Module 1 — Summary¶
Type: Theory · Duration: ~3 min · Status: Mandatory
Video script¶
[SLIDE 1 — Module 1 wrap]
Module 1 wrap. You now have working ML literacy from a security engineer's perspective. You can explain training vs inference and why each has a distinct attack surface. You can describe a neural network as a stack of (linear-transform + nonlinearity) layers and reason about gradients, weights, and activations as attack targets. You can unpack an LLM into tokenization, embedding, transformer, and decoding stages — and you know which attacks live at which stage. You've placed every major AI attack class on the six-stage pipeline map. And you've built a real RAG system, locally, that becomes your target system for the rest of the course.
[SLIDE 2 — What changes in Module 2]
Module 2 is the mirror image. You spent this module learning AI fundamentals from the security side; in Module 2, we layer the security framing onto the ML substrate. Threat modeling adapted for AI systems. The full AI attack surface — model, data, infrastructure, application, supply chain. A deep dive into MITRE ATLAS. A walk-through of the OWASP Top 10 for LLMs, in detail. And just enough NIST AI RMF and EU AI Act to inform your engineering decisions.
One mandatory lab in Module 2: you'll build a complete threat model for the Module-1 RAG app, with a data-flow diagram, a STRIDE-adapted threat table, and ATLAS technique mappings. That artifact is the foundation for everything you'll attack in Module 3.
See you in Module 2.
Slide outline¶
- Module 1 wrap — five-checkmark recap: ML basics · Neural networks · LLM internals · Pipeline & attack map · RAG system built.
- What's next — Module 2 teaser: threat-modeling lab callout that takes the M1 RAG and turns it into a threat model.
Production notes¶
- Recording time: 2–3 min raw. Bridge lesson, not a lecture.
- Carry the same "Module N → Module N+1" visual convention from M0 summary for continuity.