Model Weight Leakage Detection

Your model weights are your
most valuable โ€” and most exposed โ€” asset.

A single git push can leak billions of dollars in trained model value. PreserveIP detects model weight files in commits, forks, and pull requests โ€” and alerts your security team before the window closes.

Request Access โ†’ See a Live Alert
ipshield-monitor ยท scan-worker ยท github-commit
[2026-06-27 14:02:08] SCAN Received push event โ†’ acme-ai/ml-infra
[2026-06-27 14:02:08] SCAN Author: jsmith <jsmith@acme.ai>
[2026-06-27 14:02:09] SCAN Commit: abc1234 โ€” "fix training loop timeout"
[2026-06-27 14:02:09] FILE Added: checkpoints/gpt4-finetune-v3.pt (2.3 GB)
[2026-06-27 14:02:10] HASH SHA-256: a3f9d2b1... โ†’ MATCH registered model weight
[2026-06-27 14:02:11] AI Classifying with Claude Sonnet 4.6...
[2026-06-27 14:02:12] ALERT severity=CRITICAL type=model_weights confidence=0.97
[2026-06-27 14:02:12] RSNG "Developer pushed 2.3GB .pt file matching proprietary
transformer model signature to public repository."
[2026-06-27 14:02:12] SOC Incident created โ†’ dashboard.preserveip.net/incidents
[2026-06-27 14:02:12] SOC Total elapsed: 3.8 seconds
3.8s
avg detection time from push to alert
97%
AI confidence on weight file matches
12+
model file formats recognized
Detection Coverage

Every way a model weight can escape your organization

๐Ÿ“ฆ

Direct File Push

Model weight files committed directly to a git repository โ€” the most common leak vector. Detected by file extension, size signature, and hash match.

๐Ÿด

Fork-and-Push

Employee forks an internal repo to a personal account, then pushes weight files. PreserveIP tracks fork events and monitors the downstream repo.

๐Ÿ—œ๏ธ

Compressed Archives

.zip, .tar.gz, and .7z archives containing model files are flagged. Archive contents are inspected by filename and size before decompression.

๐Ÿ”—

External Download Links

Slack messages or PR comments containing signed S3 URLs, Google Drive links, or HuggingFace Hub references to proprietary models.

๐Ÿค—

HuggingFace Re-uploads

Public HuggingFace repository monitoring checks for model cards and weight files that match your registered fingerprints.

๐Ÿงช

Unauthorized Fine-Tunes

Fine-tuned derivatives inherit structural signatures from base models. PreserveIP's structural fingerprinting detects fine-tunes even when weights differ.

Early Access

Register your models. We'll catch every leak.

90-day pilot program available for design partners. No commitment required.

Start 90-Day Pilot โ†’ See AI Fingerprinting โ†’