Detail kurzu
Offensive AI Exploits and Security (LFWS320)
EDU Trainings s.r.o.
Popis kurzu
LLM applications introduce a new class of vulnerabilities that existing playbooks weren’t designed to address. This hands-on course gives you the specialized offensive knowledge to find, exploit, and remediate all 10 attack classes in the OWASP® Top 10 for LLM applications, from RAG prompt injections to multi-agent pipeline poisoning. Exploit all 10 vulnerability classes in the OWASP® Top 10 for LLM Applications, including prompt injection, guard bypass, indirect injection, memory poisoning to multi-agent pipeline poisoning, and recommend LLM-native defensive architectures to remediate them.
Move into AI red-teaming, LLM penetration testing, and AI security engineering roles by demonstrating the ability to assess, exploit, and advise on the security of LLM-powered applications.
Move into AI red-teaming, LLM penetration testing, and AI security engineering roles by demonstrating the ability to assess, exploit, and advise on the security of LLM-powered applications.
Obsah kurzu
Introduction & SetupLLM architectures (RAG, agents, multi-agent), OWASP® Top 10, attack surface mapping.
Direct Prompt Injection
RAG attacks, semantic retrieval, data extraction, dual-LLM defenses.
Guard Bypass
Encoding bypass, synonym attacks, multi-step extraction, guard hardening.
IP/Header Spoofing
X-Forwarded-For, LLM auth delegation risks, context injection.
Agent Tool Abuse
LangChain/LangGraph abuse, command execution, tool scoping.
Indirect Injection & SSRF
Data vs instruction boundary, webhook SSRF, sanitization.
Multi-Modal Injection
Vision model attacks, steganography, dual-vision guards.
Memory Poisoning
Conversational memory abuse, escalation spoofing.
Schema Confusion
Function-calling abuse, path traversal, tool ambiguity.
Customer Support AI
Multi-Agent Poisoning
Capstone & Wrap-Up
Cieľová skupina
For penetration testers, red teamers, security engineers, and AI/ML engineers who need hands-on offensive skills for LLM-powered applications. Also relevant for AppSec and DevSecOps professionals integrating AI into existing pipelines.
Certifikát
Na dotaz.
Hodnotenie
Organizátor
Podobné kurzy
podľa názvu a lokality