Ai Security: Defend Llm Apps Against The Owasp Llm Top 10
Published 6/2026
Created by NEXUS ACADEMY
MP4 | Video: h264, 1920x1080 | Audio: AAC, 44.1 KHz, 2 Ch
Level: All Levels | Genre: eLearning | Language: English | Duration: 29 Lectures ( 3h 13m ) | Size: 1.3 GB
Break and secure LLM apps with hands-on labs covering the OWASP Top 10 for LLM Applications (2025).
What you'll learn
⚡ Explain why LLM and GenAI apps break differently than traditional web apps, and threat-model them like an attacker.
⚡ Exploit and defend against prompt injection (LLM01) and improper output handling (LLM05) in a safe, sandboxed lab.
⚡ Prevent sensitive information disclosure (LLM02) and system prompt leakage (LLM07) with data minimization and secrets hygiene.
⚡ Harden the AI supply chain, RAG pipelines, and vector stores against poisoning and embedding attacks (LLM03, LLM04, LLM08).
⚡ Contain excessive agency (LLM06) and unbounded consumption (LLM10), and run a defense-in-depth program with guardrails and monitoring.
Requirements
❗ Working knowledge of web application security, APIs, and the ability to read code (Python or JavaScript).
❗ A computer that can run a local, sandboxed lab (Docker or a Python virtual environment). No prior AI/ML experience required.
Description
"This course contains the use of artificial intelligence."
Large language models have moved from demos to production, and attackers have noticed. LLM-powered features introduce a new class of vulnerabilities that traditional web application security testing simply misses, and this hands-on course teaches you to find and fix them.
Built around the OWASP Top 10 for LLM Applications (2025 edition), the course pairs an offensive demo with a defensive lab for every major risk. You will learn why LLM apps break differently than classic web apps, stand up a safe, sandboxed vulnerable application, and threat-model GenAI systems like an attacker.
From there you will work through the full Top 10: Prompt Injection (LLM01), Sensitive Information Disclosure (LLM02), Supply Chain (LLM03), Data and Model Poisoning (LLM04), Improper Output Handling (LLM05), Excessive Agency (LLM06), System Prompt Leakage (LLM07), Vector and Embedding Weaknesses (LLM08), Misinformation (LLM09), and Unbounded Consumption (LLM10). You will exploit an over-privileged agent, poison a RAG knowledge base, steal a system prompt, and turn unsafe model output into XSS and command injection, then shut each attack down with input filtering, output encoding, least privilege, data minimization, and RAG hardening.
The course closes with a defense-in-depth program: guardrails, continuous LLM red teaming, monitoring, logging, and incident response. Every lab is reproducible, ethical, and vendor-neutral, drawing on OWASP, MITRE ATLAS, and the NIST AI Risk Management Framework. By the end you will have a practical LLM security checklist you can apply to your own applications immediately.
This course is for AppSec and security engineers, developers, and architects who are comfortable with web security and APIs and want to add LLM threats to their toolkit. No prior machine learning experience is required.
Who this course is for
⭐ AppSec and security engineers adding LLM and GenAI threats to an existing application-security practice.
⭐ Developers and architects building LLM-powered features who need to ship them securely.
Homepage
Код:
https://anonymz.com/?
https://www.udemy.com/course/ai-security-defend-llm-apps-against-the-owasp-llm-top-10
Ai Security: Defend Llm Apps Against The Owasp Llm Top 10
