Visão Geral
Este curso aborda os principais aspectos de segurança relacionados aos Large Language Models (LLMs) e às aplicações de Inteligência Artificial Generativa. O participante aprenderá a identificar, avaliar e mitigar riscos associados ao uso de modelos de linguagem em ambientes corporativos, incluindo ataques de Prompt Injection, Jailbreaks, vazamento de dados, manipulação de modelos, vulnerabilidades em arquiteturas RAG, segurança de agentes de IA e governança de aplicações baseadas em LLMs. O curso combina fundamentos teóricos, práticas defensivas e estratégias de segurança para implementação segura de soluções de IA Generativa.
Conteúdo Programatico
Module 1: Introduction to LLM Security
- Evolution of AI security challenges
- Security landscape of Generative AI
- LLM threat models
- Enterprise risk considerations
- Security principles for AI systems
- Overview of AI security frameworks
Module 2: Foundations of LLM Architecture and Risk
- Transformer architecture review
- LLM operational lifecycle
- Model attack surfaces
- Data flow analysis
- Trust boundaries in AI systems
- Security-by-design principles
Module 3: Prompt Injection Attacks
- Prompt injection fundamentals
- Direct injection techniques
- Indirect injection techniques
- Retrieval-based prompt attacks
- Detection methodologies
- Defensive strategies
Module 4: Jailbreak Techniques and Mitigation
- Understanding jailbreak attacks
- Adversarial prompting techniques
- Safety bypass methods
- Model manipulation scenarios
- Detection and prevention controls
- Resilience testing approaches
Module 5: Data Security and Privacy Protection
- Sensitive data exposure risks
- Personally identifiable information protection
- Data classification strategies
- Secure prompt handling
- Privacy-preserving architectures
- Regulatory compliance requirements
Module 6: RAG Security
- RAG architecture attack surfaces
- Retrieval manipulation attacks
- Malicious document injection
- Vector database security
- Context poisoning risks
- Secure retrieval strategies
Module 7: AI Agent Security
- Agent architecture risks
- Tool abuse scenarios
- Permission management
- Secure agent design
- Multi-agent security considerations
- Operational safeguards
Module 8: Model and Supply Chain Security
- Model provenance verification
- Open-source model risks
- Dependency management
- Model integrity validation
- Supply chain attack scenarios
- Secure model deployment practices
Module 9: Security Monitoring and Detection
- AI security monitoring
- Threat detection strategies
- Security logging and telemetry
- Anomaly detection techniques
- Incident response integration
- Continuous security assessment
Module 10: Governance, Risk and Compliance
- AI governance frameworks
- Risk management methodologies
- Compliance requirements
- Audit and accountability practices
- Security policy development
- Responsible AI principles
Module 11: Secure Enterprise LLM Architecture
- Secure architecture patterns
- Identity and access management
- API security controls
- Zero Trust principles for AI
- Secure deployment strategies
- Enterprise security integration
Module 12: LLM Security Workshop
- Prompt injection testing exercises
- Jailbreak assessment laboratories
- RAG security validation
- AI agent security scenarios
- Governance and compliance assessments
- Final enterprise LLM security project