AI Practitioner Path · modules
From "what is a token?" to "I can red-team production AI systems." Tokens, prompts, RAG, fine-tuning, AI security — security mindset baked in.
Module 13 · AI Security Evaluations
How do you know if your AI is safe enough? Structured evaluation. Eval categories Adversarial robustness — does it resist attacks? Toxicity — does it produce harmful content? Bias — does it discriminate? Privacy — does it leak training data? Reliability — does it hallucinate? Capability — what can the model do that’s sensitive? Tools […]
Module 9 · AI Agent Security
Agents are LLMs that call tools. Permissions matter exponentially. The threat model An agent compromised via prompt injection in any input source (user query, retrieved doc, tool output) executes attacker’s instructions with the agent’s permissions. Defences Least privilege per agent — only the minimum tools needed for its purpose Read-only by default — write actions […]
Module 12 · LLM Jailbreak Defence
Jailbreaks bypass model safety training. New variants constant. Common patterns Roleplay — “Pretend you are DAN (Do Anything Now)” Encoding — base64, ROT13, leetspeak Multi-turn — gradually shift context away from policy Character set tricks — Unicode confusables Adversarial suffixes (GCG) — discovered tokens that flip safety Crescendo — multi-turn gradient toward sensitive content Defences […]
Module 4 · Fine-tuning & Custom Models
When APIs aren't enough — train, evaluate, deploy custom models on your own infra. LoRA, vLLM, evals, and the cost trade-offs.