APC 技術ブログ


株式会社 エーピーコミュニケーションズの技術ブログです。

Introducing the Databricks AI Security Framework (DASF) to Manage AI Security Risks


Databricks' security team has developed the Databricks AI Security Framework (DASF) in collaboration with top cyber security researchers from OWASP, Gartner, NIST, McKinsey, and several Fortune 100 companies. This framework is designed to manage AI security risks effectively. This session outlined the importance of AI security and fundamental approaches to addressing it, providing an overview of the agenda and introducing guest speakers.


The initial section emphasized the importance of AI security and introduced the Databricks AI Security Framework (DASF) as a strategic solution. Attendees were provided with an overview of what to expect throughout the presentation, offering them an opportunity to grasp basic security concepts specialized for AI projects.

As AI technology rapidly advances, so too does the landscape of security risks. In response, Databricks has introduced an innovative security framework to manage these risks efficiently.

The agenda detailed the structure of DASF, elaborated on strategies to identify potential threats, and discussed measures to effectively counter these threats. This framework not only provides technical guidelines but also serves as a foundation for forming policies and procedures for organizations tackling AI security.

The co-development of the framework with insights from industry leaders has encouraged attendees to consider integrating security into their organization's AI implementations from the forefront.

This introduction sets the stage for deeper discussions, aiming to build a robust foundation in AI security for participants as the session progresses.

Overview of the Databricks AI Security Framework (DASF) and Industry Collaboration

1. Development Background of DASF

The Databricks AI Security Framework (DASF) was developed in close collaboration with leading cybersecurity research institutions like OWASP, Gartner, NIST, McKinsey, and involved several Fortune 100 companies. This collaborative effort established extensive guidelines for simplifying the management of AI security risks.

2. Components of the Framework

DASF is structured around a methodology called "Three Steps," beginning with defining a clear methodology to assess risks associated with AI systems. It then progresses to selecting appropriate mitigation strategies, concluding with establishing actionable guidelines for effectively implementing these measures.

3. Collaboration with Various Industries

The creation of DASF benefited from the insights and expertise of industry leaders known for their contributions to security. Their continuous input has significantly improved the framework, enhancing its practicality and effectiveness in managing AI security. The framework continually evolves through regular discussions and joint reviews across different industries, emphasizing a shared commitment to bolstering AI security management.

AI Security Practical Incidents and Lessons Learned

Discussions on AI security have garnered attention by analyzing various real-world incidents. This session underscored the importance of understanding the differences between AI and traditional cybersecurity. While traditional cybersecurity knowledge is substantial, AI introduces different vulnerabilities and requires new preventative approaches.

Numerous cases were discussed, focusing on the complexity of each incident without naming specific organizations. This approach aimed to focus not on the parties involved but on the underlying issues and strategic responses.

The purpose of this approach was to highlight the unique challenges of AI security and enable attendees to draw practical insights from each scenario. The ultimate goal was for participants to leverage this thorough understanding to avoid similar pitfalls in their AI implementations.

By the end of the session, a deeper understanding of AI security risks enabled attendees to use learned strategies to preemptively prevent potential security issues, thereby more effectively protecting their AI systems.

This section emphasized the importance of identifying potential risks in AI systems and systematically cataloging these risks. The Databricks AI Security Framework developed an extensive catalog of 55 risks categorized based on relevance and impact to AI infrastructure. Risks depicted in black represent traditional cybersecurity threats, while those in red indicate new attack vectors specific to AI technology.

This categorization is essential for organizations in determining risks associated with specific AI applications, enabling the implementation of targeted security measures. Particularly, the risks highlighted in red emphasize emerging threats and new attack methods indigenous to AI systems. These represent new challenges that require attention as AI technology continues evolving and permeating various industries.

Establishing an effective security strategy, this risk catalog functions as a comprehensive checklist, facilitating a thorough investigation of AI-specific vulnerabilities and helping to formulate robust countermeasures.

By adhering to the AI requirements outlined in DASF and utilizing the risk catalog, organizations can significantly strengthen their security posture in the realm of AI. Keeping this framework up-to-date and relevant is crucial in ensuring safe and confident use of AI across various sectors.

Recently, Databricks announced the innovative AI Security Framework, Databricks AI Security Framework (DASF), formulated in collaboration with its dedicated security team and top cybersecurity experts from OWASP, Gartner, NIST, McKinsey, and several Fortune 100 companies. The primary focus of DASF is to effectively manage and mitigate AI security risks by implementing robust controls.

Risk Management and Control Implementation

This section detailed how risks are systematically identified using DASF and strategically addressed with corresponding controls. DASF identifies 25 potential risks, 24 of which require specific controls for appropriate mitigation. The granularity of this risk categorization emphasizes the precision with which the framework identifies and proposes the most suitable management strategies for each individual risk.

For each identified risk, DASF prescribes specific controls. It's important to note that not all 53 controls outlined in the framework need to be employed initially. Based on specific use cases, relevant controls are selected and systematically applied to the data platform, ensuring a tailor-made approach to risk management.

Comprehensively, Databricks provides extensive documentation for each control within the framework. This meticulous documentation serves as a valuable resource, guiding users in effectively setting up their database workspaces and data assets in accordance with prescribed risks and controls. This proactive measure plays a critical role in strengthening the security posture of AI systems used within organizations.


The meticulous process of risk management and control implementation forms the cornerstone of protecting AI projects. Through the Databricks AI Security Framework (DASF), organizations are equipped with a methodical and structured pathway to effectively navigate these processes. By faithfully integrating these controls into the data platform, organizations can significantly enhance their ability to mitigate the diverse security risks closely associated with AI systems, thereby strengthening their defensive capabilities in the evolving landscape of AI technology.

About the special site during DAIS

This year, we have prepared a special site to report on the session contents and the situation from the DAIS site! We plan to update the blog every day during DAIS, so please take a look.