Synthora
Sign inGet started
AdvancedSelf-paced (~20 hrs) Synthora STA certified HRDF-claimable

AI Red Teaming & LLM Security — OWASP LLM Top 10 & MITRE ATLAS

The fastest-growing cybersecurity specialty in 2026 — attack and defend AI systems before adversaries do.

About this course

AI Red Teaming is the hottest new cybersecurity specialisation in 2026. As enterprises deploy LLM-powered chatbots, agents and code generators, adversaries are actively targeting them through prompt injection, jailbreaks, model extraction and data poisoning. This course teaches you to systematically attack and defend AI systems using OWASP LLM Top 10, MITRE ATLAS, and industry-standard red teaming frameworks (Garak, PyRIT). Bridges your existing security or prompt engineering knowledge into the AI security domain.

What you'll achieve

  • Execute prompt injection attacks — direct, indirect and multi-turn jailbreaks
  • Apply OWASP LLM Top 10 (2025) across real AI application assessments
  • Map AI attack chains using MITRE ATLAS threat framework
  • Use Garak and PyRIT (Microsoft) for automated LLM red teaming
  • Identify and exploit insecure agentic workflows and MCP tool abuse
  • Implement LLM guardrails, input validation and output filtering
  • Conduct formal AI security assessments and produce audit-ready reports

Curriculum

  1. Module 1

    AI Threat Landscape & MITRE ATLAS

    AI attack taxonomy · MITRE ATLAS framework · Real-world AI breaches · Threat modelling for AI systems

  2. Module 2

    OWASP LLM Top 10 (2025 Edition)

    Prompt injection · Insecure output handling · Training data poisoning · Model theft · Excessive agency · All 10 categories

  3. Module 3

    Prompt Injection & Jailbreaking

    Direct injection · Indirect injection via RAG · Multi-turn manipulation · Jailbreak taxonomies · DAN & variants

  4. Module 4

    Automated Red Teaming: Garak & PyRIT

    Garak probes & detectors · PyRIT orchestrators · Automated jailbreak generation · Coverage reporting

  5. Module 5

    Agentic AI Security

    Tool abuse & privilege escalation · MCP security · Agent prompt injection · Memory poisoning · Multi-agent attack chains

  6. Module 6

    Adversarial ML: Evasion & Poisoning

    Model extraction attacks · Membership inference · Data poisoning · Backdoor attacks · Adversarial examples

  7. Module 7

    AI Defences & Guardrails

    Input validation · Output filtering · Lakera Guard · NeMo Guardrails · Prompt shields (Azure AI) · Red team vs blue team

  8. Module 8

    AI Security Assessment & Reporting

    Scoping an AI pen test · Evidence collection · Risk rating for AI findings · Regulatory mapping (EU AI Act) · Report writing

Who this is for

  • Security engineers and penetration testers upskilling into AI security
  • AI engineers who want to understand how their systems can be attacked
  • Red teamers adding LLM attack techniques to their toolkit
  • Compliance officers managing AI risk under NACSA and EU AI Act

Tools & technologies

Garak PyRIT Burp Suite LangChain Lakera Guard MITRE ATLAS Navigator Python

Prerequisites

  • Cybersecurity fundamentals or penetration testing experience
  • Familiarity with LLMs and prompt engineering concepts
  • Basic Python for running tools