Module 2 — Summary¶

Type: Theory · Duration: ~3 min · Status: Mandatory

Video script¶

[SLIDE 1 — Module 2 wrap]

Module 2 wrap. You now have a complete AI security framing layer on top of the AI substrate from Module 1. You can threat-model an AI system using STRIDE-MA, place attacks across the five attack-surface planes, look up adversary techniques in MITRE ATLAS, walk a system against the OWASP Top 10 for LLMs, and identify the NIST AI RMF subcategories and EU AI Act obligations that apply.

Most importantly, you produced a real threat-model artifact in lab L2.6 — the data-flow diagram, the STRIDE-MA table, the ATLAS mapping, the OWASP coverage matrix, the top-3 risks for the Module 1 RAG app. That artifact is now an input to Module 3.

[SLIDE 2 — What changes in Module 3]

Module 3 is the biggest module in the course — six hours, four mandatory labs, two optional. We turn your threat model into a red-team plan and execute it. Direct prompt injection. Indirect prompt injection via your poisoned corpus. System-prompt extraction. Insecure output handling. Agent escape. Defenses. Garak. PyRIT. Every attack ties back to a threat you identified in L2.6, and every defense ties back to an OWASP entry plus a NIST subcategory plus, where relevant, an EU AI Act article.

See you in Module 3.

Slide outline¶

Module 2 wrap — five-checkmark recap: Threat modeling · 5 planes · ATLAS · OWASP Top 10 · NIST + EU AI Act. Center anchor: the threat-model artifact from L2.6.
What's next — Module 3 teaser: biggest module, 4 mandatory labs, every attack ties back to L2.6's threat model.

Production notes¶

Recording time: 2–3 min raw. Bridge lesson, not a lecture.
Carry the "Module N → Module N+1" visual convention.