AI & Cyber Security Program

Concepts:

What is Cybersecurity? Why it matters more than ever

CIA Triad — Confidentiality, Integrity, Availability

Types of Hackers — White, Grey, Black Hat

Evolution of Cyber Threats — from script kiddies to AI-powered attacks

The convergence of AI and Cybersecurity — 2026 threat landscape

Career paths in AI-era cybersecurity

India's regulatory landscape — DPDP Act, CERT-In guidelines, RBI/SEBI mandates

Hands-On Lab:

Setting up your security lab — VirtualBox / VMware

Installing Kali Linux, Parrot OS

Lab environment walkthrough and safety protocols

Concepts:

Windows vs Linux security fundamentals

Linux file system architecture

Essential Linux commands for security professionals

File permissions, ownership, and access control

Process management and system monitoring

Bash scripting fundamentals for automation

Hands-On Lab:

Linux terminal mastery exercises

File permission and privilege configuration lab

Writing basic Bash scripts for system auditing

Windows Event Viewer and Sysmon introduction

Concepts:

Network fundamentals — what every security professional must know

OSI Model and TCP/IP stack — deep dive

IP addressing, subnetting, MAC addresses, ports

TCP vs UDP — protocol behavior and security implications

Core protocols — HTTP/S, FTP, DNS, SSH, SMTP, DHCP

Network devices — routers, switches, firewalls

Network segmentation and micro-segmentation concepts

Hands-On Lab:

Network commands — ifconfig, ip, ping, traceroute, netstat, ss

Wireshark packet capture and analysis (basics)

Understanding DNS resolution and HTTP traffic

Network mapping with basic Nmap scans

Concepts:

Firewalls — types, rules, configuration principles

Intrusion Detection Systems (IDS) and Intrusion Prevention Systems (IPS)

VPN fundamentals and secure tunneling

Zero Trust Architecture (ZTA) — principles and why it matters in 2026

Common network attacks — MITM, ARP Spoofing, DNS Poisoning, DDoS

Network monitoring and traffic analysis

Hands-On Lab:

Wireshark deep traffic analysis

Simulated MITM demonstration (controlled lab environment)

Firewall rule configuration exercise

Introduction to Snort/Suricata for IDS

Concepts:

What is Ethical Hacking? Penetration Testing lifecycle

Legal and ethical aspects — scope, authorization, responsible disclosure

Bug bounty programs — how they work, major platforms

Reconnaissance — passive vs active techniques

OSINT (Open Source Intelligence) fundamentals

Google Dorking, WHOIS, DNS enumeration

Tools & Hands-On Lab:

Setting up vulnerable targets — DVWA, Metasploitable, Juice Shop

Nmap scanning and service discovery

theHarvester, WHOIS lookups

Shodan exploration (demo/walkthrough)

Concepts:

Port scanning techniques and strategies

Service and version enumeration

Vulnerability scanning methodology

CVSS scoring and vulnerability prioritization

Predictive vulnerability management — how AI is changing this

Tools & Hands-On Lab:

Advanced Nmap techniques — scripts, OS detection, service enumeration

Nikto web server scanning

OpenVAS / Nessus introduction

Scanning vulnerable VMs and analyzing results

Writing a basic vulnerability assessment report

Concepts:

How modern web applications work — client-server architecture, APIs

OWASP Top 10 (Web Applications) — comprehensive walkthrough

SQL Injection — types, detection, exploitation, prevention

Cross-Site Scripting (XSS) — stored, reflected, DOM-based

Cross-Site Request Forgery (CSRF)

File upload vulnerabilities, IDOR, broken authentication

API security fundamentals

Tools & Hands-On Lab:

SQL Injection lab on DVWA

XSS exploitation and mitigation lab

Burp Suite introduction — intercepting, modifying, replaying requests

OWASP ZAP for automated scanning

Concepts:

Password attack methodologies — brute force, dictionary, credential stuffing

Hashing algorithms, salting, password storage best practices

Privilege escalation — basic techniques (Linux and Windows)

Malware types — viruses, trojans, ransomware, worms, rootkits

Ransomware-as-a-Service (RaaS) — the 2026 threat

Introduction to wireless security — WPA2/WPA3, Evil Twin (theory)

Tools & Hands-On Lab:

Hydra — brute force attacks

John the Ripper and Hashcat — password cracking

Basic privilege escalation exercises

Malware analysis concepts (static analysis introduction)

Concepts:

What is Artificial Intelligence? — types and capabilities

Machine Learning fundamentals — supervised, unsupervised, reinforcement learning

Training vs inference — the ML lifecycle

Neural networks and deep learning (conceptual overview)

How AI is transforming both cyberattacks and cyberdefense

Python for security — why every security professional needs it

Hands-On Lab:

Python environment setup — Jupyter Notebook, VS Code

Python essentials for security — scripting, file handling, API calls

Simple ML model demonstration using Scikit-learn

Dataset loading, exploration, and visualization with Pandas/Matplotlib

Concepts:

What are Large Language Models (LLMs)? How they work

Generative AI — capabilities and limitations

AI Agents — what they are, how they differ from chatbots

The Agentic AI revolution — autonomous planning, tool use, decision-making

AI agent architectures — single agent, multi-agent, orchestration

The expanded attack surface of AI systems — data, model, API, infrastructure

Why AI agent security is fundamentally different from traditional LLM security

Hands-On Lab:

Interacting with LLM APIs (OpenAI, Anthropic, Google)

Understanding token limits, system prompts, and model behavior

Mapping the attack surface of a sample AI application

AI threat modeling exercise using STRIDE methodology

Concepts:

AI-enhanced phishing and social engineering — deepfakes, voice cloning

AI-generated malware and polymorphic threats

Automated reconnaissance and AI-powered vulnerability discovery

Cybercrime-as-a-Service (CaaS) — AI-powered underground tools

AI-assisted password cracking and credential stuffing

Autonomous attack agents — what they can do today

Case studies — real-world AI-powered cyberattacks (2024–2026)

Hands-On Lab:

Analyzing AI-generated phishing emails — detection techniques

Deepfake detection demonstration

Understanding AI-augmented attack workflows

Threat intelligence gathering using AI tools

Concepts:

Adversarial Machine Learning — core concepts

Adversarial examples — image perturbation, text manipulation

White-box vs black-box attacks on ML models

Data poisoning attacks — clean-label poisoning, backdoor attacks

Training-time vs inference-time attacks

Data leakage risks in AI pipelines

Bias injection and fairness manipulation

Hands-On Lab:

Creating adversarial image examples — model misclassification demo

Data poisoning simulation — observing accuracy degradation

Dataset inspection for anomalies and poisoned data

Bias detection in training datasets

Concepts:

OWASP Top 10 for LLM Applications (2025 Edition) — complete walkthrough

LLM01: Prompt Injection (Direct & Indirect)

LLM02: Sensitive Information Disclosure

LLM03: Supply Chain Vulnerabilities

LLM04: Data and Model Poisoning

LLM05: Improper Output Handling

LLM06: Excessive Agency

LLM07: System Prompt Leakage

LLM08: Vector and Embedding Weaknesses

LLM09: Misinformation

LLM10: Unbounded Consumption

Prompt injection deep dive — techniques, real-world examples, defenses

Jailbreaking LLMs — methods and countermeasures

Hallucinations as a security risk

Hands-On Lab:

Prompt injection attack exercises — direct and indirect

Jailbreak attempt analysis — safe vs unsafe prompts

Red-teaming LLM responses — systematic approach

Implementing basic prompt guardrails and input validation

Concepts:

Model extraction attacks — stealing model weights and behavior

Model inversion attacks — recovering training data

Membership inference attacks — determining if data was in training set

AI intellectual property theft and protection

AI supply chain risks — compromised models, poisoned datasets, malicious packages

Shadow AI — unmonitored AI tools within organizations

Secure model deployment pipelines

Hands-On Lab:

API abuse simulation — querying models to extract behavior

Model behavior observation and fingerprinting

Scanning for vulnerable AI/ML dependencies

Secure model deployment checklist exercise

Concepts:

Why agentic AI requires a completely new security framework

OWASP Top 10 for Agentic Applications — comprehensive walkthrough:

ASI01: Agent Goal Hijacking

ASI02: Tool Misuse & Unintended Actions

ASI03: Insecure Agent-to-Agent Communication

ASI04: Insufficient Agent Authorization

ASI05: Sensitive Data Leakage

ASI06: Knowledge Base Poisoning

ASI07: Denial of Wallet / Unbounded Resource Consumption

ASI08: Rogue Agents & Cascading Failures

ASI09: Inadequate Audit & Observability

ASI10: Insecure Agent Memory & Context

Principle of Least Agency — the foundational defense principle

Agent identity management — non-human identity security

Multi-agent security patterns

Hands-On Lab:

Agent goal hijacking simulation

Tool misuse scenario analysis

Designing secure agent authorization frameworks

Agent audit logging and observability exercise

Concepts:

Secure AI/ML pipeline design — from data to deployment

Model hardening techniques — adversarial training, input validation

AI model monitoring in production — drift detection, behavioral anomalies

Output filtering and Data Loss Prevention (DLP) for AI

AI governance frameworks overview:

NIST AI Risk Management Framework (AI RMF)

EU AI Act — high-risk AI requirements (enforcement August 2026)

ISO/IEC 42001 — AI Management Systems

India's DPDP Act implications for AI

Responsible AI — explainability (XAI), fairness, accountability

AI red teaming methodology

Hands-On Lab:

Improving model robustness — adversarial training demo

Explainability demonstration using SHAP/LIME

AI risk assessment worksheet exercise

Building an AI governance checklist for an enterprise

Concepts:

The modern Security Operations Center (SOC) — AI-enhanced operations

SIEM fundamentals — log aggregation, correlation, alerting

AI-powered threat detection — behavioral analytics, anomaly detection

Predictive threat modeling using AI

Automated incident triage and response

AI-powered vulnerability prioritization

Threat intelligence platforms and AI-driven threat hunting

Reducing alert fatigue with AI — intelligent alert correlation

Tools & Hands-On Lab:

Splunk fundamentals — log ingestion, search, dashboards, alerting

AI-assisted log analysis exercise

Creating detection rules based on behavioral patterns

Windows Event Viewer deep dive and Sysmon configuration

Threat hunting scenario walkthrough

Concepts:

Cloud security fundamentals — shared responsibility model

AWS / Azure / GCP security services overview

Identity and Access Management (IAM) in cloud environments

Cloud-native security architectures — continuous authentication and monitoring

Securing AI workloads in the cloud (AWS Bedrock, Azure AI, GCP Vertex)

Containerization security (Docker, Kubernetes basics)

Infrastructure as Code (IaC) security scanning

Cloud misconfiguration — the #1 cloud vulnerability

Hands-On Lab:

Cloud security configuration review exercise

IAM policy analysis and least privilege exercise

Cloud security audit simulation

Securing an AI deployment in cloud environment

Concepts:

Incident response lifecycle — preparation, detection, containment, eradication, recovery, lessons learned

AI-powered incident response — automated containment and triage

Digital forensics introduction — evidence collection, chain of custody

AI-enhanced forensics — automated log correlation, timeline reconstruction

Incident response for AI system failures — unique considerations

AI supply chain incident management

Business continuity and disaster recovery in AI-era

Compliance incident reporting — CERT-In, DPDP Act requirements

Hands-On Lab:

Incident response tabletop exercise

AI incident scenario analysis — compromised agent response

Log forensics using Splunk

Creating an incident response playbook for AI systems

Concepts:

Post-Quantum Cryptography (PQC) — why it matters now

Quantum computing threats to current encryption

NIST PQC standards and migration planning

Zero Trust Architecture (ZTA) — deep dive implementation

Identity security in the agentic era — machine identities, non-human identities

Passwordless authentication, continuous verification

Supply chain security — software and AI supply chains

Cybersecurity mesh architecture (CSMA)

Regulatory landscape 2026+ — EU AI Act, Colorado AI Act, India DPDP

Hands-On Lab:

Zero Trust policy design exercise

Identity and access management review

Quantum-safe encryption concepts demonstration

Supply chain security assessment exercise

Concepts:

Red Team operations — planning, execution, reporting

Blue Team operations — detection, response, hardening

Purple Team — collaborative security improvement

AI Red Teaming — testing AI systems for vulnerabilities

MITRE ATT&CK framework — tactics, techniques, procedures

MITRE ATLAS — adversarial threat landscape for AI

Building detection rules and hunting hypotheses

Writing professional penetration test reports

Hands-On Lab:

Red Team exercise — full attack chain on practice target

Blue Team exercise — detecting and responding to the attack

AI red teaming — testing an LLM application for OWASP vulnerabilities

MITRE ATT&CK mapping exercise

Concepts:

CTF methodology and competitive cybersecurity

Challenge categories — web, forensics, crypto, reverse engineering, AI

TryHackMe and Hack The Box guided exercises

AI security-specific CTF challenges

Hands-On Lab:

Full CTF competition

TryHackMe / Hack The Box challenge labs

AI security challenge — find and exploit LLM vulnerabilities

Team-based red/blue team simulation

Students choose one major project and present it:

Project Option A: Enterprise Penetration Test + AI Security Assessment

Project Option B: Secure AI Agent Pipeline Design

Project Option C: AI-Powered SOC — Detection & Response

Project Option D: AI Governance Framework for an Indian Enterprise

Certification Roadmap Guidance:

Foundation: CompTIA Security+, CEH (EC-Council), eJPT (INE)

Intermediate: OSCP, BTL1 (Blue Team Level 1), CompTIA CySA+

AI Security: CAISP (Certified AI Security Professional), NVIDIA Agentic AI

Governance: AIGP (IAPP), ISO 42001 Practitioner

Advanced: CISSP, OSWE, GIAC certifications

Career Preparation:

Resume building for AI-cybersecurity roles — what recruiters want in 2026

LinkedIn profile optimization and personal branding

Portfolio building — GitHub, blog posts, CTF writeups

Interview preparation — technical + behavioral

Mock interviews with industry feedback

Job search strategies — direct applications, bug bounties, freelancing, consulting