AI-powered Security Operations Bootcamp

Build a production-grade threat intel workflow where AI accelerates analyst work without becoming the source of truth & paste a real threat report URL, get back an analyst-ready evidence pack.

• AI-augmented IOC extraction from public threat reports
• Dynamic MITRE ATT&CK mapping with hallucination validation against the live ATT&CK dataset
• ATT&CK Navigator layer + SOC hunting pack generation (SPL + KQL starters)
• Analyst-in-the-loop validation: final / review / rejected separation

Use AI to draft, challenge, and validate compliance artifacts across ISO 27001, NIST CSF 2.0, EU AI Act, NIST AI RMF, and ISO 42001 without losing audit defensibility.

• ISO 27001:2022 Statement of Applicability drafting at scale
• NIST CSF 2.0 maturity assessment and gap analysis
• AI Governance through EU AI Act + ISO 42001 + NIST AI RMF lens
• GRC validation gate to catch hallucinated framework references and unsupported claims

Bring AI into every stage of detection engineering, from drafting Sigma rules to validating them against telemetry, and then turn detection engineering back on AI systems themselves.

• AI-assisted Sigma rule generation from attacker behaviour
• AI-powered log triage, incident timeline construction, and IR report drafting
• Detection validation against real Windows Security and Sysmon logs
• Sigma detection rules FOR AI agent telemetry - tool-call anomalies, exfiltration patterns, memory-write events

Understand the LLM internals that an attacker actually exploits, such as tokenisation, system prompt boundaries, sampling, and trust failures, because every attack starts here.

• Tokenisation deep-dive: token smuggling, homoglyphs, encoding bypass
• System prompt trust boundary failures
• Attack reliability across temperature and sampling: measuring ASR, not vibes
• Uncensored vs aligned open-weight models: behavioural comparison

The most active LLM attack surface in 2026, direct, indirect, and multi-turn, all covered with a measured Attack Success Rate.

• Manual Crescendo + Auto Crescendo (attacker/target/judge model loop)
• Skeleton Key direct policy override
• Many-shot Jailbreak and Context Compliance Attack (CCA)
• EchoLeak reproduction - CVE-2025-32711 markdown image exfil chain end to-end
• PoisonedRAG - embedding-layer poisoning of a local FAISS / Chroma knowledge base
• Judge-model scoring, telemetry capture, and Attack Success Rate measurement

Where the 2025-2026 attack frontier actually lives - multi-agent systems, MCP servers, memory poisoning, and automated red-team tooling, all mapped to OWASP Agentic Top 10 (ASI01–ASI10).

• Build a 3-agent system (Orchestrator + Email + File), break it with indirect injection, harden it with 3 defences
• Persistent memory poisoning across sessions, with SIEM-style detection
• Garak vulnerability scanning + aligned vs uncensored model comparison
• MCP Tool Poisoning & Rug Pulls - CVE-2025-54136 (MCPoison) and CVE 2025-54135 (CurXecute).
• PyRIT Automated Red Team - Microsoft's Crescendo and Tree-of-Attacks with Pruning orchestrators against your own targets