06-06-2024, 02:33 AM
salespage: https://jhaddix.gumroad.com/l/rbpai
Over the course of the last year and a half, I've been working on a new course. My area of expertise is usually offensive security, but through my consulting, advising, and leadership roles, I've been exposed to almost every part of a security program. Not only have I had the tremendous opportunity to learn in many domains, but I've also had the luck to work at different organizations that are at various stages of their security program.
Shortly after the initial launch of ChatGPT 3.5, I caught the bug of being obsessed with generative AI.
Being similarly obsessed with both topics, cybersecurity and AI, I began to develop tools in private and then to build a talk on current generation AI and LLM helpers for security.
I gave that talk privately to a group of about 500 security professionals. Out of all the presentations in my career and having spoken all around the world, I think I got the most praise and feedback for that than any other.
So, I came home immediately and started building what I think is a one-of-a-kind course.
Red Blue Purple AI reverse engineers security programs, and security people's day-to-day needs. It maps these out in an easy-to-understand way and teaches security professionals how to supercharge their abilities.
Below is a high-level structure of the syllabus, but as some of the class is super secret sauce, most of the content will be covered live during the class.
By the end of the course the student should be well-prepared to apply the knowledge from the course to build their own world-class bots.
I am genuinely so ecstatic to launch this course and I am sincerely hoping that you all enjoy it as much as I am enjoying building it.
See you in Red Blue Purple AI.
Course Schedule:
May 30th-31st , 9am-5pm MST
(Syllabus subject to change as the course is activley being developed and the AI landscape moves VERY fast)
Section 1 - LLMs for Power Users:
The class begins by giving away my homegrown tips and tricks for prompt engineering and building world-class LLM bots. My personal bot, SecGPT, has over 10,000 uses on the GPT store and is in the top 100 in the "research" category for OpenAI. It outperforms every other bot in the security realm by far, and I will teach the students how to make bots just like it for their purposes. This includes going over prompt engineering, common misconceptions about LLMs, configuration of key settings for security work, problem solving steps, and more.
Some Topics:
Limitations of LLMs
Problem solving for the human brain
Problem solving with an LLM
Point in time discussion of best models
(BETA) Seed
Agents and Cross Talk
RAG
API Basics
Privacy
Chain of Thought
Prompt Engineering for Security:
System Instruction
Temperature
Context Windows and Tokens
Structure
Sampling
Language
Sub Training and Files
Weird Machine Tricks
Single Shot vs Multi-Shot
Section 2 - Breaking Down Security:
After diving into the environment around getting set up, we will begin to reverse engineer what components security programs have. We will split the domains of security into red, blue, and purple topics.
Section 3 - Red AI:
Some Topics covered:
AI in internal and consultant based offensive security.
Automation building via AI
Phishing augmentation via AI
Vulnerabilty Management augmented by AI
Exploit dev and modification with AI
Documentation and Reporting
Tool Development
Appsec analysis topics
Section 4 - Blue AI:
Some Topics covered:
The Open and Closed Source Landscape
SOC Duties and AI Helpers
CTI Duties and AI Helpers
Threat Hunting Duties and AI Helpers
DFIR Duties and AI Helpers
Section 5 - Purple AI:
Some Topics covered:
The Open and Closed Source Landscape
Tabletopping
Attack Simulation and Automation
MITRE ATT&CK and Atomics
Using AI for Security Program Maturity Assessment and Enhancement
AI in Security Training: Customized Training Modules and Simulations, paved road integration and documentation
Security Engineering and Product Security topics - Architecture, Configuration, Security as Code.
Section 6 - Silver AI:
Some Topics covered:
Leadership and program management topics aided by AI
Section 7 - Future Tech:
A conversation about capabilities on the horizon and how to be early adopters.
Over the course of the last year and a half, I've been working on a new course. My area of expertise is usually offensive security, but through my consulting, advising, and leadership roles, I've been exposed to almost every part of a security program. Not only have I had the tremendous opportunity to learn in many domains, but I've also had the luck to work at different organizations that are at various stages of their security program.
Shortly after the initial launch of ChatGPT 3.5, I caught the bug of being obsessed with generative AI.
Being similarly obsessed with both topics, cybersecurity and AI, I began to develop tools in private and then to build a talk on current generation AI and LLM helpers for security.
I gave that talk privately to a group of about 500 security professionals. Out of all the presentations in my career and having spoken all around the world, I think I got the most praise and feedback for that than any other.
So, I came home immediately and started building what I think is a one-of-a-kind course.
Red Blue Purple AI reverse engineers security programs, and security people's day-to-day needs. It maps these out in an easy-to-understand way and teaches security professionals how to supercharge their abilities.
Below is a high-level structure of the syllabus, but as some of the class is super secret sauce, most of the content will be covered live during the class.
By the end of the course the student should be well-prepared to apply the knowledge from the course to build their own world-class bots.
I am genuinely so ecstatic to launch this course and I am sincerely hoping that you all enjoy it as much as I am enjoying building it.
See you in Red Blue Purple AI.
Course Schedule:
May 30th-31st , 9am-5pm MST
(Syllabus subject to change as the course is activley being developed and the AI landscape moves VERY fast)
Section 1 - LLMs for Power Users:
The class begins by giving away my homegrown tips and tricks for prompt engineering and building world-class LLM bots. My personal bot, SecGPT, has over 10,000 uses on the GPT store and is in the top 100 in the "research" category for OpenAI. It outperforms every other bot in the security realm by far, and I will teach the students how to make bots just like it for their purposes. This includes going over prompt engineering, common misconceptions about LLMs, configuration of key settings for security work, problem solving steps, and more.
Some Topics:
Limitations of LLMs
Problem solving for the human brain
Problem solving with an LLM
Point in time discussion of best models
(BETA) Seed
Agents and Cross Talk
RAG
API Basics
Privacy
Chain of Thought
Prompt Engineering for Security:
System Instruction
Temperature
Context Windows and Tokens
Structure
Sampling
Language
Sub Training and Files
Weird Machine Tricks
Single Shot vs Multi-Shot
Section 2 - Breaking Down Security:
After diving into the environment around getting set up, we will begin to reverse engineer what components security programs have. We will split the domains of security into red, blue, and purple topics.
Section 3 - Red AI:
Some Topics covered:
AI in internal and consultant based offensive security.
Automation building via AI
Phishing augmentation via AI
Vulnerabilty Management augmented by AI
Exploit dev and modification with AI
Documentation and Reporting
Tool Development
Appsec analysis topics
Section 4 - Blue AI:
Some Topics covered:
The Open and Closed Source Landscape
SOC Duties and AI Helpers
CTI Duties and AI Helpers
Threat Hunting Duties and AI Helpers
DFIR Duties and AI Helpers
Section 5 - Purple AI:
Some Topics covered:
The Open and Closed Source Landscape
Tabletopping
Attack Simulation and Automation
MITRE ATT&CK and Atomics
Using AI for Security Program Maturity Assessment and Enhancement
AI in Security Training: Customized Training Modules and Simulations, paved road integration and documentation
Security Engineering and Product Security topics - Architecture, Configuration, Security as Code.
Section 6 - Silver AI:
Some Topics covered:
Leadership and program management topics aided by AI
Section 7 - Future Tech:
A conversation about capabilities on the horizon and how to be early adopters.