AI Security Laboratory: Hands-On + Full-Stack (Lifetime Lab Access) (inglise keeles)
This training is a hands-on, full-stack guide to that landscape, showing how modern AI systems are attacked, built, and used in real-world security.
Koolituse maht: Koolituse kogumaht on 14 akadeemilist tundi, mis kõik on auditoorse ja praktilise töö tunnid (2 päeva).
Ajakava: 8.00–16.00* või 9.00–17.00* (Zürichi kohaliku aja järgi)
*Lõplik ajakava kinnitatakse umbes 2 nädalat enne koolituse algust.
Sihtgrupp: Security engineers, penetration testers, SOC analysts, developers, and others interested in AI security
Koolitusel osalemise eeldused:
- inglise keele oskus – koolitus viiakse läbi inglise keeles, harjutusülesanded on inglise keeles.
- Students should have a general understanding of application security and some experience with web technologies and APIs. Basic familiarity with programming or scripting, security testing practices, and working with the command line is recommended.
Tehnilised eeldused arvutile: Students will need a laptop with 64-bit operating system, at least 16 GB RAM, 120 GB free hard drive space, administrative access, ability to turn off AV/firewall and VMware Player/Fusion installed (64-bit version). Prior to the training, make sure there are no problems with running x86_64 VMs. You will need an OpenAI API key (required). A Lakera API key is optional.
Koolituse eesmärk
The objective of this course is: Hands-on, full-stack guide to AI security – showing how modern AI systems are attacked, built, and used in real-world security.
Koolituse kirjeldus
AI has introduced an entirely new layer of security risk — one that needs to be understood from both attacker and builder perspectives. This training is a hands-on, full-stack guide to that landscape, showing how modern AI systems are attacked, built, and used in real-world security.
You will work through the offensive side of AI security with prompt injection, jailbreaking, and fuzzing of LLM applications. You will also apply AI in security engineering and daily operations — turn AI building blocks into practical workflows and use AI security tools for everyday tasks.
Along the way, you will move into more advanced capabilities — building agentic AI for real-time security operations, applying AI to vulnerability research and PoC development, and exploring how smarter AI can assess other AI.
The training includes hands-on exercises, reusable Python scripts, and lifetime lab access — so you can continue practicing and applying what you learned long after the class ends.
Students will be given a VMware image with a specially prepared lab environment to work on many topics and exercises in this training. When the training is over, students can take the lab environment home (after signing a non-disclosure agreement) to continue practicing at their own pace.
Pärast selle koolituse läbimist oled õppinud järgmist:
- prompt injection: direct and indirect
- LLM jailbreaking
- fuzzing LLM applications
- AI-powered shell
- advanced prompting
- local LLMs / private AI
- AI programming
- AI attack detection
- OpenAI models and API
- embeddings
- quantization
- LLM Guard
- building agentic AI
- creating your own prediction model
- CVE research / PoC development with AI
- smarter AI assessing other AI
- specialized AI security tools
- and more …
Koolitus toimub koostöös Silesia Security Lab
Koolitaja
Koolitaja Dawid Czagan on rahvusvaheliselt tunnustatud küberturbe uurija ja koolitaja ning Silesia Security Labi asutaja ja tegevjuht. Ta on kantud HackerOne’i top-häkkerite hulka. Dawid Czagan on avastanud turvaauke ettevõtetes nagu Apple, Google, Mozilla, Microsoft ja paljudes teistes. Tänu mitmete leitud haavatavuste (bugs) kõrgele riskitasemele, on ta saanud arvukalt auhindu.
Dawid Czagan jagab oma ründe- ja küberkaitse valdkonna kogemusi praktiliste koolituste kaudu. Ta on viinud läbi koolitusi valdkonna juhtivatel konverentsidel, sealhulgas DEF CON (Las Vegas), OWASP Global AppSec EU (Barcelona), Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Pariis), NorthSec (Montreal), HITB GSEC (Singapur) ning paljudele ettevõtete klientidele. Tema õpilaste hulka kuuluvad turvaspetsialistid sellistest ettevõtetest nagu Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips ning valitsussektorist.
Osalejate tagasisidet ja soovitusi saab lugeda Dawid Czagan’i LinkedIni profiililt. Need on kättesaadavad ka siin: Silesia Security Lab
Koolituse teemad
- AI/LLM attack vectors, including various forms of prompt injection and LLM jailbreaking techniques
- AI programming for security practitioners — working with local LLMs / private AI and cloud models (OpenAI / API), and building AI workflows for security use cases (e.g. fully private AI setups)
- AI attack detection, including the use of local LLMs, anonymizing data before sending it to cloud LLM providers, and applying open-source defenses such as LLM Guard
- Fuzzing LLM applications, which differs from traditional fuzzing due to the non-deterministic nature of modern LLMs
- Using AI in security practitioners’ daily operations — including AI-powered shell, advanced prompting, and AI security tools
- Ready-to-use Python scripts, providing hands-on experience and reusable AI building blocks for daily security tasks
- Smarter AI assessing other AI, along with interesting AI techniques and projects for security practitioners
- CVE research and PoC development with AI
- Building agentic AI for real-time security operations
- and more …
Koolituse õpiväljundid
Koolituse edukal läbimisel osaleja:
- have gained the skills needed to..
Koolitushind sisaldab:
- Koolitus viiakse läbi koolitaja poolt, kes omab vähemalt täiskasvanute koolitaja taset 5 või töökogemust vastavas valdkonnas.
Õppekeskkonna kirjeldus: Õppekorralduse alused (alapunkt 8)
Täiendkoolituse õppekava rühm: tarkvara ja rakenduste arendus ning analüüs (0613 ISCED)
Koolitaja
-
Dawid CzaganAn internationally recognized security researcher and trainer. He is listed among top hackers at HackerOne. Due to the severity of many bugs, he received numerous awards for his findings.Dawid Czagan is an internationally recognized security researcher and trainer. He is listed among top hackers at HackerOne. Dawid Czagan has found security bugs in Apple, Google, Mozilla, Microsoft and many others. Due to the severity of many bugs, he received numerous awards for his findings.
Dawid Czagan shares his offensive security experience through his hands-on training courses. He has delivered training sessions at key industry conferences such as DEF CON (Las Vegas), OWASP Global AppSec EU (Barcelona), Hack In The Box (Amsterdam), CanSecWest (Vancouver), 44CON (London), Hack In Paris (Paris), NorthSec (Montreal), HITB GSEC (Singapore) and for many corporate clients. His students include security specialists from Oracle, Adobe, ESET, ING, Red Hat, Trend Micro, Philips and government sector (recommendations are available on Dawid Czagan’s LinkedIn profile (https://www.linkedin.com/in/dawid-czagan-85ba3666/). They can also be found here: https://silesiasecuritylab.com/services/training/#opinions).
Sulle võib huvi pakkuda ka:
