

Attacking AI (February 27-28 Live)
(Note: the course will be recorded and distributed to students after completion.)
This two-day course equips security professionals with the tools and methodologies to identify vulnerabilities in AI systems, including LLMs and image-based AI, and implement effective defensive strategies.
Participants will explore real-world case studies and perform hands-on labs to reinforce learning.
- Duration/Time: February 27-28 - 10am-5pm MST. 1hr Lunch.
- Format: Hybrid of lectures, interactive discussions, and hands-on labs
- Prerequisites: Intermediate cybersecurity knowledge and basic understanding of AI concepts.
** This syllabus is still in draft. It may not represent the full gamut of topics in the final class as the AI space moves rapidly **
Day 1:
The AI Goldrush
- Overview of AI's rapid adoption and security implications
- Key industries using AI
Common Architectures and Ecosystems
- Development Pipeline
- Operations Architecture
- Cloud Components
- Models
- LLM RAG
- LLM Agents
LLM-Powered APIs and Internal Systems
- Implementation Types
- Implementation Case Studies
Future AI Systems
- Speculating on next-generation AI threats
Threat Modeling AI Systems
- Common AI Threat Models
- Contextual AI Threat Models
- Threat Modeling a LLM Based System
- Threat Modeling a Image Based System
- Exercise
Day 2:
AI Red Teaming Methodologies for Security Professionals
- Methodologies
- Industry Players
LLM JailBreaking for Security Professionals
- Methodologies
Prompt Injection for Security Professionals
- Methodologies
- Primitives
- One Shots
MITRE ATLAS
- Overview of ATLAS and its applicability.
OWASP AI Top Ten
- Overview of TT LLM and its applicability.
The Arcanum LLM Assessment Methodology
- Our comprehensive testing methodology with checklist and notes for security auditors with examples.
Defending AI Systems
The Arcanum AI Defense Layers
- Defending Layer One (Ecosystem)
- Defending Layer Two (Model)
- Defending Layer Three (Prompt)
- Defending Layer Four (Data)
- Defending Layer Five (Application)
Wrap up discussions and questions and answer session.