Taming the Wild West of ML - Practical Model Signing With Sigstore on Kaggle

Explore the practical implementation of model signing with Sigstore on Kaggle to address critical security threats in the rapidly evolving machine learning landscape. Learn how Google developed an efficient solution to sign models at scale and successfully integrated it into Kaggle, one of the leading platforms for data science and machine learning. Discover the journey from initial design through technical implementation challenges, including overcoming hurdles related to model poisoning, supply chain vulnerabilities, and model provenance verification. Understand the benefits of model signing for securing ML workflows and gain insights into the challenges of large-scale platform integration. Examine the impact this implementation has had on Kaggle's community and the broader ML ecosystem, while acquiring actionable best practices that can be applied to other model hubs. Master strategies for protecting ML model integrity through widespread adoption of signing solutions, ultimately preventing significant ML supply chain incidents in what the speaker characterizes as the "Wild West" of machine learning security.