Building Secure AI Agents: Defense-First Development

Build AI agents that resist prompt injection, tool exploitation, and data exfiltration from the ground up

Course Format and Delivery

Delivery Method: LiveOnline
Schedule: 3 hours

All sessions are delivered live by an expert instructor in a fully interactive online environment.

*20% off for group bookings when booking 3 or more attendees from the same organization on the same course dates in the same transaction.

About this course

AI agents are the fastest-growing attack surface in enterprise software. CVE-2026-25592 and CVE-2026-26030 turned Microsoft Semantic Kernel prompt injection into full host RCE. CVE 2026-44338 gave PraisonAI attackers remote code execution, probed within 3h44m of disclosure. The Mercor/LiteLLM supply-chain breach exposed API keys across thousands of deployments. Meanwhile, researchers demonstrated that 1% poisoned vectors can contaminate 99.85% of RAG query results, and the Involuntary In-Context Learning (IICL) bypass achieves a 60% success rate against safety guardrails.

This half-day workshop teaches developers to build agents that are secure by design. Unlike the AI Red Team Challenge (attack-focused) or the 2- day Enterprise AI Security course (comprehensive security program), this workshop is specifically for agent builders who need practical, code-level defensive patterns they can apply immediately to their agent development workflow.

What you will need

Experience building AI agents (via the AI Accelerator, agents workshop, or equivalent). Comfort with Python and basic understanding of agent architectures (ReAct, tool calling, MCP)

Topics Covered

Input validation and sanitization for:

LLM-powered systems,
Prompt injection defense patterns (system prompt hardening, output filtering, canary tokens),
Secure tool calling (JWT auth, per-tool scopes, least-privilege sandboxing),
MCP server security (authentication, authorization, rate limiting, transport security),
RAG pipeline hardening (source allowlists, embedding integrity checks, retrieval-result validation),
Agent output guardrails (PII detection, content filtering, response boundaries),
Secure memory and context management,
And dependency/supply-chain security for agent frameworks.

Labs use a deliberately vulnerable agent that participants progressively harden

Brent Laster

Facilitator

Brent Laster is a global trainer, author, speaker, and founder/president of Tech Skills Transformations LLC. He helps enterprise teams adopt modern software practices in AI engineering, AI-assisted development, DevOps, automation, and secure software delivery. He is the author of Learning GitHub Copilot, Learning GitHub Actions, Professional Git, and Jenkins 2: Up and Running, as well as multiple online and live training programs for companies such as O'Reilly. In addition to AI expertise, Brent brings more than 25 years of experience in software development, management and technical leadership, DevOps, release engineering, and open-source technologies. He regularly presents and conducts workshops at industry conferences and for private clients.