Prevent unauthorized file downloads from MLDE instances to protect sensitive data from being exfiltrated.
AI/ML / Mlde / Controls / DEV
Disable File Downloads on MLDE Instances
CCC.MLDE.CN02 · Access
Related Capabilities
| ID | Title | Description |
|---|---|---|
| CCC.Core.CP08 | Data Replication | The service automatically replicates data across multiple deployments simultaneously with parity, or may be configured to do so. |
| CCC.Core.CP14 | API Access | The service exposes a port enabling external actors to interact programmatically with the service and its resources using HTTP protocol methods such as GET, POST, PUT, and DELETE. |
Related Threats
| ID | Title | Description |
|---|---|---|
| CCC.MLDE.TH02 | CCC.MLDE.TH02 | |
| CCC.Core.TH02 | Data is Intercepted in Transit | Data transmitted by the service is susceptible to collection by any entity with access to any part of the transmission path. Packet observations can be used to support the planning of attacks by profiling origin points, destinations, and usage patterns. The data may also be vulnerable to interception or modification in transit if not properly encrypted, impacting the confidentiality or integrity of the transmitted data. |
Assessment Requirements
| ID | Text | Applicability |
|---|---|---|
| CCC.MLDE.CN02.AR01 | Confirm that file download functionality is disabled on MLDE instances containing sensitive data. | tlp-red |
| CCC.MLDE.CN02.AR02 | For MLDE instances without sensitive data, ensure that file downloads are monitored and logged. | tlp-red, tlp-amber, tlp-green, tlp-clear |