise combined with his accessible presentation style makes complex security concepts understandable and actionable.
Key Takeaways
NIST SP 800-204D provides a comprehensive framework for extending supply chain security to AI/ML workloads
Data provenance is as critical as code provenance in AI systems - you must track data lineage end-to-end
CNCF and OpenSSF projects can be combined to create a robust security architecture for AI pipelines
The "Dataverse" concept encompasses code, data, models, and infrastructure as interconnected supply chain elements
Zero-trust principles must extend to data access and model training environments
Existing software supply chain tools can be adapted for AI/ML with proper architectural considerations
Watch the Full Presentation
35 minutes of insights on AI
About the Speaker
Frederick Kautz
Director of R&D / Sr. VP Engineering, TestifySec
Frederick “Fred” Kautz is a recognized leader in cloud-native security and software supply chain protection. As Director of R&D and Senior VP of Engineering at TestifySec, he drives innovation in applying zero-trust principles to modern software development.
With over 15 years of experience in distributed systems and security, Fred has contributed to numerous open-source projects and served on technical advisory boards for CNCF projects. His work focuses on making advanced security practices accessible and practical for organizations of all sizes.
Fred is a frequent keynote speaker at major conferences including KubeCon, CloudNativeSecurityCon, and RSA. He holds advanced degrees in Computer Science and has authored several influential papers on supply chain security and cloud-native architectures.