SageMaker | AWS | Fluid Attacks Help

SageMaker

Rationale

SageMaker is the platform we use for developing solutions involving Machine Learning.

The main reasons why we chose it over other alternatives are:

  1. It integrates with EC2, allowing to easily provision cloud computing resources. Such feature is essential in order to have horizontal autoscaling.
  2. It complies with several certifications from ISO and CSA. Many of these certifications are focused on granting that the entity follows best practices regarding secure cloud-based environments and information security.
  3. It integrates with S3, allowing us easily to store raw data, datasets and training outputs in our S3 Bucket.
  4. It supports a wide range of EC2 ML-specific machines for training models.
  5. It supports EC2 spot machines, allowing to considerably reduce machine costs.
  6. Thanks to its horizontal autoscaling capabilities, it is very easy to implement parallelism by running several models or feature combinations in separate machines, greatly increasing training performance.
  7. It supports Hyperparametrization, allowing to concurrently train several instances of a model using different parameter values. Such feature is essential for optimizing our most accurate model.
  8. It integrates with IAM, allowing to keep a least privilege approach regarding authentication and authorization.
  9. It supports a wide range of frameworks, including scikit-learn, the one that Sorts uses.
  10. EC2 workers performance can be monitored via CloudWatch.
  11. Logs for training jobs can be monitored via CloudWatch.

Alternatives

  1. IBM Watson Studio: It does not integrate with EC2 or S3, increasing overall complexity. Pending to review.
  2. GCP Vertex AI: It does not integrate with EC2 or S3, increasing overall complexity. Pending to review.
  3. Azure machine learning: It does not integrate with EC2 or S3, increasing overall complexity. Pending to review.

Usage

  1. We use SageMaker as the Machine Learning platform for training sorts, our ML-based software vulnerability scanner.
  2. We do not use SageMaker spot instances. Pending to implement.