SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense, Artificial Intelligence
SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
AI-FOCUSEDNew
SEC545: GenAI and LLM Application Security
SEC545Cloud Security, Artificial Intelligence
- 3 Days (Instructor-Led)
- 18 Hours (Self-Paced)
- 18 CPEs
Apply your credits to renew your certifications
- In-Person, Virtual or Self-Paced
Attend a live, instructor-led class at a location near you or remotely, or train on your time over 4 months
- Advanced Skill Level
Course material is geared for cyber security professionals with hands-on experience
- 11 Hands-On Lab(s)
Apply what you learn with hands-on exercises and labs
Secure the full GenAI lifecycle, mastering hands-on strategies to defend LLMs, agents, and RAG-powered apps from development to deployment.
Course Overview
SEC545 explores GenAI security, from core concepts like LLMs and RAG to real-world risks like prompt injection and supply chain threats. Students learn to build, secure, and deploy GenAI apps using best practices for tools like LangChain, agents, and cloud platforms such as AWS Bedrock.
What You’ll Learn
- Understand GenAI and LLMs, and examine LangChain agents and MCP
- Explore models, tools, fine-tuning, and customization options
- Identify GenAI-specific risks and mitigations
- Secure RAG pipelines, embeddings, and vector databases
- Apply security controls in GenAI operations
- Compare secure hosting, deployment, and cloud options
- Integrate GenAI into existing security frameworks
Business Takeaways
- Understand GenAI applications
- Identify potential risks associated with GenAI applications
- Learn how to mitigate GenAI risks effectively
Meet Your Author
Ahmed Abugharbia
Ahmed AbugharbiaAhmed Abugharbia
Certified InstructorAhmed Abugharbia is a SANS Certified Instructor and founder of Cyberdojo, focusing on GenAI and Cloud Security. With over 17 years of experience in security, Ahmed has worked and led projects in cloud security, network and application security, as well as incident handling.
Read more about Ahmed AbugharbiaCourse Syllabus
Explore the course syllabus below to view the full range of topics covered in SEC545: GenAI and LLM Application Security.
Section 1GenAI, Large Language Models (LLMs), and Security Risks
The course starts with GenAI fundamentals, covering key concepts like Large Language Models (LLMs), embeddings, and Retrieval-Augmented Generation (RAG). Students will explore security risks unique to GenAI, including prompt injection, malicious models, and third-party supply chain vulnerabilities.
Topics covered
- GenAI Introduction and Concepts
- Fine-Tuning Models
- Augmenting GenAI Knowledge
- Safe Use and Moderation
Labs
- LLMs and Prompt Injection
- Fine-tuning OpenAI Models
- Compromising Vector Database
- Safe Use and Moderation
Section 2Securing GenAI Applications
Building on section 1, students explore core components for GenAI apps, like vector databases, LangChain, AI agents, and MCP. Section 2 also covers deployment strategies, comparing cloud and on-premises setups with a focus on the security risks unique to each.
Topics covered
- Hosting GenAI Applications
- GenAI Applications Architecture
- Agentic AI
- Langchain Security
Labs
- AWS Bedrock
- Pivoting from LLMs
- Compromising LLM Supply Chain
- Langchain Security
Section 3MLSecOps and Securing the GenAI Applications Lifecycle
In the third and final section, students focus on MLSecOps—the integration of security operations into the machine learning lifecycle—and conclude by learning advanced threat modeling techniques aimed at identifying, assessing, and comprehensively mitigating risks.
Topics covered
- Model Sanitization Attacks
- MLSecOps – Securing AI Deployment Pipeline
Labs
- Model Serialization Attacks
- MLSecOps – Securing AI Deployment Pipeline
- Capture the Flag
Things You Need To Know
Relevant Job Roles
Cloud Security Engineer
Cloud SecurityBuilding security solutions for cloud workflows.
Explore learning pathCloud Security Analyst
Cloud SecurityUsing cloud security solutions to establish a security foundation, enable comprehensive defenses and detect attacks.
Explore learning pathCybersecurity Architecture (OPM 652)
NICE: Design and DevelopmentResponsible for ensuring that security requirements are adequately addressed in all aspects of enterprise architecture, including reference models, segment and solution architectures, and the resulting systems that protect and support organizational mission and business processes.
Explore learning pathTechnology Research and Development (OPM 661)
NICE: Design and DevelopmentResponsible for conducting software and systems engineering and software systems research to develop new capabilities with fully integrated cybersecurity. Conducts comprehensive technology research to evaluate potential vulnerabilities in cyberspace systems.
Explore learning pathNetwork Operations (OPM 441)
NICE: Implementation and OperationResponsible for planning, implementing, and operating network services and systems, including hardware and virtual environments.
Explore learning pathSoftware Security Assessment (OPM 622)
NICE: Design and DevelopmentResponsible for analyzing the security of new or existing computer applications, software, or specialized utility programs and delivering actionable results.
Explore learning pathEnterprise Architecture (OPM 651)
NICE: Design and DevelopmentResponsible for developing and maintaining business, systems, and information processes to support enterprise mission needs. Develops technology rules and requirements that describe baseline and target architectures.
Explore learning pathSecure Systems Development (OPM 631)
NICE: Design and DevelopmentResponsible for the secure design, development, and testing of systems and the evaluation of system security throughout the systems development life cycle.
Explore learning pathCourse Schedule & Pricing
Looking for Group Purchasing Options?Contact Us
OnDemand Bundle
When purchasing a live, instructor-led course, add 4 months of online access. View price in the info icons below.
SANS Skills Quest by NetWars Core Edition
Add 6 months of hands-on skills practice. Add to your cart when purchasing your course.
- Date & TimeOnDemand (Anytime)Self-Paced, 4 months accessCourse price5,250ドル USD*Prices exclude applicable local taxesRegistration Options
- Location & instructor
SANS SEC545 at Cyber Defense Initiative 2025
Washington, DC, US & Virtual (live)
Instructed byDate & TimeFetching schedule..Course price5,250ドル USD*Prices exclude applicable local taxes - Location & instructor
SANS Cyber Defense Initiative 2025
Washington, DC, US & Virtual (live)
Instructed byDate & TimeFetching schedule..Course price5,250ドル USD*Prices exclude applicable local taxesRegistration Options
Showing 3 of 3
Benefits of Learning with SANS
Instructor teaching to a class
Get feedback from the world’s best cybersecurity experts and instructors
OnDemand Mobile App
Choose how you want to learn - online, on demand, or at our live in-person training events
Resources
Get access to our range of industry-leading courses and resources