Flagship AI security course
Secure AI Development and OWASP LLM Top 10
Convert LLM and agent security risks into developer, architecture and release practices before your GenAI systems reach sensitive data, tools and production users.
Security Outcomes
The workshop teaches teams how to spot insecure AI flows, contain excessive agency, protect retrieval pipelines and build practical AI release checklists.
Threat model AI apps
Map trust boundaries across prompts, retrieval, APIs, tools, users, identities and data stores.
Defend against misuse
Identify prompt injection, data leakage, insecure tool use, retrieval poisoning and excessive permissions.
Create release gates
Build review practices for AI APIs, secrets, identity, logging, monitoring and governance evidence.
Course Modules
AI threat model
LLM apps, RAG, agents, tools, trust boundaries and data flow.
OWASP LLM risks
Prompt injection, sensitive disclosure, supply chain, poisoning and improper output handling.
Prompt injection and data leakage
Direct and indirect injection, retrieval poisoning, system prompt leakage and mitigations.
Tool and MCP security
Tool authorization, approval flows, audit logging and excessive agency controls.
Secrets and identity
Managed identity, tokens, least privilege, API keys, vaults and secure configuration.
Governance
Risk acceptance, release gates, monitoring, incident response and security review playbooks.
Capstone
Participants perform a security review of a sample AI application and produce findings, mitigations and release recommendations.
Included templates
- OWASP LLM Top 10 review checklist
- Agent and tool security checklist
- Secure AI API checklist
- AI threat-modeling worksheet
Bring Secure AI Training To Your Teams
Use this as a developer workshop, security enablement program or pre-production review accelerator for GenAI, RAG and agentic AI initiatives.
