LLM10 - Vulnerability Example 2 isn't a vulnerability

[mbomb007]

Top 10 for LLMs

In the LLM10: Model Theft section, the "Common Examples of Vulnerability" sub-section number 2 (see page 30, which is the 31st page of the PDF) is not a vulnerability example. I think it should be in the mitigations sub-section.

Use a centralized ML Model Inventory or Registry for ML models used in production. Having a centralized model registry prevents unauthorized access to ML Models via access controls, authentication, and monitoring/logging capability which are good foundations for governance. Having a centralized repository is also beneficial for collecting data about algorithms used by the models for the purposes of compliance, risk assessments, and risk mitigation

[GangGreenTemperTatum]

thanks @mbomb007 for reporting this! since it's the PDF in question, this won't most likely be fixed until v2.0 publishing but it's most likely somewhere in the site and repo too potentially, i'll triage this to design leads

[GangGreenTemperTatum]

ah, i thought i remembered this and already fixed in v2.0 here under "Prevention and Mitigation Strategies" which will be inherintly fixed in v2.0 PDF :)