CONTACT ONS

Cursusaanbod

The AI Threat Landscape

  • Why AI security is different: non-determinism, opaque reasoning, prompt as attack surface
  • Attack taxonomy: training-time vs inference-time vs supply chain attacks
  • The ML adversary model: who attacks AI systems and why

OWASP Top 10 for LLM Applications

  • Prompt injection: direct and indirect attack vectors
  • Insecure output handling and cross-plugin request forgery
  • Training data poisoning and supply chain vulnerabilities
  • Model denial of service, sensitive information disclosure, and excessive agency
  • Hands-on lab: exploiting each OWASP category against a test application

Prompt Injection and Jailbreak Red Teaming

  • Taxonomy of injection techniques: direct, indirect, multi-turn, and multi-modal
  • Automated red-teaming with Giskard, Garak, and custom fuzzing tools
  • Jailbreak classification and defense evaluation
  • Building a red-team harness for continuous LLM security testing

Model-Level Attacks and Defenses

  • Model extraction: stealing model weights and functionality via API queries
  • Membership inference: determining if data was in the training set
  • Adversarial examples: perturbations that fool classifiers and embeddings
  • Data poisoning: corrupting training data to induce backdoors or degrade performance

Input and Output Security Controls

  • Input sanitization beyond traditional web defenses
  • Output filtering: toxicity, PII leakage, hallucinated code execution
  • Guardrails as security infrastructure: NeMo, Guardrails AI, and custom policies
  • Structured output enforcement as a security boundary

AI Supply Chain Security

  • Model provenance: verifying model authenticity and integrity
  • Dependency scanning for ML frameworks and model formats
  • Secure model serving: sandboxing, network isolation, and least-privilege access
  • Vetting fine-tuned and community models for embedded malware

Operational Security for AI Systems

  • Access control for model endpoints, vector stores, and agent tools
  • Audit logging for every model interaction and decision
  • Incident response for AI-specific breaches: when the model itself is compromised
  • Continuous security testing in CI/CD for ML pipelines

Building an AI Security Program

  • AI security maturity model and roadmap
  • Integrating AI security into existing AppSec and cloud security programs
  • Governance frameworks and emerging regulations for AI systems
  • Creating and maintaining an organizational AI security playbook

Vereisten

  • Experience deploying ML models or LLM applications in production.
  • Familiarity with security concepts including authentication, authorization, and threat modeling.
  • Python proficiency for adversarial testing exercises.

Audience

  • Security engineers expanding into AI/ML threat surfaces.
  • ML engineers responsible for model safety and robustness.
  • Red team members adding AI systems to their testing scope.
 14 Uren

Aangepaste bedrijfsopleiding

Opleidingsoplossingen ontworpen exclusief voor bedrijven.

  • Aangepaste inhoud: We passen de syllabus en praktijkopdrachten aan naar de echte doelen en behoeften van uw project.
  • Voor flexibel schema: Datums en tijden aangepast aan het rooster van uw team.
  • Formaat: Online (live), In-company (bij uw kantoren) of Hybride.
Investering

Prijs per privégroep, online live training, startend vanaf 3200 € + BTW*

Neem contact met ons op voor een exacte offerte en om onze laatste promoties te horen

Voorlopige Aankomende Cursussen

Gerelateerde categorieën