Udemy
    •  
    •  
    •  
    •  
    •  
    •  
    •  
    •  
Turn what you know into an opportunity and reach millions around the world.
Learn More
Your cart is empty.
Keep shopping
GenAI Cybersecurity: OWASP Top 10, MITRE ATLAS & API Attacks
Rating: 4.5 out of 5(57 ratings)
1,296 students

GenAI Cybersecurity: OWASP Top 10, MITRE ATLAS & API Attacks

Master GenAI & LLM cybersecurity, OWASP, MITRE ATLAS mappings, and API attack techniques – practical demos included.
Created byTejwant Singh
Last updated 5/2025
English

What you'll learn

  • Understand the core concepts of Large Language Models (LLMs) with real-world examples and security implications.
  • Break down the architecture of an LLM system, including layers like Application, Integration, Model, and Infrastructure.
  • Identify key attack surfaces in LLM systems and explore vulnerabilities introduced by APIs, public exposure, and misconfigurations.
  • Map real-world incidents (like OpenAI vs. DeepSeek) to MITRE ATT&CK/ATLAS frameworks and extract security lessons.
  • Perform hands-on security testing on LLM APIs using tools like curl browser and simulate common LLM attacks.
  • Learn practical lab skills through PortSwigger exercises focused on LLM security.

Course content

9 sections64 lectures3h 28m total length
  • Welcome to the Course + Instructor Intro + What You’ll Learn3:42

    In this short introduction, you’ll get a quick overview of what this course is all about. Meet your instructor, learn why this topic matters in today’s cybersecurity landscape, and get a clear roadmap of what you’ll be learning — from LLM foundations to real-world attacks and defense strategies.

Requirements

  • No prior cybersecurity or AI experience required.
  • This course is beginner-friendly and includes step-by-step explanations, real examples, and lab walkthroughs.
  • Familiarity with basic tech concepts (browsers, APIs) is helpful but not mandatory.

Description

Unlock the world of GenAI Cybersecurity with this beginner-friendly yet in-depth course. Whether you’re a cybersecurity enthusiast, AI developer, or IT student, this course provides comprehensive theoretical and practical knowledge to secure Large Language Models (LLMs) — a critical component of today’s Generative AI ecosystem.


We start with a deep theoretical dive into how LLMs are built using the Transformer architecture, and explore the evolution of neural networks from RNNs to Transformers. You’ll gain a solid grasp of innovations like:

• Positional Encoding

• Self-Attention

• Multi-Head Attention


Next, we break down the Anatomy of an LLM System, covering:

• Application Layer

• AI Model Layer

• Integration Layer


Then we shift to GenAI Cybersecurity LLM Attack Surfaces, viewed from both:

• Consumer-side risks (e.g., prompt injection, data leakage)

• Provider-side vulnerabilities (e.g., model theft, insecure endpoints)


You’ll explore OWASP Top 10 Risks for LLMs and how to map threats using the MITRE ATLAS framework.


This course includes Practical attack demos with explanations:

OLLAMA API Misconfiguration and Mitigation Demo (with NGINX reverse proxy)

PortSwigger Lab: Exploiting LLM APIs with Excessive Agency


We’ll also explore real-world case studies to make learning relatable and practical:

OpenAI vs. DeepSeek – Distillation & model theft risks

Microsoft Tay – Output poisoning and lack of moderation

Wiz’s exposed logs – Prompt and data leakage

Chevrolet AI Chatbot – Unexpected real-world agency from chatbots

Ollama API – Exposed endpoints with no authentication


Finally, we conclude with career tips and guidance for aspiring GenAI Cybersecurity & LLM cybersecurity professionals, including:

• How to build your foundation in AI/ML

• Where cybersecurity meets GenAI

Hands-on practice strategies

• Growing your online presence with credibility


Topics

GenAI Cybersecurity

Large Language Models (LLMs)

Generative AI

Transformer architecture

Self-Attention, Multi-Head Attention

Anatomy of an LLM System

LLM Attack Surfaces

OWASP Top 10 Risks for LLMs

MITRE ATLAS framework

Practical Demos

OpenAI vs. DeepSeek

LLM APIs with Excessive Agency

Who this course is for:

  • Cybersecurity beginners and professionals who want to understand AI security
  • Students and engineers curious about LLMs and how to protect them
  • Developers integrating LLMs into apps and want to secure their pipelines
  • Anyone interested in the future of AI safety and hands-on security labs