Skip to content

Module 9 — Capstone Project

Duration: ~4 hrs · Status: Mandatory (required for certification) Lessons: 5 — scenario brief, deliverable spec, reference solution, summary, plus module overview Framework coverage: end-to-end: OWASP LLM Top 10, MITRE ATLAS, NIST AI RMF (all 4 functions), EU AI Act (Articles 9, 11, 12, 14, 15, 73), HIPAA

Module outcomes

By the end of this module, the learner can: 1. Produce a complete AI security engineering deliverable for a realistic SaaS — threat model + red-team report + remediation plan + pre-launch checklist — at the depth a senior reviewer expects. 2. Self-assess the deliverable against a written rubric and against a reference solution. 3. Articulate the work in the format a prospective employer or client would expect to see.

Lesson list

  • L9.1 — Helios Health: scenario brief (Reading, ~30 min)
  • L9.2 — The capstone deliverable: four artifacts + rubric (Reading + planning, ~30 min)
  • L9.3 — Reference solution: worked example (Reading, post-attempt only, ~30 min)
  • 99-module-summary.md — bridge to Module 10 (~3 min)

Plus the capstone itself, ~3 hours of work producing the four artifacts.

What you'll produce

Single deliverable submitted as a folder runs/lab9/helios-capstone/ containing:

  1. threat-model.md — Data-flow diagram + trust boundaries + STRIDE-MA threat table (≥ 12 rows) + ATLAS technique mappings + OWASP LLM Top 10 coverage matrix.
  2. red-team-report.md — At least 5 findings, severity-rated, each with: technique, multi-framework citations (ATLAS + OWASP + NIST + EU AI Act + HIPAA where relevant), reproduction steps, impact, recommendation.
  3. remediation-plan.md — Prioritized remediation roadmap with: technical controls (M7 patterns), governance controls (M8 patterns), responsible parties, target dates, residual-risk acceptance.
  4. pre-launch-checklist.md — Pre-launch gate checklist tied to NIST AI RMF functions + EU AI Act articles, with launch-blocking vs launch-with-mitigations vs informational classifications per item.

Pass criteria: meet the rubric's "Acceptable" threshold on all four artifacts. Reference solution available for self-grading after attempt.

How to approach the capstone

Three suggested time allocations:

Option A — Sequential (recommended, ~3 hrs). - 30 min: read scenario brief; ask clarifying questions (to yourself). - 60 min: threat model. - 60 min: red-team report. - 30 min: remediation plan + pre-launch checklist.

Option B — Parallel (~3 hrs). - 30 min: scenario brief. - 90 min: threat model + initial red-team findings together (they inform each other). - 60 min: remediation plan + pre-launch checklist.

Option C — Light-touch (~1.5 hrs). If you're under time pressure, produce the threat model + one finding fully + skeletal remediation + checklist. Iterate later. Won't pass the rubric but gives you a starting point.

Why this matters

This is the artifact that proves you can do the work. Three audiences will read your capstone:

  • Yourself, two years from now, when you're asked "show me an AI security engineering deliverable you've produced." This is your reference.
  • Prospective employers, when you're interviewing for AI security roles. "I built this on the Asfela course" is concrete.
  • Internal stakeholders, when you're advocating for an AI security function at your current company. The same artifact, applied to your real systems, becomes your business case.

The work in M9 is the synthesis of M0–M8. Every skill the course built shows up here.

What's next

Module 10 — Certification Exam. 50 questions covering the entire course; 75% to pass; certificate issued on completion. ~1 hour.

After the exam, you have: - An AI Security Engineering certification. - A capstone deliverable in your portfolio. - Working artifacts (threat model template, defense stack, IR playbook, governance package) from M0–M8 you can adapt to real systems.

That's the program. Welcome to the discipline.