👋 Year End Sale!

Day

:

Hour(s)

:

Minute(s)

:

Second(s)

Buy Now
Study Later
You can buy a course now and start it whenever you want. It could be in a week, a month, or even a year. You can start your course when you're ready.
Practical DevSecOps Logo
  • Course and Certifications
    • Courses
      • Learning Path
      • DevSecOps Professional (CDP)
      • AI Security Professional (CAISP)
      • DevSecOps Expert (CDE)
      • Container Security Expert (CCSE)
      • Cloud-Native Security Expert (CCNSE)
      • Threat Modeling Professional (CTMP)
      • API Security Professional (CASP)
      • Software Supply Chain Security Expert (CSSE)
      • Security Champion (CSC)
    • Certifications
      • Certified DevSecOps Professional (CDP)
      • Certified AI Security Professional (CAISP)
      • Certified DevSecOps Expert (CDE)
      • Certified Container Security Expert (CCSE)
      • Certified Cloud-Native Security Expert (CCNSE)
      • Certified Threat Modeling Professional (CTMP)
      • Certified API Security Professional (CASP)
      • Certified Software Supply Chain Security Expert (CSSE)
      • Certified Security Champion (CSC)
    • Certification Process
      • Certification Process
      • Digital Badges
      • Career Pathways
      • Verify a Certification
      • Exam retake
  • Pricing
  • Enterprise
  • Resources
    • FAQs
    • Lab Extension
    • Blogs
    • DevSecOps Live
    • E-Books
  • About PDSO
    • Testimonials
    • Careers
    • Contact Us
  • Enroll Now
+1 (415) 800 4768
[email protected]
Practical DevSecOps - Hands-on DevSecOps Certification and Training.
  • Course and Certifications
    • Courses
      • Learning Path
      • DevSecOps Professional (CDP)
      • AI Security Professional (CAISP)
      • DevSecOps Expert (CDE)
      • Container Security Expert (CCSE)
      • Cloud-Native Security Expert (CCNSE)
      • Threat Modeling Professional (CTMP)
      • API Security Professional (CASP)
      • Software Supply Chain Security Expert (CSSE)
      • Security Champion (CSC)
    • Certifications
      • Certified DevSecOps Professional (CDP)
      • Certified AI Security Professional (CAISP)
      • Certified DevSecOps Expert (CDE)
      • Certified Container Security Expert (CCSE)
      • Certified Cloud-Native Security Expert (CCNSE)
      • Certified Threat Modeling Professional (CTMP)
      • Certified API Security Professional (CASP)
      • Certified Software Supply Chain Security Expert (CSSE)
      • Certified Security Champion (CSC)
    • Certification Process
      • Certification Process
      • Digital Badges
      • Career Pathways
      • Verify a Certification
      • Exam retake
  • Pricing
  • Enterprise
  • Resources
    • FAQs
    • Lab Extension
    • Blogs
    • DevSecOps Live
    • E-Books
  • About PDSO
    • Testimonials
    • Careers
    • Contact Us
  • Enroll Now

Certified AI Security Professional (CAISP)TM

The Certified AI Security Professional course offers an in-depth exploration of the risks associated with the AI supply chain, equipping you with the knowledge and skills to identify, assess, and mitigate these risks.

Through hands-on exercises in our labs, you will tackle various AI security challenges. You will work through scenarios involving model inversion, evasion attacks, and the risks of using publicly available datasets and models. The course also covers securing data pipelines, ensuring model integrity, and protecting AI infrastructure.

We start with an overview of the unique security risks in AI systems, including adversarial machine learning, data poisoning, and the misuse of AI technologies. Then, we delve into security concerns specific to different AI applications, such as natural language processing, computer vision, and autonomous systems.

In the final sections, you’ll map AI security risks against frameworks like the MITRE ATLAS (Adversarial Threat Landscape for Artificial-Intelligence Systems) and explore best practices for managing these risks. The course also covers secure AI development techniques, including differential privacy, federated learning, and robust AI model deployment.

By the end of this course, you will have a thorough understanding of the threats facing AI systems and strategies to secure them, ensuring the safe and ethical deployment of AI technologies in various industries.

After the training, you will be able to:

  • Earn the Certified AI Security Professional (CAISP) Certification by passing a 6-hour practical exam.
  • Prove to employers and peers, a practical understanding of the AI risks and mitigations.
Enroll Now
  • Self-paced Learning Mode
  • Browser-based Lab Access
  • 24/7 Instructor Support via Mattermost

Course Prerequisites

  1. Course participants should have knowledge of running basic Linux commands like ls, cd, mkdir, etc.,
  2. Familiarity with any scripting language like Python, Golang, or ruby helps. However, it’s not a necessity.

Learning Objectives

  1. Understand the critical role of AI security in protecting organizations from various threats.
  2. Identify the types of attacks targeting AI systems, including adversarial attacks, data poisoning, and model inversions.
  3. Develop strategies for assessing and mitigating security risks in AI models, data pipelines, and infrastructure.
  4. Apply best practices for securing AI systems, leveraging guidance from frameworks like MITRE ATLAS and other industry standards.

Chapter 1: Introduction to AI Security

  1. Course Introduction (About the course, syllabus, and how to approach it)
  2. About Certification and how to approach it
  3. Course Lab Environment
  4. Lifetime course support (Mattermost)
  5. An overview of AI Security
  6. Basics of AI and ML
    1. What is AI?
    2. History and evolution of AI
    3. Key concepts in AI
  7. Types of AI
    1. Narrow AI vs. General AI
    2. Supervised Learning
    3. Unsupervised Learning
    4. Reinforcement Learning
    5. Natural Language Processing (NLP)
    6. Computer Vision
  8. Core Components of AI Systems
    1. Algorithms and Models
    2. Data
    3. Computing Power
  9. Introduction to Machine Learning
    1. What is Machine Learning?
    2. Differences between AI and ML
    3. Key ML concepts
  10. Retrieval Augmented Generation
  11. Basics of Deep Learning
    1. What is Deep Learning?
    2. Introduction to Neural Networks
    3. Brief overview of Convolutional Neural Networks (CNNs)
  12. Hands-on Exercise:
    1. Learn how to use our browser-based lab environment
    2. Setup Invoke Ai a creative visual AI tool
    3. Create a chatbot with Python and Machine learning
    4. Text classification with TensorFlow
    5. Implementing Duckling for converting Text into Structured Data

Chapter 2: Attacking and Defending Large Language Models

  1. Introduction to Large Language Models
    1. Definition of Large Language Models
    2. How LLMs work
    3. Importance and impact of LLMs in AI
  2. Understanding LLM’s
    1. GPT (Generative Pre-trained Transformer)
    2. BERT (Bidirectional Encoder Representations from Transformers)
  3. Training and Augmenting LLMs
    1. Foundational model and fine tuned model
    2. Retrieval augmented generation
  4. Use Cases of LLMs
    1. Text Generation
    2. Text Understanding
    3. Conversational AI
  5. Attack Tactics and Techniques
    1. Mitre ATT&CK
    2. Mitre ATLAS matrix
    3. Reconnaissance tactic
    4. Resource development tactic
    5. Initial access tactic
    6. ML model access tactic
    7. Execution tactic
    8. Persistence tactic
    9. Privilege escalation tactic
    10. Defense evasion tactic
    11. Credential access tactic
    12. Discovery tactic
    13. Collection tactic
    14. ML attack staging
    15. Exfiltration tactic
    16. Impact tactic
  6. Real-World LLM attack tools on the internet
    1. XXXGPT
    2. WormGPT
    3. FraudGPT
  7. Hands-on Exercises:
    1. Scanning an LLM for agent based vulnerabilities
    2. Attacking AI Chat Bots
    3. Perform adversarial attacks using text attack
    4. Perform Webscraping using PyScrap
    5. Hide data in images using StegnoGAN
    6. Adversarial Robustness Toolbox
    7. Bias Auditing & “Correction” using aequitas

Chapter 3: LLM Top 10 Vulnerabilities

  1. Introduction to the OWASP Top 10 LLM attacks
  2. Prompt Injection
    1. System prompts versus user prompts
    2. Direct and Indirect prompt injection
    3. Prompt injection techniques
    4. Mitigating prompt injection
  3. Insecure Output Handling
    1. Consequences of insecure output handling
    2. Mitigating insecure output handling
  4. Training Data Poisoning
    1. LLM’s core learning approaches
    2. Mitigating training data poisoning
  5. Model Denial of Service
    1. DoS on networks, applications, and models
    2. Context windows and exhaustions
    3. Mitigating denial of service
  6. Supply Chain Vulnerabilities
    1. Components or Stages in an LLM
    2. Compromising LLM supply chain
    3. Mitigating supply chain vulnerabilities
  7. Sensitive Information Disclosure
    1. Exploring data leaks in various incidents
    2. Mitigating sensitive information disclosure
  8. Insecure Plugin Design
    1. Plugin/Connected software attack scenarios
    2. Mitigating insecure plugin design
  9. Excessive Agency
    1. Excessive permissions and autonomy
    2. Mitigating excessive agency
  10. Overreliance
    1. Understanding hallucinations
    2. Overreliance examples
    3. Mitigating overreliance
  11. Model Theft
    1. Stealing models
    2. Mitigating model theft
  12. Hands-on Exercises:
    1. Prompt Injection
    2. Training Data Poisoning
    3. Excessive agency attack
    4. Adversarial attacks using foolbox
    5. Overreliance attack
    6. Insecure plugins
    7. Insecure output handling attack
    8. Exploiting Data Leakage
    9. Permission Issues in LLM

Chapter 4: AI Attacks on DevOps Teams

  1. Introduction to AI in DevOps
    1. Definition and principles of DevOps
    2. The role of AI in enhancing DevOps practices
  2. Types of AI attacks on DevOps
    1. Data Poisoning in CI/CD Pipelines
    2. Model Poisoning
    3. Adversarial Attacks
    4. Dependency Attacks
    5. Insider Attacks
  3. Real-World case of AI Attacks on DevOps
    1. Hugging Face artificial intelligence (AI) platform
    2. NotPetya attack
    3. SAP AI Core vulnerabilities
  4. Hands-on Exercises:
    1. Poisoned pipeline attack
    2. Dependency confusion attacks
    3. Exploitation of Automated Decision-Making Systems
    4. Compromising CI/CD infrastructure

Chapter 5: AI Threat Modelling

  1. Introduction to AI Threat Modelling
    1. Definition and purpose of threat modeling
    2. Importance in the context of AI security
  2. Key Concepts in AI Threat Modelling
    1. Assets
    2. Threats
    3. Vulnerabilities
    4. Attack Vectors
  3. AI Threat Modeling Methodologies
    1. STRIDE framework
    2. STRIDE GPT
    3. LINDDUN Framework
    4. MITRE ATLAS
  4. Tools for AI Threat Modelling
    1. Automated Threat Modelling Tools
    2. Manual Techniques
  5. Best Practices for AI Threat Modelling
  6. Hands-on Exercises:
    1. OWASP Threat Dragon
    2. Iruis Risk lab for threat modeling
    3. StrideGPT

Chapter 6: Supply Chain Attacks using AI

  1. An overview of the Supply Chain Security
  2. Introduction to AI Supply Chain Attacks
  3. Importance of Securing AI Supply Chains
  4. Software and Hardware Supply Chain Attacks
    1. Introduction of malicious code or hardware components
    2. Impact on the overall AI system integrity
  5. Mitigating AI Supply Chain Attacks
    1. Securing Data Pipelines
    2. Protecting Training Environments
    3. Managing Dependencies and Libraries
    4. Implementing Robust Access Controls
    5. Continuous Monitoring and Incident Response
    6. Adopting Secure Development Practices
    7. Collaborating with Supply Chain Partners
  6. Hands-on Exercises:
    1. Supply Chain Dependency Attack
    2. Transfer Learning and Pre-trained Model Attacks
    3. Flagging vulnerable dependencies using flag
    4. Model Inversion Attack
    5. Backdoor attacks using BackdoorBox

Chapter 7: Emerging Trends in AI Security

  1. Explainable AI (XAI)
    1. Importance of Explainability
    2. Techniques for Explainability
  2. AI Governance and Compliance
    1. Regulatory Requirements
    2. Best Practices for AI Governance
  3. Future Trends in AI Security
    1. Emerging Threats
    2. Innovations in AI Security
  4. Hands-on Exercises:
    1. Explainable AI basics
    2. AuditNLG to audit generative AI
    3. Scan malicious python packages using aura.

Practical DevSecOps Certification Process

  1. After completing the course, you can schedule the CAISP exam on your preferred date.
  2. Process of achieving Practical DevSecOps course certifications can be found on the exam and certification page.
Enroll Now
Back to Course List

Ready to learn DevSecOps?

Get in touch, or Register now!

Enroll Now
Contact Us

About Us

  • Courses
  • FAQs
  • Blogs
  • Affiliate program
  • Contact Us
  • Privacy Policy
  • Terms and Conditions

Training Services

  • On-demand Training
  • Instructor-led Training
  • Enterprise
  • Press Release

Community

  • DevSecOps Meetup
  • DevSecOps Newsletter
  • Ebooks
  • DevSecOps University
    (DevSecOps Learning Resources)

Certification Process

  • Lab Extension
  • Digital Badges
  • Certification Process
  • Exam retake
  • Facebook
  • X
  • LinkedIn
© 2024 Practical DevSecOps (A Hysn Technologies Inc Company)
We use cookies to ensure that we give you the best experience on our website. By continuing, you agree to our use of cookies Privacy policy.Accept