PART 4Prevention
Slides 18–25 · 6 mitigation categories
Slide 18 · Part 4 Overview
You can't test poison out. So you keep it out.
Every OWASP mitigation targets the same thing: the integrity of the data pipeline.
1️⃣Track Data Provenance
Know where every dataset and model came from. ML-BOM, CycloneDX, DVC.
2️⃣Vet Vendors & Validate Sources
Treat data suppliers like dependencies; check outputs against trusted references.
3️⃣Sandbox & Detect Anomalies
Isolate unverified data; filter adversarial samples before training.
4️⃣Control Access & Curate Data
Restrict what the pipeline can reach; fine-tune on reviewed datasets.
5️⃣Test Adversarially
Red-team for triggers; use federated learning to dilute any single source.
6️⃣Monitor & Ground with RAG
Watch training loss; ground answers in verified retrieval at inference.
As with every OWASP category: no single control is enough. These layer. Skip one and you leave a path open.