• provides foundational knowledge in AI, covering its definition and core concepts.
  
• gaining an understanding of Large Language Models (LLMs), including their architecture, functionality, capabilities, and limitations.
• introducing Retrieval Augmented Generation (RAG) and explains how it enhances AI applications by improving context and accuracy.

• Defining AI and understanding its key concepts.
  
• Explaining the architecture and functionality of LLMs.
• Applying RAG for enhanced AI applications.

• focus on the OWASP Top 10 for LLMs, specifically on prompt injection and tool manipulation attacks.
  
• distinguishing between direct prompt injection attacks, which are delivered via user or system prompts, and indirect prompt injection attacks, which come from untrusted external content.
  
• covering various direct attack techniques like naive command injections, context ignoring, and fake completion attacks.
• introducing defense strategies against prompt injection, such as prompt sanitization, segregated context channels, and prompt validation.

• Analyzing and identifying direct prompt injection attacks.
  
• Demonstrating indirect prompt injection attacks through external tool outputs or content embedding.
  
• Simulating multi-agent relay attacks where prompt injections propagate between LLM agents.
• Evaluating and implementing defense mechanisms like prompt sanitizers and validation tools.

• exploring various poisoning attacks, including Knowledge Base Poisoning, where malicious documents are injected into the knowledge base of RAG systems.
  
• It covers Reasoning/Chain-of-Thought (CoT) Poisoning, which can cause an LLM to "overthink," leading to bloated output or resource exhaustion.
  
• learning about Memory Poisoning attacks that exploit the persistent memory of LLM agents to hijack their behavior over time.
• providing an overview of defense strategies, such as data validation, robust retrieval, chain tracing, and memory integrity monitoring.

• Corrupting the knowledge base of RAG and agentic LLM systems.
  
• Poisoning multistep reasoning to cause misdirection or resource exhaustion.
  
• Exploiting persistent memory in LLM agents to alter their behavior.
• Applying defenses against data, reasoning, and memory poisoning attacks.

• delving into advanced AI security topics, beginning with securing Model Context Protocol (MCP) servers.
  
• covering common attack vectors targeting MCP servers and outlines defense strategies to secure their implementations.
  
• providing an introduction to Reinforcement Learning (RL) and its components.
• explaining Policy Poisoning attacks in RL, providing concepts and examples of how they work.

• Identifying common attack vectors against MCP servers.
  
• Implementing defense strategies to secure MCP server implementations.
  
• Understanding the basic concepts of Reinforcement Learning (RL) and RL agents.
  
• Conducting a simple lab focusing on RL policy poisoning.

‍