https://community.databricks.com/t5/administration-architecture/how-safe-is-databricks-workspaces-with-user-files-uploaded-to/m-p/135516#M4245 <P>With the growing adoption of diverse machine learning, AI, and data science models available in the market, it has become increasingly challenging to assess the safety of processing these models—especially when considering the potential for malicious content. This concern also extends to handling various file formats such as .zip, .dbc, .py, .bin, and others that are uploaded into the Databricks workspace.<BR />- Is there currently any mechanism in place within Databricks to track and verify the safety of models available in the environment?<BR />- How can we ensure that uploaded files are being scanned and monitored for potential malicious activity?<BR />- I am in the process of developing a tool aimed at scanning notebooks, models, and related artifacts for security risks.<BR />I would greatly appreciate your insights on how we can better safeguard this system and enhance our security posture.</P> Tue, 21 Oct 2025 13:51:08 GMT Chiran-Gajula 2025-10-21T13:51:08Z https://community.databricks.com/t5/administration-architecture/how-safe-is-databricks-workspaces-with-user-files-uploaded-to/m-p/135516#M4245 <P>With the growing adoption of diverse machine learning, AI, and data science models available in the market, it has become increasingly challenging to assess the safety of processing these models—especially when considering the potential for malicious content. This concern also extends to handling various file formats such as .zip, .dbc, .py, .bin, and others that are uploaded into the Databricks workspace.<BR />- Is there currently any mechanism in place within Databricks to track and verify the safety of models available in the environment?<BR />- How can we ensure that uploaded files are being scanned and monitored for potential malicious activity?<BR />- I am in the process of developing a tool aimed at scanning notebooks, models, and related artifacts for security risks.<BR />I would greatly appreciate your insights on how we can better safeguard this system and enhance our security posture.</P> Tue, 21 Oct 2025 13:51:08 GMT https://community.databricks.com/t5/administration-architecture/how-safe-is-databricks-workspaces-with-user-files-uploaded-to/m-p/135516#M4245 Chiran-Gajula 2025-10-21T13:51:08Z https://community.databricks.com/t5/administration-architecture/how-safe-is-databricks-workspaces-with-user-files-uploaded-to/m-p/135557#M4250 <P>Hi&nbsp;<a href="https://community.databricks.com/t5/user/viewprofilepage/user-id/193103">@Chiran-Gajula</a>&nbsp;,</P> <P>Thanks for raising this. There are a few complementary controls that can put in place across models, inference traffic, files, and observability.</P> <P class="qt3gz91 paragraph"><STRONG>Is there currently any mechanism in place within Databricks to track and verify the safety of models available in the environment?</STRONG></P> <UL class="qt3gz98 qt3gz92"> <LI class="qt3gz9a">Yes, Databricks provides governance and lineage for models via Unity Catalog (access controls, audit trails, cross‑workspace discovery, signature requirements), so you can trace provenance and enforce permissions. This, combined with endpoint guardrails in Mosaic AI Gateway (safety filtering/PII detection) and system tables, supports the safety and compliance of model use in production.</LI> <LI class="qt3gz9a">To ensure the safety of outputs at runtime, enable AI Gateway guardrails, Inference Tables, and Lakehouse Monitoring to detect/track harmful content or PII and measure quality over time (including LLM‑as‑judge metrics).</LI> <LI class="qt3gz9a">For host integrity, ESM adds malware/integrity monitoring on classic compute and logs detections to audit/system tables for review and alerting.</LI> <LI class="qt3gz9a">(<A href="https://www.databricks.com/blog/new-updates-mosaic-ai-gateway-bring-security-and-governance-genai-models" target="_self">source 1</A>) (<A href="https://docs.databricks.com/aws/en/machine-learning/manage-model-lifecycle#gsc.tab=0" target="_self">source 2</A>)</LI> </UL> <P><STRONG>How can we ensure that uploaded files are being scanned and monitored for potential malicious activity?</STRONG></P> <UL> <LI>Databricks does not automatically scan files at upload into object storage (DBFS/UC Volumes).</LI> <LI>The recommended pattern is to enable cloud‑native “on‑upload” malware scanning (for example, <A href="https://learn.microsoft.com/en-us/azure/defender-for-cloud/on-upload-malware-scanning" target="_self">Microsoft Defender for Storage on ADLS</A> or Amazon GuardDuty malware protection for S3) and stage/quarantine files before Autoloader or downstream ingestion. You can then move “clean” files from a quarantine/staging path into a “safe” landing path watched by <A href="https://docs.databricks.com/aws/en/ingestion/cloud-object-storage/auto-loader/#gsc.tab=0" target="_self">Autoloader</A>.</LI> <LI>There are other protections offered through <A href="https://docs.databricks.com/aws/en/security/privacy/enhanced-security-monitoring#gsc.tab=0" target="_self">enhanced security monitoring</A></LI> </UL> Tue, 21 Oct 2025 17:24:46 GMT https://community.databricks.com/t5/administration-architecture/how-safe-is-databricks-workspaces-with-user-files-uploaded-to/m-p/135557#M4250 stbjelcevic 2025-10-21T17:24:46Z