Understanding how AI-powered systems can be manipulated

Duration: 2–3 days

The first two modules covered threats that come at you from outside — AI-generated phishing, deepfakes, automated attacks at scale. This module covers a different kind of risk: the vulnerabilities you introduce when you use or build AI-powered tools.

The core concept is prompt injection — the AI-specific attack that allows malicious content to manipulate AI behavior. Unlike threats that target you directly, prompt injection exploits the fact that AI systems process external content and treat that content as instructions.

If you've completed AIWorkflows or AgenticAI courses, you're already building systems that process external data and take action based on AI outputs. If you just use AI tools in your daily work, you're already exposed to prompt injection attacks through the tools themselves. Either way, you need to understand what prompt injection is, where it happens, and what to do about it.

This module is technical — but only as technical as necessary to understand the real risks and apply the right safeguards.

Lessons

• Lesson 1: Prompt Injection: What It Is and Why It Matters — The AI-specific attack you need to understand
• Lesson 2: Prompt Injection in Tools You Use — Where you're already exposed — and what to do about it
• Lesson 3: Agentic AI and the Expanding Risk Surface — Why autonomous AI raises the stakes on every vulnerability
• Lesson 4: Supply Chain Risk: The AI in Your AI — The AI components you didn't know you were using

Exercises

Module 3 Exercises — Auditing your AI attack surface

What This Module Doesn't Cover

This module does not cover formal red-team methodology for AI systems — the structured approaches security researchers use to identify vulnerabilities in AI deployments. You won't learn the technical implementation of prompt injection defenses, which is an active research area requiring ML engineering expertise. Enterprise AI security architecture and formal AI risk assessment frameworks are outside the scope; these are for organizations building systems at scale. Adversarial machine learning research — the academic field studying how to attack and defend ML models — is also beyond this module's boundary.

If you're building AI systems professionally and need to address these areas, consult the security and ML engineering literature and consider professional security assessment.

Next Steps

After completing this module, you'll have a clear understanding of how AI-powered systems can be compromised and the safeguards that matter. Module 4 is the closing module. It covers what comes after awareness: how to evaluate new threats as they emerge, when to escalate, and what security as a sustained habit actually looks like.