메뉴
Professional certifications, CTF competitions, and training resources for AI security practitioners
CI/CD integration and automation frameworks for continuous AI security testing
Standard datasets and benchmarks for evaluating AI security, robustness, and safety
Tools and frameworks for AI red teaming including PyRIT, garak, Counterfit, and custom attack automation
Ethical vulnerability reporting, coordinated disclosure, and bug bounty participation for AI systems
Structured approaches for AI security testing including threat modeling, penetration testing, and red team operations
Generate adversarial inputs, edge cases, and boundary test payloads for stress-testing LLM robustness
| name | certifications-training |
| version | 2.0.0 |
| description | Professional certifications, CTF competitions, and training resources for AI security practitioners |
| sasmp_version | 1.3.0 |
| bonded_agent | 01-red-team-commander |
| bond_type | SECONDARY_BOND |
| input_schema | {"type":"object","required":["query_type"],"properties":{"query_type":{"type":"string","enum":["certifications","ctf","training","career_path","resources"]},"experience_level":{"type":"string","enum":["beginner","intermediate","advanced","expert"]},"focus_area":{"type":"string","enum":["llm_security","adversarial_ml","model_security","general"]}}} |
| output_schema | {"type":"object","properties":{"recommendations":{"type":"array"},"learning_path":{"type":"object"},"resources":{"type":"array"},"estimated_timeline":{"type":"string"}}} |
| owasp_llm_2025 | ["LLM01","LLM02","LLM03","LLM04","LLM05","LLM06","LLM07","LLM08","LLM09","LLM10"] |
| nist_ai_rmf | ["Govern","Map","Measure","Manage"] |
Build professional expertise through certifications, CTFs, and structured training programs.
Skill: certifications-training
Agent: 01-red-team-lead
OWASP: Full LLM Top 10 Coverage
NIST: Govern, Map, Measure, Manage
Use Case: Professional development
┌────────────────────────────────────────────────────────────────────┐
│ AI SECURITY CAREER PATH │
├────────────────────────────────────────────────────────────────────┤
│ │
│ ENTRY LEVEL (0-2 years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ Security Analyst → AI Security Analyst → Jr. Red Team │ │
│ │ Skills: Python, ML basics, Security fundamentals │ │
│ │ Certs: Security+, AI Fundamentals, CEH │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ ↓ │
│ MID LEVEL (2-5 years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ AI Red Team Engineer → Senior Red Team → Team Lead │ │
│ │ Skills: Adversarial ML, LLM security, Tool development │ │
│ │ Certs: OSCP, CAISP, Cloud AI certs │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ ↓ │
│ SENIOR LEVEL (5+ years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ Principal → Director → CISO (AI Focus) │ │
│ │ Skills: Strategy, Research, Thought leadership │ │
│ │ Certs: CISSP, Research publications, Speaking │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ │
└────────────────────────────────────────────────────────────────────┘
Certifications:
CAISP (Certified AI Security Professional):
provider: "(ISC)²"
focus: "AI Security Architecture"
prerequisites: "5 years security experience"
domains:
- AI/ML Security Fundamentals
- Secure AI Development
- AI Threat Modeling
- AI Governance & Compliance
renewal: "3 years, CPE credits"
value: "Industry recognized, comprehensive"
Google AI Red Team Certificate:
provider: "Google"
focus: "LLM Security Testing"
prerequisites: "ML experience recommended"
topics:
- Prompt injection attacks
- Model extraction
- Safety evaluation
- Responsible disclosure
format: "Online, self-paced"
value: "Vendor-specific, practical"
Microsoft AI-900:
provider: "Microsoft"
focus: "Azure AI Fundamentals"
prerequisites: "None"
topics:
- AI/ML concepts
- Azure AI services
- Responsible AI principles
format: "Exam-based"
value: "Entry-level, cloud-focused"
AWS Machine Learning Specialty:
provider: "Amazon"
focus: "ML on AWS"
prerequisites: "AWS experience"
topics:
- Data engineering
- Modeling
- ML implementation
- Security considerations
format: "Exam-based"
value: "Cloud-focused, practical"
Core Security Certifications:
OSCP:
provider: "Offensive Security"
relevance: "Penetration testing methodology"
ai_application: "API testing, infrastructure attacks"
difficulty: "High"
recommendation: "Highly recommended"
GPEN:
provider: "SANS"
relevance: "Enterprise penetration testing"
ai_application: "Comprehensive testing approach"
difficulty: "Medium-High"
recommendation: "Recommended"
CEH:
provider: "EC-Council"
relevance: "Ethical hacking fundamentals"
ai_application: "Basic attack techniques"
difficulty: "Medium"
recommendation: "Good starting point"
CISSP:
provider: "(ISC)²"
relevance: "Security architecture"
ai_application: "Security program design"
difficulty: "High"
recommendation: "For senior roles"
CCSP:
provider: "(ISC)²"
relevance: "Cloud security"
ai_application: "Cloud-hosted AI systems"
difficulty: "High"
recommendation: "For cloud-focused roles"
class AISecurityCTFs:
"""Catalog of AI security CTF competitions."""
CTF_CATALOG = {
"Tensor Trust": {
"focus": "Prompt injection defense",
"type": "ongoing",
"difficulty": "beginner_to_advanced",
"url": "https://tensortrust.ai/",
"skills_tested": [
"Prompt injection attack",
"Defense strategies",
"Jailbreak techniques"
],
"prizes": "Leaderboard ranking"
},
"HackAPrompt": {
"focus": "LLM jailbreaking",
"type": "annual",
"difficulty": "all_levels",
"organizer": "Learn Prompting",
"skills_tested": [
"Prompt engineering",
"Safety bypass",
"Creative attacks"
],
"prizes": "$35,000+ total"
},
"AI Village CTF": {
"focus": "General AI security",
"type": "annual",
"venue": "DEF CON",
"difficulty": "intermediate_to_expert",
"skills_tested": [
"Model attacks",
"Adversarial ML",
"LLM exploitation"
],
"prizes": "Recognition, swag"
},
"Adversarial ML CTF": {
"focus": "Image classification attacks",
"type": "conference",
"venue": "NeurIPS, CVPR",
"difficulty": "advanced",
"skills_tested": [
"Adversarial examples",
"Evasion attacks",
"Robustness evaluation"
],
"prizes": "Research recognition"
},
"Gandalf": {
"focus": "Prompt injection levels",
"type": "ongoing",
"difficulty": "beginner_to_intermediate",
"url": "https://gandalf.lakera.ai/",
"skills_tested": [
"Progressive prompt injection",
"Filter bypass",
"Secret extraction"
],
"prizes": "Learning experience"
}
}
Platforms:
Lakera (Red Team Arena):
focus: "LLM security"
cost: "Free"
features:
- Prompt injection challenges
- Jailbreak scenarios
- Leaderboard
url: "https://gandalf.lakera.ai/"
HackTheBox AI Labs:
focus: "AI/ML security"
cost: "Premium"
features:
- Realistic environments
- Progressive difficulty
- Write-ups available
url: "https://www.hackthebox.com/"
TryHackMe AI Paths:
focus: "Learning paths"
cost: "Freemium"
features:
- Guided learning
- AI security rooms
- Certificates
url: "https://tryhackme.com/"
PentesterLab:
focus: "Web + API security"
cost: "Subscription"
features:
- API testing skills
- Applicable to AI APIs
- Exercises with solutions
url: "https://pentesterlab.com/"
class LearningPathGenerator:
"""Generate personalized learning paths."""
PATHS = {
"beginner": {
"duration": "6 months",
"prerequisites": ["Basic Python", "Linux fundamentals"],
"modules": [
{
"name": "ML/DL Fundamentals",
"resources": [
"Fast.ai: Practical Deep Learning",
"Coursera: Machine Learning (Andrew Ng)",
"HuggingFace NLP Course"
],
"duration": "2 months"
},
{
"name": "Security Basics",
"resources": [
"TryHackMe: Pre-Security Path",
"OWASP Web Security Testing Guide",
"PortSwigger Web Security Academy"
],
"duration": "2 months"
},
{
"name": "AI Security Introduction",
"resources": [
"Gandalf (Lakera) - All levels",
"OWASP LLM Top 10 Study",
"Introduction to Adversarial ML (course)"
],
"duration": "2 months"
}
],
"certifications": ["CompTIA Security+", "AI-900"]
},
"intermediate": {
"duration": "12 months",
"prerequisites": ["ML experience", "Security fundamentals"],
"modules": [
{
"name": "Adversarial ML Deep Dive",
"resources": [
"Stanford CS234: Adversarial Robustness",
"ART (IBM) Tutorials",
"TextAttack Documentation"
],
"duration": "3 months"
},
{
"name": "LLM Security Specialization",
"resources": [
"PyRIT Documentation & Labs",
"garak Tool Mastery",
"Prompt Injection Research Papers"
],
"duration": "3 months"
},
{
"name": "Tool Development",
"resources": [
"Build custom probes for garak",
"PyRIT orchestrator development",
"Contribute to open source"
],
"duration": "3 months"
},
{
"name": "CTF Competition",
"resources": [
"Participate in AI Village CTF",
"HackAPrompt competition",
"Create CTF challenges"
],
"duration": "3 months"
}
],
"certifications": ["OSCP", "Google AI Red Team"]
},
"advanced": {
"duration": "24+ months",
"prerequisites": ["AI red team experience", "Research background"],
"modules": [
{
"name": "Original Research",
"resources": [
"Read latest papers (arXiv, OpenReview)",
"Conduct novel research",
"Publish findings"
],
"duration": "Ongoing"
},
{
"name": "Thought Leadership",
"resources": [
"Conference speaking (DEF CON, NeurIPS)",
"Blog writing",
"Tool development"
],
"duration": "Ongoing"
},
{
"name": "Mentorship",
"resources": [
"Mentor junior practitioners",
"Create training content",
"Community building"
],
"duration": "Ongoing"
}
],
"certifications": ["CISSP", "CAISP"]
}
}
Essential Reading:
Books:
- title: "Adversarial Machine Learning"
authors: "Joseph et al."
focus: "Attack and defense fundamentals"
level: "Intermediate"
- title: "Trustworthy Machine Learning"
authors: "Kang et al."
focus: "Safety, fairness, privacy"
level: "Advanced"
- title: "The Art of Prompt Engineering"
focus: "LLM interaction patterns"
level: "Beginner-Intermediate"
Research Papers:
- "Ignore This Title and HackAPrompt" (2023)
- "Universal and Transferable Adversarial Attacks" (2023)
- "Extracting Training Data from LLMs" (2023)
- "Jailbreaking LLMs: A Comprehensive Study" (2024)
Industry Reports:
- "OWASP LLM Top 10 2025"
- "NIST AI Risk Management Framework"
- "MITRE ATLAS Adversarial Threat Landscape"
- "Microsoft AI Red Team Reports"
class SkillTracker:
"""Track skill development progress."""
SKILL_MATRIX = {
"technical": {
"python_proficiency": ["basic", "intermediate", "advanced", "expert"],
"ml_fundamentals": ["none", "basic", "intermediate", "advanced"],
"adversarial_ml": ["none", "basic", "intermediate", "advanced"],
"llm_security": ["none", "basic", "intermediate", "advanced"],
"tool_proficiency": ["none", "user", "developer", "contributor"],
},
"offensive": {
"prompt_injection": ["none", "basic", "intermediate", "advanced"],
"jailbreaking": ["none", "basic", "intermediate", "advanced"],
"model_extraction": ["none", "basic", "intermediate", "advanced"],
"adversarial_examples": ["none", "basic", "intermediate", "advanced"],
},
"defensive": {
"input_validation": ["none", "basic", "intermediate", "advanced"],
"guardrails": ["none", "basic", "intermediate", "advanced"],
"monitoring": ["none", "basic", "intermediate", "advanced"],
"incident_response": ["none", "basic", "intermediate", "advanced"],
},
"professional": {
"reporting": ["none", "basic", "intermediate", "advanced"],
"communication": ["none", "basic", "intermediate", "advanced"],
"research": ["none", "basic", "intermediate", "advanced"],
"mentorship": ["none", "basic", "intermediate", "advanced"],
}
}
def generate_development_plan(self, current_skills, target_role):
"""Generate personalized development plan."""
gaps = self._identify_gaps(current_skills, target_role)
return DevelopmentPlan(
gaps=gaps,
resources=self._recommend_resources(gaps),
timeline=self._estimate_timeline(gaps),
milestones=self._set_milestones(gaps)
)
Communities:
AI Village:
platform: "Discord, DEF CON"
focus: "AI security research"
activities: "CTFs, talks, research"
url: "https://aivillage.org/"
OWASP AI Security:
platform: "OWASP Slack, GitHub"
focus: "AI application security"
activities: "Projects, documentation"
url: "https://owasp.org/www-project-ai-security/"
MLSecOps:
platform: "Slack, Conferences"
focus: "ML security operations"
activities: "Best practices, tools"
AI Safety:
platform: "Various"
focus: "AI alignment and safety"
activities: "Research, discussion"
Issue: Don't know where to start
Solution: Begin with Gandalf challenges, then TryHackMe AI rooms
Issue: Certification too expensive
Solution: Focus on free CTFs and open-source tool contributions
Issue: No practical experience
Solution: Participate in bug bounties, contribute to open source
Issue: Skill plateau
Solution: Try research, teaching, or tool development
| Component | Purpose |
|---|---|
| Agent 01 | Career guidance |
| /analyze | Skill gap analysis |
| Community | Networking |
| CTF platforms | Practical experience |
Build AI security expertise through structured learning.