NEW

Start with the pressure: sales, launch, abuse, agents, data, or guardrails

Use the engagement router
aisecurityllc
Sign inStart AI Security Assessment
aisecurityllc
Start AI Security Assessment
Academy/Course Syllabus
Official Course Document

AIPSA Academy

AI Product Security Assessment Training

Hands-on practitioner training for engineers, architects, and security professionals building, testing, and approving AI products. 16 labs across the Map, Attack, Defend, and Evidence pillars — with structured exercises, self-scored evidence templates, framework mappings, and four AIPSA certification levels.

11+ hourslab time
16 labsacross 4 pillars
37 chaptersHandbook · Field Guide · Mythos
4 cert levelsFoundation → Distinguished
Start the courseEnterprise SCORM package

Audience

Who this course is for

Security engineers

AppSec and product security practitioners adding AI to their scope. Covers the full AIPSA framework including domain-specific labs and evidence generation.

L&D / enterprise training

Teams deploying AI security training at scale. SCORM 2004 compatible for Moodle, Canvas, Cornerstone, and Blackboard. xAPI statements for LRS integration.

Certification candidates

Anyone pursuing AIPSA Foundation, Practitioner, Advanced, or Distinguished credentials. The course maps directly to the assessment domain taxonomy.

Learning outcomes

What you will be able to do

Map AI system components, trust boundaries, and data flows into a structured inventory

Threat model AI products using STRIDE and AIPSA domain taxonomy

Execute prompt injection, indirect injection, and context manipulation test cases

Analyze RAG pipeline configurations for authorization gaps and tenant isolation failures

Evaluate agent tool permissions for scope creep, side effects, and approval gate gaps

Audit MLOps stacks for credential exposure, overprivileged IAM, and artifact security

Assess AI vendor trust centers, DPAs, and security questionnaires for procurement blockers

Build governance evidence artifacts: policy gap analyses, risk acceptance statements, control maps

Produce logging architectures with the minimum forensic surface for AI-specific incidents

Lead AI security incident response exercises with containment and post-incident controls

Map controls to OWASP LLM Top 10, NIST AI RMF, MITRE ATLAS, ISO 42001, and EU AI Act

Generate customer-ready evidence artifacts for security questionnaires and audits

Course outline

16 labs across 4 pillars

Runner labs are scored exercises with evidence templates. Scanner labs are interactive security tools embedded in a structured learning context.

Map

2 labs
2h 50min
01AI Inventory & BoundariesRunner
Practitioner50 min
02AI Product Threat ModelingRunner
Expert60 min

Attack

5 labs
4h 15min
01Prompt Injection LabScanner
Foundation35 min
02Prompt Security LabScanner
Practitioner25 min
03AI Supply Chain SecurityRunner
Practitioner45 min
04Memory Poisoning LabRunner
Advanced45 min
05Multimodal Injection LabRunner
Advanced45 min

Defend

4 labs
2h 55min
01Output Safety LabScanner
Practitioner25 min
02Agent Permission LabScanner
Practitioner25 min
03RAG Security LabScanner
Practitioner25 min
04MLOps Platform SecurityRunner
Practitioner40 min

Evidence

5 labs
4h 30min
01RAG Data Leakage LabRunner
Advanced45 min
02AI Governance & PolicyRunner
Foundation35 min
03Logging & Forensics LabRunner
Practitioner45 min
04Incident Response LabRunner
Practitioner45 min
05AI Vendor Risk & ProcurementRunner
Practitioner40 min

Prerequisites

What you should know first

  • Basic software engineering or security background (AppSec, cloud, API security)
  • Familiarity with LLM APIs (OpenAI, Anthropic, or equivalent) at a conceptual level
  • Understanding of web application security fundamentals (HTTP, auth, access control)
  • No AI security experience required — the course builds from first principles

Delivery

How the course is delivered

Self-paced

All 16 labs available immediately. No deadlines or cohort schedule.

Browser-based

No software installation. Labs run in any modern browser.

SCORM 2004

Enterprise deployable. Imports into Moodle, Canvas, Cornerstone, Blackboard.

xAPI / LRS

Learning statements emitted per lab completion for LRS integration.

LTI 1.3 ready

Embed directly in your organization's LMS without SCORM import.

Completion certs

PDF certificate issued per lab. Course completion cert on full pass.

Certification

Four AIPSA credential levels

AIPSA

Foundation

2–3 runner labs passed

Demonstrates awareness of AI security risk categories and the AIPSA framework.

AIPSA

Practitioner

4–6 runner labs passed

Demonstrates hands-on competency across multiple AIPSA domains with scored evidence.

AIPSA

Advanced

7–9 runner labs passed

Demonstrates cross-domain AI security expertise with advanced lab scores.

AIPSA

Distinguished

10+ runner labs passed

Expert-level mastery across the full AIPSA framework. Publicly verifiable.

View full certification details

Reading materials

37 chapters across three publications

15 chapters

AIPSA Handbook

Practice-deep companion. One chapter per lab domain, covering attack patterns, defenses, evidence requirements, and framework mappings.

14 chapters

AIPSA Field Guide

One chapter per assessment domain. Practitioner playbooks for securing LLM apps, agents, RAG, MLOps, and governance at speed.

8 selected chapters

AI Security Mythos Report

Strategic context. The arguments behind the framework — why AI security is a product security discipline, not a model safety question.

Browse all reading materials

Get started

Start the AIPSA course today.

Individual access is free — start with any lab and track your progress toward AIPSA certification. Enterprise and team licensing available with SCORM deployment and LRS integration.

Start the courseEnterprise licensingBrowse all labs