About the course
AI-powered applications bring new security challenges. In this intensive course, participants will move beyond theory and gain practical experience with the most significant vulnerabilities affecting Large Language Models (LLMs).
Through a series of hands-on labs, you will explore and mitigate the Top Ten vulnerabilities identified by OWASP, focusing on the five that pose the greatest risks in real-world deployments. The remaining five will be covered through guided demonstrations and case studies, ensuring complete coverage without sacrificing lab depth.
You will leave with a practical toolkit for building more secure and resilient LLM-powered systems.
Instructor-led online and in-house face-to-face options are available - as part of a wider customised training programme, or as a standalone workshop, on-site at your offices or at one of many flexible meeting spaces in the UK and around the World.
-
By the end of this course, attendees will be able to:
- Understand all ten OWASP LLM vulnerabilities
- Gain practical experience exploiting and mitigating the five most critical risks
- Learn to assess your own LLM-driven systems for weaknesses
- Build a security toolkit and mitigation strategies to apply immediately
-
This course is designed for:
Developers incorporating LLMs into products
Security professionals responsible for testing or securing AI systems
Technical project managers overseeing LLM-driven applications
-
Delegates will benefit from this course most if they have
A foundational understanding of web development and programming concepts
Basic familiarity with API interactions (e.g. using curl or Python requests)
We can customise the training to match your team's experience and needs though - with more time and coverage of fundamentals for new developers, for instance.
-
This LLM OWASP top ten course is available for private / custom delivery for your team - as an in-house face-to-face workshop at your location of choice, or as online instructor-led training via MS Teams (or your own preferred platform).
Get in touch to find out how we can deliver tailored training which focuses on your project requirements and learning goals.
-
Input & Output Vulnerabilities (Deep-Dive Labs)
LLM01: Prompt Injection: * Mastering Direct (jailbreaking) and Indirect injections.
Lab: Bypassing a secure chat application to extract system instructions.
LLM02: Insecure Output Handling: * How unvalidated LLM output leads to XSS, CSRF, or SSRF in downstream systems.
Lab: Crafting prompts that trigger unintended code execution in the UI.
Data & Model Integrity (Deep-Dive Labs)
LLM03: Training Data Poisoning: * Risks of tampered datasets creating "backdoors" or biased behavior.
Lab: Identifying subtle poisoning in a sample sentiment analysis model.
LLM04: Model Denial of Service (DoS): * Exploiting resource-heavy operations to degrade service and drive up costs.
Lab: Crafting recursive or context-heavy prompts to exhaust model tokens.
LLM05: Supply Chain Vulnerabilities: * The risks of 3rd-party models, plugins, and "poisoned" libraries.
Lab: Auditing an AI project manifest for insecure dependencies and compromised weights.
Information & Agency Risks (Guided Analysis)
LLM06: Sensitive Information Disclosure: * Preventing the LLM from leaking PII or proprietary data in its responses.
Strategy: Implementing robust output filters and "scrubbing" techniques.
LLM07: Insecure Plugin Design: * When plugins accept untrusted inputs or lack sufficient access control.
Case Study: Analyzing a remote code execution (RCE) via a malicious plugin payload.
LLM08: Excessive Agency: * The dangers of giving AI "Agents" too much autonomy or high-privilege permissions.
Strategy: Implementing the "human-in-the-loop" pattern and the principle of least privilege.
User & Model Protection (Strategic Overview)
LLM09: Overreliance: * Risks of "hallucinations" and the failure to critically assess LLM outputs.
Discussion: Designing UIs that encourage user verification and fact-checking.
LLM10: Model Theft: * Protecting proprietary models and weights from unauthorized access or exfiltration.
Strategy: Hardening infrastructure and implementing rate-limiting for model-querying APIs.
Building a Secure AI Lifecycle
The AI Red Teaming Process: How to continuously test your LLM implementation.
Guardrails & Filters: Introduction to open-source and cloud-native safety tools (e.g., NeMo Guardrails, Azure AI Content Safety).
Compliance & Governance: Aligning your AI security with emerging standards and local regulations.
Trusted by
