A Complete Plan for AI Security

Traditional application security focused on SQL injection and buffer overflows. But now that AI systems autonomously make decisions, generate content, and interact with critical infrastructure, a new paradigm of vulnerabilities has emerged. This course bridges the gap between classic AppSec and the emerging AI threat landscape, equipping security professionals, AI/ML engineers and architects, and Compliance and Risk leaders with all they need to know to build, run, secure, and regulate AI-based systems and software .

Rather than exploit code syntax, modern AI attackers manipulate meaning and intent itself. This “Semantic Shift” means new threats, like prompt injection attacks that hijack AI reasoning, data poisoning that corrupts model behavior, and cascading failures across multi-agent systems. In this course you will learn to architect and engineer secure-by-design AI applications that withstand real-world adversarial tactics. With new approaches come new regulations, and this course will walk through the complex web of AI regulations (from the EU AI Act's risk tiers to US Executive Order 14110 and FDA Predetermined Change Control Plans) and show how to transform regulatory requirements into actionable security controls.

Go beyond theory and get hands-on with the LLMSecOps Infinity Loop, a complete 9-stage secure lifecycle framework covering everything from initial scoping through continuous monitoring—specifically designed for AI systems.

Learn to quantify risk with the groundbreaking AIVSS Scoring System combining traditional CVSS metrics with the Agentic AI Risk Score (AARS), to give you a standardized way to communicate AI-specific risks to stakeholders and calculate security ROI.

Master Privacy-Enhancing Technologies (PETs) to implement cutting-edge protection with Differential Privacy, Federated Learning, Homomorphic Encryption, and Trusted Execution Environments—securing sensitive training data without sacrificing model performance.

Integrating industry-leading frameworks, including

• OWASP Top 10 for LLM Applications (2025) – Master the latest vulnerabilities from Prompt Injection to Supply Chain attacks
• OWASP Top 10 for Agentic AI (ASI) – Learn unique risks in autonomous systems: Agent Goal Hijacking, Tool Misuse, Identity Abuse
• NIST AI RMF – Implement GOVERN, MAP, MEASURE, MANAGE functions for enterprise-scale AI risk management
• MITRE ATLAS™ – Understand real-world ML attack tactics and techniques used by adversaries

Distributed by Manning Publications

This course was created independently by Derek Fisher and is distributed by Manning through our exclusive liveVideo platform.