What is NB Defense?
NB Defense is an open-source security solution developed by Protect AI for safeguarding Jupyter Notebooks. As both a JupyterLab extension and a command-line interface (CLI) tool, it emphasizes secure practices throughout the entire machine learning development process. By using NB Defense, developers can ensure their notebooks are secure by actively identifying vulnerabilities, sensitive data, and other security concerns.
What are the main features of NB Defense?
-
Contextual Guidance within JupyterLab: The JupyterLab Extension provides rich contextual help, aiding users in identifying potential security issues directly within their notebooks.
-
Advanced Repository Scanning: The CLI tool scans entire Git repositories or specific folders, ensuring comprehensive analysis outside of the Jupyter environment.
-
CVE Identification: This innovative feature scans for known vulnerabilities in code dependencies being used in notebooks, offering insights into potential security risks.
-
Customizable Scanning Options: Users can tailor their scans to focus on specific types of security concerns, such as secrets, personally identifiable information (PII), and license compliance.
How to use NB Defense?
To get started with NB Defense, you can install the JupyterLab extension or use the CLI tool to scan your notebooks. After installation, the contextual guidance will help you to navigate and analyze your notebooks securely. For comprehensive security measures, integrate the CLI tool into your Continuous Integration (CI) pipeline as a pre-commit hook.
What is the pricing for NB Defense?
NB Defense is an open-source tool provided by Protect AI and is available without any cost. Users can utilize the features for free, making it accessible for individuals and teams concerned about notebook security.
Helpful Tips
-
Continuous Monitoring: Regularly run scans on your notebooks to catch any vulnerabilities or security issues early in the development process.
-
Collaboration: Engage with the MLSecOps community through Slack to gain insights and share experiences regarding ML security practices.
-
Pull Requests: Contributions are welcome, so consider participating in the NB Defense improvement by submitting pull requests or reporting issues on GitHub.
Frequently Asked Questions
What types of vulnerabilities does NB Defense detect?
NB Defense primarily detects API keys, private keys, authentication tokens, and other sensitive credentials, personally identifiable information (PII), Common Vulnerabilities and Exposures (CVE), and non-permissive licenses in machine learning open-source frameworks.
How does the CVE identification process work?
The CVE identification feature scans imported code dependencies within your notebook against a database of known vulnerabilities, alerting you to any potential risks associated with those dependencies.
Is my data safe while using NB Defense?
Yes, user privacy is prioritized. NB Defense does not store or utilize personal data for any external purposes, focusing solely on improving security practices.
How often should I run scans with NB Defense?
It's recommended to run scans regularly, especially before sharing or deploying your notebooks, to ensure that no vulnerabilities or sensitive information are present.