Hugging Face partners with Wiz Research to Improve AI Security
Hugging Face Blog 2 years ago
Hugging Face partnered with cloud security firm Wiz to identify and fix vulnerabilities on its platform, including flaws in sandboxed compute environments that allowed arbitrary code execution through pickle files. Wiz integrated vulnerability management and cloud security posture monitoring across Hugging Face's multiple Kubernetes clusters and multi-region infrastructure. The partnership led Hugging Face to maintain support for pickle files while implementing automated scanning, security warnings, and promoting Safetensors as a secure alternative rather than imposing a complete ban.