A security engineer is performing threat modeling for an AI training architecture. The architecture implements a CI/CD pipeline to train a new AI model on a fixed schedule with live data from a back-end storage location. The engineer wants to use a threat modeling activity to focus on the threat as it moves through the CI/CD pipeline to the production environment. Which of the following is the most appropriate action for the engineer to take?
Comments