OWASP-Aligned AI Security

Learn the complete OWASP LLM Top 10 risk landscape and understand how each risk appears in real Generative AI applications.

Practical Architecture And Controls

Move beyond theory with secure design patterns for prompts, data, retrieval, models, tools, agents, monitoring and governance.

Capstone-Based Learning

Apply your knowledge to a realistic enterprise AI assistant scenario and practise identifying risks and designing a secured target state.

About The Course

The OWASP LLM Top 10 Masterclass is designed for security professionals, architects, technology leaders and governance teams who want to confidently secure Generative Artificial Intelligence applications. This course helps you understand how risks emerge through prompts, sensitive data, third-party models, poisoned knowledge sources, unsafe outputs, autonomous agents, system prompt leakage, retrieval systems, misinformation and uncontrolled consumption. You will learn how to assess enterprise AI applications, identify real-world attack paths, design practical security controls and support responsible AI adoption. The course combines clear explanations, professional diagrams and a practical capstone scenario so you can apply the knowledge directly in architecture reviews, risk assessments, security governance and AI adoption programmes.

The syllabus

15 Chapters · 51 Lessons

  1. 1

    CHAPTER 01: Beginning Your Secure Generative Artificial Intelligence Journey

    1. (Included in full purchase)

      1.1: Welcome to the OWASP LLM Top 10 Masterclass

    2. (Included in full purchase)

      1.2: Why Securing Generative Artificial Intelligence Applications Matters Now

    3. (Included in full purchase)

      1.3: How Large Language Model Applications Actually Work

    4. (Included in full purchase)

      1.4: Introducing the OWASP Top 10 and Staying Current as a Security Professional

  2. 2

    CHAPTER 02: LLM01:2025 Prompt Injection — When Instructions Become Attacks

    1. (Included in full purchase)

      2.1: Understanding Prompt Injection as a New Attack Channel

    2. (Included in full purchase)

      2.2: Direct and Indirect Prompt Injection in Enterprise Applications

    3. (Included in full purchase)

      2.3: Designing Layered Defences Against Prompt Injection

  3. 3

    CHAPTER 03: LLM02:2025 Sensitive Information Disclosure — How Data Leaks Really Happen

    1. (Included in full purchase)

      3.1: Understanding Sensitive Information Disclosure in Large Language Model Applications

    2. (Included in full purchase)

      3.2: Hidden Leakage Paths Through Prompts, Outputs, Logs, Memory and Tools

    3. (Included in full purchase)

      3.2: Protecting Confidential Data Through Classification and Minimisation

  4. 4

    CHAPTER 04: LLM03:2025 Supply Chain — Trusting Models, Components and Dependencies

    1. (Included in full purchase)

      4.1: Understanding the Generative Artificial Intelligence Supply Chain

    2. (Included in full purchase)

      4.2: Third-Party Models, Datasets, Plugins and Component Trust

    3. (Included in full purchase)

      4.3: Building a Secure and Verifiable Artificial Intelligence Supply Chain

  5. 5

    CHAPTER 05: LLM04:2025 Data and Model Poisoning — Corrupting Intelligence at the Source

    1. (Included in full purchase)

      5.1: How Poisoned Data Influences Artificial Intelligence Behaviour

    2. (Included in full purchase)

      5.2: Poisoning Risks in Enterprise Knowledge and Retrieval Sources

    3. (Included in full purchase)

      5.3: Protecting Trusted Data, Models and Knowledge Pipelines

  6. 6

    CHAPTER 06: LLM05:2025 Improper Output Handling — When Responses Become Exploits

    1. (Included in full purchase)

      6.1: Why Generated Output Must Be Treated as Untrusted Content

    2. (Included in full purchase)

      6.2: From Generated Text to Real-World Compromise

    3. (Included in full purchase)

      6.3: Designing Safe Output Validation and Execution Boundaries

  7. 7

    CHAPTER 07: LLM06:2025 Excessive Agency — Securing Artificial Intelligence That Can Act

    1. (Included in full purchase)

      7.1: From Conversational Assistants to Autonomous Agents

    2. (Included in full purchase)

      7.2: How Tools, Plugins and Autonomous Actions Can Be Exploited

    3. (Included in full purchase)

      7.3: Designing Safe Enterprise Agents with Least Privilege

  8. 8

    CHAPTER 08: LLM07:2025 System Prompt Leakage — Protecting Internal Instructions and Controls

    1. (Included in full purchase)

      8.1: What System Prompts Can Reveal About an Application

    2. (Included in full purchase)

      8.2: Why Prompt Secrecy Is Not a Security Boundary

    3. (Included in full purchase)

      8.3: Designing Secure Prompt Architecture and Secret Separation

  9. 9

    CHAPTER 09: LLM08:2025 Vector and Embedding Weaknesses — Securing Retrieval-Augmented Generation

    1. (Included in full purchase)

      9.1: How Retrieval-Augmented Generation Works in the Enterprise

    2. (Included in full purchase)

      9.2: Access Control Failures and Retrieval-Based Data Leakage

    3. (Included in full purchase)

      9.3: Designing Identity-Aware and Secure Retrieval Architecture

  10. 10

    CHAPTER 10: LLM09:2025 Misinformation — Managing Accuracy, Trust and Decision Risk

    1. (Included in full purchase)

      10.1: When Confident Artificial Intelligence Responses Are Wrong

    2. (Included in full purchase)

      10.2: Misinformation in Security, Compliance and Executive Decisions

    3. (Included in full purchase)

      10.3: Building Verification and Human Accountability into Artificial Intelligence Use

  11. 11

    CHAPTER 11: LLM10:2025 Unbounded Consumption — Preventing Cost and Availability Abuse

    1. (Included in full purchase)

      11.1: Why Artificial Intelligence Consumption Is a Security Risk

    2. (Included in full purchase)

      11.2: Denial of Wallet, Resource Exhaustion and Model Abuse

    3. (Included in full purchase)

      11.3: Controlling Usage, Cost, Capacity and Availability Risk

  12. 12

    CHAPTER 12: Designing Secure Enterprise Generative Artificial Intelligence Solutions

    1. (Included in full purchase)

      12.1: Mapping OWASP Risks Across the Artificial Intelligence Lifecycle

    2. (Included in full purchase)

      12.2: Building a Secure Enterprise Generative Artificial Intelligence Reference Architecture

    3. (Included in full purchase)

      12.3: Designing Secure Access to Enterprise Data, Tools and Actions

    4. (Included in full purchase)

      12.4: Selecting Preventive, Detective and Responsive Security Controls

  13. 13

    CHAPTER 13: Testing, Red Teaming and Monitoring Generative Artificial Intelligence Applications

    1. (Included in full purchase)

      13.1: Security Testing for Large Language Model Applications

    2. (Included in full purchase)

      13.2: Red Teaming Generative Artificial Intelligence Solutions

    3. (Included in full purchase)

      13.3: Monitoring Risk and Abuse in Production

    4. (Included in full purchase)

      13.4: Responding to Generative Artificial Intelligence Security Incidents

  14. 14

    CHAPTER 14: Governance, Accountability and Responsible Adoption

    1. (Included in full purchase)

      14.1: Governing Generative Artificial Intelligence Risk at Enterprise Scale

    2. (Included in full purchase)

      14.2: Roles and Responsibilities for Secure Artificial Intelligence Adoption

    3. (Included in full purchase)

      14.3: Balancing Innovation, Productivity and Security

    4. (Included in full purchase)

      14.4: Building a Practical Secure Artificial Intelligence Adoption Roadmap

  15. 15

    CHAPTER 15: Capstone Assessment and Course Conclusion

    1. (Included in full purchase)

      15.1: Capstone Scenario: Assessing an Enterprise Artificial Intelligence Assistant

    2. (Included in full purchase)

      15.2: Identifying OWASP Risks Across the Capstone Scenario

    3. (Included in full purchase)

      15.3: Recommending Controls and Designing the Secured Target State

    4. (Included in full purchase)

      15.4: Final Knowledge Assessment

    5. (Included in full purchase)

      15.5: Course Conclusion: Your Next Step as a Secure Artificial Intelligence Leader

Master LLM Security Before It Becomes a Business Risk

Join the course and learn how to protect AI applications from prompt injection, data leakage, excessive agency, insecure plugins, and other real-world LLM security risks.

$59.99

Enroll now