homepage
Open menu
Talk with an expert
Beta

SEC545: GenAI and LLM Application Security™

Register Now
  • Online
7 CPEs

Currently, industry security practices for Generative AI (GenAI) are not standardized due to the novelty of the field. This course aims to contribute to the development of GenAI security best practices, guiding the security community through ongoing research and an evolving curriculum. SEC545 training focuses on understanding the security risks associated with Generative AI (GenAI) applications and implementing security controls throughout their lifecycle - from development to hosting and deployment.

Course Authors:
Ahmed Abugharbia
Ahmed Abugharbia
Certified Instructor
What You Will LearnSyllabusPrerequisitesLaptop RequirementsAuthor StatementTraining & Pricing

What You Will Learn

Secure the Future of GenAI

SEC545 training provides an in-depth exploration of GenAI technologies, starting with core principles and underlying technologies. It will assess security risks by identifying and analyzing real-world threats impacting GenAI applications. As students progress, they will learn to establish security best practices by exploring different measures for securing GenAI applications effectively.

The course begins with a brief introduction to the fundamentals of GenAI, covering key concepts and terminologies such as Large Language Models (LLMs), embeddings, and Retrieval-Augmented Generation (RAG). It then examines the security risks associated with GenAI, including prompt injection attacks, malicious models, and third-party supply chain vulnerabilities. Following this, the course dives into the essential components needed to build a secure GenAI application, including coverage of vector databases, LangChain, and AI agents. The course concludes with a comprehensive overview of hosting GenAI applications, discussing options for local deployment, cloud solutions, and platforms like AWS Bedrock.

Business Takeaways

  • Understand GenAI Applications
  • Identify potential security risks associated with GenAI applications
  • Learn how to mitigate GenAI security risks effectively

Skills Learned

  • Understand key concepts and terminologies: Gain a deep understanding of GenAI, LLM architectures, and their application in real-world scenarios.
  • Explore various models and tools: Examine the types of models and tools available for building and deploying GenAI applications.
  • Explore fine-tuning and customization: Learn how to fine-tune and customize models for specific use cases.
  • Assess risks and mitigation strategies: Identify security risks unique to GenAI applications and explore effective mitigation techniques.
  • Secure RAG, embeddings, and vector databases: Understand Retrieval-Augmented Generation (RAG), Embeddings, and VectorDB, and how to securely configure different components.
  • Explore operations and security controls: Explore the operational aspects of building and deploying GenAI applications and learn about the relevant security controls.
  • Compare hosting options: Understand the various GenAI hosting options and their differences from a security perspective.
  • Leverage cloud security controls: Learn about the security controls offered by cloud providers for LLM hosting services.
  • Explore GenAI adjacent technologies: Examine technologies such as LangChain and agents, and understand the security risks they introduce.
  • Integrate GenAI into security frameworks: Learn how to build or integrate GenAI security practices into existing organizational security frameworks.

Hands-On GenAI and LLM Application Security Training

This course covers essential GenAI concepts, technologies, and security risks, featuring hands-on labs designed to illustrate how attackers can exploit specific vulnerabilities and the strategies to mitigate them. Throughout the course, we will reference the OWASP Top 10 for LLMs and Generative AI applications to highlight prevalent security issues and their solutions.

The labs are conducted using a chat application hosted on AWS EKS, with agents capable of assisting in evaluating resumes for potential candidates and interacting with various AWS infrastructure components. The app also integrates with a Weaviate Vector Database to demonstrate both attack scenarios and defense mechanisms. Participants will work with multiple LLM providers, including OpenAI, a locally hosted Llama 3.2, and AWS Bedrock, providing a comprehensive hands-on experience in securing GenAI applications.

Included Labs:

  • Prompt Injection
  • Comprising VectorDB
  • Compromising LLM Supply Chain
  • Pivoting from LLMs

Additional Free Resources

What You Will Receive

  • Electronic and printed courseware
  • Mp3 audio files of course lecture
  • SANS provisioned AWS account
  • SANS provided OpenAI API Key

Syllabus (7 CPEs)

Download PDF
  • Overview

    The course begins with an introduction to Generative AI (GenAI) concepts, including General AI, Large Language Models (LLMs), Vector Databases, and Embeddings. Students will explore prompt injection techniques and their implications.

    Next, the focus shifts to security risks associated with GenAI, such as prompt and instruction poisoning, as well as malicious models. Students will learn how to compromise Vector Databases and corrupt data.

    The course then delves into GenAI application architecture, covering LLM customization, integration with tools like LangChain and AI agents, and prompt engineering. Students will gain hands-on experience in compromising the LLM supply chain and pivoting to other components within the infrastructure.

    The course concludes with a discussion on hosting GenAI applications, utilizing local models, OpenAI, AWS Bedrock, and Hugging Face. This practical experience equips students with essential skills for securing GenAI applications and deployment.

    Exercises
    • Lab 1.1: Prompt injection
    • Lab 1.2: Compromising Vector DB
    • Lab 1.3: Compromising LLM Supply Chain
    • Lab 1.4: Pivoting from LLMs
    Topics
    • GenAI Introduction and Concepts
      • General AI and Generative AI
      • Large Language Models (LLMs)
      • OpenAI Models
      • Retrieval-Augmented Generation (RAG)
      • Prompt Injection
    • Augmenting GenAI Knowledge
      • Vector Databases
      • Knowledge Sources
      • Agents
      • Poisinging Data Sources
      • Prompt and instruction Poisoning
    • Hosting GenAI applications
      • AWS Bedrock
      • Hugging Face
      • Local Models
      • LLM customization
      • Supply Chain Attacks
    • GenAI Application Architecture
      • LLM Models
      • Decision-making process
      • Langchain
      • Building and Deploying LLMs

Prerequisites

  • Familiarity with Linux command shells and associated commands
  • Familiarity Python and Bash scripting
  • Basic understanding of common application attacks and vulnerabilities

Laptop Requirements

!!! IMPORTANT NOTICE !!!

Cloud Accounts:

Time-limited AWS accounts are provided to students 24 hours before class starts by SANS to use for completing the labs. Students can log in to their SANS account and visit the MyLabs page to download their cloud credentials the day before class begins.

Mandatory Laptop Requirement:

Students must bring their own system configured according to these instructions.

A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.

Students must be in full control of their system's network configuration. The system will need to communicate with the cloud-hosted DevOps server using a combination of HTTPS, SSH, and SOCKS5 traffic on non-standard ports. Running VPN, intercepting proxy, or egress firewall filters may cause connection issues communicating with the DevOps server. Students must be able to configure or disable these services to connect to the lab environment.

Bring Your Own Laptop Configured Using the Following Directions:

A properly configured system is required for each student participating in this course. Before starting your course, carefully read and follow these instructions exactly:

  • Host Operating System: Latest version of Windows 10, macOS 10.15.x or later, or Linux that also can install and run the Firefox browser described below.
  • Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed.
Mandatory Host Hardware Requirements
  • CPU: 64-bit 2.5+ GHz multi-core processor or higher
  • Wireless Ethernet 802.11 B/G/N/AC
  • Local Administrator Access within your host operating system
  • Must have the ability to install Firefox, enable a Firefox extension, and install a new trusted root certificate on the machine.
Mandatory Software Requirements
  • Prior to class, ensure that the following software is installed on the host operating system:
  • Firefox 120.0+
  • Firefox SmartProxy extension: https://addons.mozilla.org/en-US/firefox/addon/smartproxy/
In Summary

Before beginning the course you should:

After you have completed those steps, access the SANS provided AWS account to connect to the SANS Cloud Security Flight Simulator and connect to the SEC545 DevOps server. The SEC545 Instance hosts an electronic workbook, VSCode, Gitlab, and Terminal services that can be accessed through the Firefox browser.

Your course materials include a "Setup Instructions" document that details important steps you must take before you travel to a live class event or start an online class. It may take 30 minutes or more to complete these instructions.

Your class uses an electronic workbook for its lab instructions. In this new environment, a second monitor and/or a tablet device can be useful for keeping class materials visible while you are working on your course's labs.

If you have additional questions about the laptop specifications, please contact customer service.

Author Statement

Emerging technologies often bring substantial value, transforming industries and opening new possibilities. However, their rapid adoption also introduces complex risks that are frequently not fully understood at the outset. As these technologies evolve, the nature and scale of associated risks can shift in unexpected ways, making it challenging to anticipate their full impact. This pattern has been clear with technologies like cloud computing, where the pace of innovation often surpasses our understanding of its security implications. The greater the potential of a technology, the more complex its associated risks.

AI, particularly generative AI, represents the next major wave of transformation, with the potential to reshape nearly every application. This course aims to deepen students' understanding of GenAI and its security challenges, equipping them with the skills to proactively manage and mitigate these risks.

As the industry evolves, so will this course, ensuring that our approach to securing GenAI applications remains at the forefront.

-Ahmed Abugharbia

Ways to Learn

  • Live Online

The full SANS experience live at home! Get the ultimate in virtual, interactive SANS courses with leading SANS instructors via live stream. Following class, plan to kick back and enjoy a keynote from the couch.

View Available Dates & Time Zones

Who Should Attend SEC545?

  • Application Security Engineers: Professionals seeking to understand how LLMs and GenAI components impact traditional applications or differ from them, and learn about the unique security challenges posed by GenAI and tools available to secure the entire GenAI application lifecycle.
  • Cloud Security Engineers: Cloud professionals who need to understand how hosting GenAI applications affects their security posture and how to identify new risks, learn mitigation techniques, and apply security controls to protect GenAI workloads in the cloud.
  • SOC Analysts, Incident Handlers, and Threat Intelligence Professionals: Experts responsible for monitoring, investigating, and hunting threats. They need to understand GenAI components, hosting environments, and related systems, and the ability to analyze GenAI logs and alerts to detect anomalies and conduct thorough investigations.
  • Security Professionals: Experts responsible for securing an organization's network and infrastructure. They need to understand GenAI's impact within their environment, the systems it interacts with, and related risks and vulnerabilities.
  • Security Auditors, Compliance, and Risk Managers: Professionals focused on understanding the risks of GenAI adoption, assessing their impact, and developing risk management strategies, integrating GenAI risks into current auditing, compliance, and risk frameworks.
See prerequisites
Africa/Abidjan
Africa/Accra
Africa/Addis Ababa
Africa/Algiers
Africa/Asmara
Africa/Asmera
Africa/Bamako
Africa/Bangui
Africa/Banjul
Africa/Bissau
Africa/Blantyre
Africa/Brazzaville
Africa/Bujumbura
Africa/Cairo
Africa/Casablanca
Africa/Ceuta
Africa/Conakry
Africa/Dakar
Africa/Dar es Salaam
Africa/Djibouti
Africa/Douala
Africa/El Aaiun
Africa/Freetown
Africa/Gaborone
Africa/Harare
Africa/Johannesburg
Africa/Juba
Africa/Kampala
Africa/Khartoum
Africa/Kigali
Africa/Kinshasa
Africa/Lagos
Africa/Libreville
Africa/Lome
Africa/Luanda
Africa/Lubumbashi
Africa/Lusaka
Africa/Malabo
Africa/Maputo
Africa/Maseru
Africa/Mbabane
Africa/Mogadishu
Africa/Monrovia
Africa/Nairobi
Africa/Ndjamena
Africa/Niamey
Africa/Nouakchott
Africa/Ouagadougou
Africa/Porto-Novo
Africa/Sao Tome
Africa/Timbuktu
Africa/Tripoli
Africa/Tunis
Africa/Windhoek
America/Adak
America/Anchorage
America/Anguilla
America/Antigua
America/Araguaina
America/Argentina/Buenos Aires
America/Argentina/Catamarca
America/Argentina/ComodRivadavia
America/Argentina/Cordoba
America/Argentina/Jujuy
America/Argentina/La Rioja
America/Argentina/Mendoza
America/Argentina/Rio Gallegos
America/Argentina/Salta
America/Argentina/San Juan
America/Argentina/San Luis
America/Argentina/Tucuman
America/Argentina/Ushuaia
America/Aruba
America/Asuncion
America/Atikokan
America/Atka
America/Bahia
America/Bahia Banderas
America/Barbados
America/Belem
America/Belize
America/Blanc-Sablon
America/Boa Vista
America/Bogota
America/Boise
America/Buenos Aires
America/Cambridge Bay
America/Campo Grande
America/Cancun
America/Caracas
America/Catamarca
America/Cayenne
America/Cayman
America/Chicago
America/Chihuahua
America/Ciudad Juarez
America/Coral Harbour
America/Cordoba
America/Costa Rica
America/Creston
America/Cuiaba
America/Curacao
America/Danmarkshavn
America/Dawson
America/Dawson Creek
America/Denver
America/Detroit
America/Dominica
America/Edmonton
America/Eirunepe
America/El Salvador
America/Ensenada
America/Fort Nelson
America/Fort Wayne
America/Fortaleza
America/Glace Bay
America/Godthab
America/Goose Bay
America/Grand Turk
America/Grenada
America/Guadeloupe
America/Guatemala
America/Guayaquil
America/Guyana
America/Halifax
America/Havana
America/Hermosillo
America/Indiana/Indianapolis
America/Indiana/Knox
America/Indiana/Marengo
America/Indiana/Petersburg
America/Indiana/Tell City
America/Indiana/Vevay
America/Indiana/Vincennes
America/Indiana/Winamac
America/Indianapolis
America/Inuvik
America/Iqaluit
America/Jamaica
America/Jujuy
America/Juneau
America/Kentucky/Louisville
America/Kentucky/Monticello
America/Knox IN
America/Kralendijk
America/La Paz
America/Lima
America/Los Angeles
America/Louisville
America/Lower Princes
America/Maceio
America/Managua
America/Manaus
America/Marigot
America/Martinique
America/Matamoros
America/Mazatlan
America/Mendoza
America/Menominee
America/Merida
America/Metlakatla
America/Mexico City
America/Miquelon
America/Moncton
America/Monterrey
America/Montevideo
America/Montreal
America/Montserrat
America/Nassau
America/New York
America/Nipigon
America/Nome
America/Noronha
America/North Dakota/Beulah
America/North Dakota/Center
America/North Dakota/New Salem
America/Nuuk
America/Ojinaga
America/Panama
America/Pangnirtung
America/Paramaribo
America/Phoenix
America/Port-au-Prince
America/Port of Spain
America/Porto Acre
America/Porto Velho
America/Puerto Rico
America/Punta Arenas
America/Rainy River
America/Rankin Inlet
America/Recife
America/Regina
America/Resolute
America/Rio Branco
America/Rosario
America/Santa Isabel
America/Santarem
America/Santiago
America/Santo Domingo
America/Sao Paulo
America/Scoresbysund
America/Shiprock
America/Sitka
America/St Barthelemy
America/St Johns
America/St Kitts
America/St Lucia
America/St Thomas
America/St Vincent
America/Swift Current
America/Tegucigalpa
America/Thule
America/Thunder Bay
America/Tijuana
America/Toronto
America/Tortola
America/Vancouver
America/Virgin
America/Whitehorse
America/Winnipeg
America/Yakutat
America/Yellowknife
Antarctica/Casey
Antarctica/Davis
Antarctica/DumontDUrville
Antarctica/Macquarie
Antarctica/Mawson
Antarctica/McMurdo
Antarctica/Palmer
Antarctica/Rothera
Antarctica/South Pole
Antarctica/Syowa
Antarctica/Troll
Antarctica/Vostok
Arctic/Longyearbyen
Asia/Aden
Asia/Almaty
Asia/Amman
Asia/Anadyr
Asia/Aqtau
Asia/Aqtobe
Asia/Ashgabat
Asia/Ashkhabad
Asia/Atyrau
Asia/Baghdad
Asia/Bahrain
Asia/Baku
Asia/Bangkok
Asia/Barnaul
Asia/Beirut
Asia/Bishkek
Asia/Brunei
Asia/Calcutta
Asia/Chita
Asia/Choibalsan
Asia/Chongqing
Asia/Chungking
Asia/Colombo
Asia/Dacca
Asia/Damascus
Asia/Dhaka
Asia/Dili
Asia/Dubai
Asia/Dushanbe
Asia/Famagusta
Asia/Gaza
Asia/Harbin
Asia/Hebron
Asia/Ho Chi Minh
Asia/Hong Kong
Asia/Hovd
Asia/Irkutsk
Asia/Istanbul
Asia/Jakarta
Asia/Jayapura
Asia/Jerusalem
Asia/Kabul
Asia/Kamchatka
Asia/Karachi
Asia/Kashgar
Asia/Kathmandu
Asia/Katmandu
Asia/Khandyga
Asia/Kolkata
Asia/Krasnoyarsk
Asia/Kuala Lumpur
Asia/Kuching
Asia/Kuwait
Asia/Macao
Asia/Macau
Asia/Magadan
Asia/Makassar
Asia/Manila
Asia/Muscat
Asia/Nicosia
Asia/Novokuznetsk
Asia/Novosibirsk
Asia/Omsk
Asia/Oral
Asia/Phnom Penh
Asia/Pontianak
Asia/Pyongyang
Asia/Qatar
Asia/Qostanay
Asia/Qyzylorda
Asia/Rangoon
Asia/Riyadh
Asia/Saigon
Asia/Sakhalin
Asia/Samarkand
Asia/Seoul
Asia/Shanghai
Asia/Singapore
Asia/Srednekolymsk
Asia/Taipei
Asia/Tashkent
Asia/Tbilisi
Asia/Tehran
Asia/Tel Aviv
Asia/Thimbu
Asia/Thimphu
Asia/Tokyo
Asia/Tomsk
Asia/Ujung Pandang
Asia/Ulaanbaatar
Asia/Ulan Bator
Asia/Urumqi
Asia/Ust-Nera
Asia/Vientiane
Asia/Vladivostok
Asia/Yakutsk
Asia/Yangon
Asia/Yekaterinburg
Asia/Yerevan
Atlantic/Azores
Atlantic/Bermuda
Atlantic/Canary
Atlantic/Cape Verde
Atlantic/Faeroe
Atlantic/Faroe
Atlantic/Jan Mayen
Atlantic/Madeira
Atlantic/Reykjavik
Atlantic/South Georgia
Atlantic/St Helena
Atlantic/Stanley
Australia/ACT
Australia/Adelaide
Australia/Brisbane
Australia/Broken Hill
Australia/Canberra
Australia/Currie
Australia/Darwin
Australia/Eucla
Australia/Hobart
Australia/LHI
Australia/Lindeman
Australia/Lord Howe
Australia/Melbourne
Australia/NSW
Australia/North
Australia/Perth
Australia/Queensland
Australia/South
Australia/Sydney
Australia/Tasmania
Australia/Victoria
Australia/West
Australia/Yancowinna
Brazil/Acre
Brazil/DeNoronha
Brazil/East
Brazil/West
CET
CST6CDT
Canada/Atlantic
Canada/Central
Canada/Eastern
Canada/Mountain
Canada/Newfoundland
Canada/Pacific
Canada/Saskatchewan
Canada/Yukon
Chile/Continental
Chile/EasterIsland
Cuba
EET
EST
EST5EDT
Egypt
Eire
Etc/GMT
Etc/GMT+0
Etc/GMT+1
Etc/GMT+10
Etc/GMT+11
Etc/GMT+12
Etc/GMT+2
Etc/GMT+3
Etc/GMT+4
Etc/GMT+5
Etc/GMT+6
Etc/GMT+7
Etc/GMT+8
Etc/GMT+9
Etc/GMT-0
Etc/GMT-1
Etc/GMT-10
Etc/GMT-11
Etc/GMT-12
Etc/GMT-13
Etc/GMT-14
Etc/GMT-2
Etc/GMT-3
Etc/GMT-4
Etc/GMT-5
Etc/GMT-6
Etc/GMT-7
Etc/GMT-8
Etc/GMT-9
Etc/GMT0
Etc/Greenwich
Etc/UCT
Etc/UTC
Etc/Universal
Etc/Zulu
Europe/Amsterdam
Europe/Andorra
Europe/Astrakhan
Europe/Athens
Europe/Belfast
Europe/Belgrade
Europe/Berlin
Europe/Bratislava
Europe/Brussels
Europe/Bucharest
Europe/Budapest
Europe/Busingen
Europe/Chisinau
Europe/Copenhagen
Europe/Dublin
Europe/Gibraltar
Europe/Guernsey
Europe/Helsinki
Europe/Isle of Man
Europe/Istanbul
Europe/Jersey
Europe/Kaliningrad
Europe/Kiev
Europe/Kirov
Europe/Kyiv
Europe/Lisbon
Europe/Ljubljana
Europe/London
Europe/Luxembourg
Europe/Madrid
Europe/Malta
Europe/Mariehamn
Europe/Minsk
Europe/Monaco
Europe/Moscow
Europe/Nicosia
Europe/Oslo
Europe/Paris
Europe/Podgorica
Europe/Prague
Europe/Riga
Europe/Rome
Europe/Samara
Europe/San Marino
Europe/Sarajevo
Europe/Saratov
Europe/Simferopol
Europe/Skopje
Europe/Sofia
Europe/Stockholm
Europe/Tallinn
Europe/Tirane
Europe/Tiraspol
Europe/Ulyanovsk
Europe/Uzhgorod
Europe/Vaduz
Europe/Vatican
Europe/Vienna
Europe/Vilnius
Europe/Volgograd
Europe/Warsaw
Europe/Zagreb
Europe/Zaporozhye
Europe/Zurich
GB
GB-Eire
GMT
GMT+0
GMT-0
GMT0
Greenwich
HST
Hongkong
Iceland
Indian/Antananarivo
Indian/Chagos
Indian/Christmas
Indian/Cocos
Indian/Comoro
Indian/Kerguelen
Indian/Mahe
Indian/Maldives
Indian/Mauritius
Indian/Mayotte
Indian/Reunion
Iran
Israel
Jamaica
Japan
Kwajalein
Libya
MET
MST
MST7MDT
Mexico/BajaNorte
Mexico/BajaSur
Mexico/General
NZ
NZ-CHAT
Navajo
PRC
PST8PDT
Pacific/Apia
Pacific/Auckland
Pacific/Bougainville
Pacific/Chatham
Pacific/Chuuk
Pacific/Easter
Pacific/Efate
Pacific/Enderbury
Pacific/Fakaofo
Pacific/Fiji
Pacific/Funafuti
Pacific/Galapagos
Pacific/Gambier
Pacific/Guadalcanal
Pacific/Guam
Pacific/Honolulu
Pacific/Johnston
Pacific/Kanton
Pacific/Kiritimati
Pacific/Kosrae
Pacific/Kwajalein
Pacific/Majuro
Pacific/Marquesas
Pacific/Midway
Pacific/Nauru
Pacific/Niue
Pacific/Norfolk
Pacific/Noumea
Pacific/Pago Pago
Pacific/Palau
Pacific/Pitcairn
Pacific/Pohnpei
Pacific/Ponape
Pacific/Port Moresby
Pacific/Rarotonga
Pacific/Saipan
Pacific/Samoa
Pacific/Tahiti
Pacific/Tarawa
Pacific/Tongatapu
Pacific/Truk
Pacific/Wake
Pacific/Wallis
Pacific/Yap
Poland
Portugal
ROC
ROK
Singapore
Turkey
UCT
US/Alaska
US/Aleutian
US/Arizona
US/Central
US/East-Indiana
US/Eastern
US/Hawaii
US/Indiana-Starke
US/Michigan
US/Mountain
US/Pacific
US/Samoa
UTC
Universal
W-SU
WET
Zulu
Filters:
Training Formats
    Location
    Dates

    Register for SEC545

    Learn about Group Pricing

    Prices below exclude applicable taxes and shipping costs. If applicable, these will be shown on the last page of checkout.

    Loading...