Artificial Intelligence
AI & Machine Learning Security
Prompt Injection: Why LLM Applications Are Fundamentally Different to Secure
A technical breakdown of prompt injection attacks: direct injection, indirect injection via untrusted data, real-world exploitation cases, agent framework vulnerabilities, and why classical input sanitization fails against semantic attacks.
Matrix Transformations: Visualizing Linear Algebra for Machine Learning
Stop viewing matrices as data containers. Learn how neural networks use linear algebra as an active engine to geometrically fold, shear, and crush high-dimensional space.
The Calculus of Learning: Understanding Gradients and the Chain Rule
Deconstruct the mathematics of backpropagation. Trace how partial derivatives and the chain rule allow neural networks to navigate high-dimensional error landscapes.
How LLM Safety Mechanisms Work — and Where They Break Down
A technical analysis of RLHF alignment, its known failure modes, and the research-backed techniques attackers use to bypass LLM safety filters. Covers many-shot jailbreaking, persona injection, encoding bypass, and modern defenses including Constitutional AI and representation engineering.
Prompt Injection in Practice: Testing Your Own Applications
Knowing that prompt injection exists is not enough. This lesson teaches you how to systematically find it in your own applications — manual testing methodology, automated scanning with garak, and how to document and prioritize what you find.
Adversarial Machine Learning: Evasion, Poisoning, and Model Extraction
A technical breakdown of adversarial ML attacks: FGSM and PGD evasion attacks with PyTorch implementation, data poisoning and backdoor attacks, model extraction via API queries, and defenses including adversarial training and certified robustness.
RAG Pipeline Security: Attacks on Vector Databases and Retrieval Systems
A technical breakdown of RAG architecture vulnerabilities: embedding poisoning, semantic collision attacks, K-NN data leakage, and the defenses that actually protect retrieval-augmented AI systems.
LLM Agent Security: Designing for Minimal Blast Radius
Agents that can take actions are fundamentally different from chatbots. This lesson covers how to design agentic systems so that when something goes wrong — and it will — the damage is contained, reversible, and detectable.
AI-Assisted Threats: What LLM-Augmented Malware Actually Looks Like
A threat intelligence breakdown of how attackers are integrating LLMs into offensive operations — from WormGPT to LotL technique generation — and what detection strategies defenders need to respond.
Monitoring Production LLM Systems: Observability and Anomaly Detection
Deploying an LLM application is the beginning, not the end. This lesson covers what to measure, what to log, how to detect anomalies before they become incidents, and how to build observability that actually tells you something useful.
Capstone: Security Review for a Production LLM Application
Apply everything from this course to a realistic application scenario. You'll conduct a structured security review, identify weaknesses across the full stack, and produce a prioritized remediation plan — the same deliverable a security engineer would hand to their team.
LLM Application Architecture: What You're Actually Building
Before you can secure an LLM application, you need to understand what it actually is. System prompts, context windows, tool calling, and the trust boundary problem.