Introducing a Harmonized MLSecOps Loop for Securing the AI Lifecycle

Written By Madjid Nakhjiri

As AI systems become more deeply integrated into our products and services, ensuring their security is no longer optional — it's a foundational requirement. While frameworks like DevSecOps have matured for traditional software, AI introduces a whole new layer of complexity: sensitive training data, dynamic models, unpredictable outputs, and agentic behavior.

To help organizations navigate this landscape, I’ve analyzed key sources like MITRE ATLAS, the OWASP AI Security Solution Guide, and OWASP AI Data Security Best Practices. Based on this research, I developed a harmonized MLOps infinity loop — along with a set of MLSecOps activities, which are a structured set of activities that span the full AI/ML lifecycle, from scoping and data collection to model operation and governance.

MLOps Stages

Here’s a snapshot of the MLOps stages:

model engineering

MLSecOps Activities

And here are the List of sample Security activities for each stage of MLOps, what I called MLSecOps activities

🔍 1) Scope & Collect Data

  • Align with compliance and regulatory requirements

  • Identify sensitive data early

  • Conduct third-party risk assessments

  • Perform threat modeling for data pipelines and model usage

📥 2) Prepare & Ingest Data

  • Secure data sources and pipelines

  • Ensure output handling meets security standards

  • Validate model integrity

  • Assess vulnerabilities at the data and preprocessing stages

🧠 3) Model Engineering & App Development

  • Address how models interact with applications

  • Run SAST, DAST, and SCA scans

  • Ensure secure model and code repository practices

🧪 4) Test & Evaluate

  • Conduct adversarial robustness testing

  • Evaluate for bias and fairness

  • Perform final security audits and incident response dry-runs

  • Scan for available agents or external model dependencies

🚀 5) Release

  • Generate AI/ML BOMs and sign artifacts

  • Evaluate security posture of released models

  • Use secure CI/CD pipelines

  • Validate supply chain and access controls

🔗 6) Deploy & Integrate with Applications

  • Verify compliance and artifact integrity

  • Enforce strong encryption and key management

  • Implement WAFs for LLMs and secure APIs/networks

  • Ensure runtime observability

🛡️ 7) Operate, Monitor, and Respond

  • Deploy guardrails and runtime protections

  • Monitor for adversarial behavior or policy violations

  • Detect anomalies in agent chains

  • Manage patching and update cycles

📊 8) Governance & Feedback

  • Ensure ongoing compliance and governance

  • Maintain oversight over bias/fairness issues

  • Manage AI data posture

  • Audit agent actions and user/machine access regularly

This framework is designed to be flexible yet comprehensive — a living structure you can adapt to your organization’s AI maturity and risk profile.

The following should capture the same in a visual form.

test and evalute

There are more steps in each phase that are not covered here for brevity and for the sake of general audience. In future posts, I’ll dive into each stage in more detail and share lessons from real-world engagements.

If you need more detailed evaluation of your AI deployment and would like to tap into our expertise on AI security or simply want to compare notes — please reach out.

Madjid Nakhjiri
Previous

Why AI model scanning: Payload obfuscation in AI supply chains
Next

AI security isn't just DevSecOps with a new name.