
“This course contains the use of artificial intelligence.”
Large language models have moved from demos to production, and attackers have noticed. LLM-powered features introduce a new class of vulnerabilities that traditional web application security testing simply misses, and this hands-on course teaches you to find and fix them.
Built around the OWASP Top 10 for LLM Applications (2025 edition), the course pairs an offensive demo with a defensive lab for every major risk. You will learn why LLM apps break differently than classic web apps, stand up a safe, sandboxed vulnerable application, and threat-model GenAI systems like an attacker.
From there you will work through the full Top 10: Prompt Injection (LLM01), Sensitive Information Disclosure (LLM02), Supply Chain (LLM03), Data and Model Poisoning (LLM04), Improper Output Handling (LLM05), Excessive Agency (LLM06), System Prompt Leakage (LLM07), Vector and Embedding Weaknesses (LLM08), Misinformation (LLM09), and Unbounded Consumption (LLM10). You will exploit an over-privileged agent, poison a RAG knowledge base, steal a system prompt, and turn unsafe model output into XSS and command injection, then shut each attack down with input filtering, output encoding, least privilege, data minimization, and RAG hardening.
The course closes with a defense-in-depth program: guardrails, continuous LLM red teaming, monitoring, logging, and incident response. Every lab is reproducible, ethical, and vendor-neutral, drawing on OWASP, MITRE ATLAS, and the NIST AI Risk Management Framework. By the end you will have a practical LLM security checklist you can apply to your own applications immediately.
This course is for AppSec and security engineers, developers, and architects who are comfortable with web security and APIs and want to add LLM threats to their toolkit. No prior machine learning experience is required.