Enterprise AI Security: From Blueprint to Implementation
A 2-day intensive building enterprise AI defenses across the full stack — from RAG pipelines and prompt injection through agent security, MCP hardening, and operational controls
Course Format and Delivery
Delivery Method: LiveOnline
Schedule: 2 days
All sessions are delivered live by an expert instructor in a fully interactive online environment.
*20% off for group bookings when booking 3 or more attendees from the same organization on the same course dates in the same transaction.
About this course
97% of breached organizations had no proper AI controls in place. CVE-2026-25592 turned Semantic Kernel prompt injection into full host RCE. Researchers demonstrated that 1% poisoned vectors contaminate 99.85% of RAG query results. AI agents are the fastest-growing attack surface in enterprise software, yet most organizations deploy them with ad hoc security at best.
This 2-day intensive equips enterprise teams with the knowledge and hands-on skills to secure AI systems across the full stack — from RAG pipelines and AI agents to MCP tool integrations and production operations. Participants work through a battle-tested six-layer security blueprint (identity, data boundaries, prompt defenses, model governance, audit trails, operational controls) while building real defenses against the attacks that matter most: document poisoning, prompt injection, agent manipulation, tool abuse, and data exfiltration. Every concept is reinforced with hands-on labs where attendees first observe attacks succeeding on vulnerable systems, then implement and verify layered defenses.
By the end, participants have a concrete implementation roadmap and a Monday-morning checklist for immediate action.
What you will need
Basic familiarity with Python (reading and running scripts). General understanding of how LLMs and AI applications work. A laptop with a modern browser (Chrome recommended) and GitHub account. No prior AI security experience required.
For software engineers, security practitioners, DevOps/platform engineers, engineering managers, architects, and technical leaders responsible for building or governing AI systems. Content is primarily technical but structured so that leaders and decision-makers gain the strategic context needed to fund, prioritize, and oversee AI security initiatives. Day 1 covers AI security foundations and data protection: the OWASP Top 10 for LLM Applications (2025), the six-layer enterprise security blueprint, policy engine design, RAG attack and defense (document poisoning, defense in depth), PII tokenization, multi-tenant context isolation, and prompt injection defense patterns (direct, indirect, canary tokens, behavioral boundaries). Day 2 covers agent security, MCP, and enterprise operations: supervisor multi-agent patterns with budget enforcement, agent manipulation defenses, MCP authentication/authorization/per-tool scopes, MCP defense in depth (rate limiting, input validation, output sanitization), model governance and registry, structured audit trails, operational controls (kill switches, cost caps), and a capstone applying the full six-layer blueprint. 16 hands-on labs across both days, all running in GitHub Codespaces. Approximately 35% lecture, 65% hands-on labs.
Topics Covered
Day 1: AI Security Foundations & Data Protection
| Time | Topic | Type |
| 9:00–9:30 | Welcome, threat landscape overview, environment setup | Setup |
| 9:30–10:15 | Why AI security is different, real-world incidents, the implementation gap | Lecture |
| 10:15–11:00 | OWASP Top 10 for LLMs, six-layer blueprint, policy engine framework | Lecture |
| 11:00–11:15 | Break | Break |
| 11:15–11:45 | Lab 1: AI Threat Modeling with OWASP Top 10 | Hands-on |
| 11:45–12:15 | Lab 2: Policy Engine Decision Making | Hands-on |
| 12:15–1:15 | Lunch | Break |
| 1:15–2:00 | RAG security: attack surface, document poisoning, defense architecture | Lecture |
| 2:00–2:30 | Lab 3: RAG Attack — Exploiting a Vulnerable System | Hands-on |
| 2:30–3:00 | Lab 4: RAG Defense — Building Security Hardening | Hands-on |
| 3:00–3:15 | Break | Break |
| 3:15–4:00 | Context isolation, data boundaries, PII tokenization, multi-tenant security | Lecture |
| 4:00–4:30 | Lab 5: PII Detection & Tokenization Pipeline | Hands-on |
| 4:30–5:00 | Lab 6: Multi-Tenant Context Isolation | Hands-on |
| 5:00–5:30 | Prompt injection defenses: direct, indirect, four defense techniques | Lecture |
| 5:30–6:00 | Lab 7: Direct Prompt Injection — Attack & Defense | Hands-on |
| 6:00–6:30 | Lab 8: End-to-End Security Pipeline | Hands-on |
| 6:30–6:45 | Day 1 recap, Day 2 preview | Discussion |
Day 2: Agent Security, MCP & Enterprise Operations
| Time | Topic | Type |
| 9:00–9:15 | Day 1 review and questions | Discussion |
| 9:15–10:00 | Agent security: supervisor pattern, budget enforcement, threat model | Lecture |
| 10:00–10:30 | Lab 1: Supervisor Multi-Agent with Budget Enforcement | Hands-on |
| 10:30–11:00 | Lab 2: Securing Agents Against Manipulation | Hands-on |
| 11:00–11:15 | Break | Break |
| 11:15–12:00 | MCP security: authentication, authorization, tool isolation, defense in depth | Lecture |
| 12:00–12:30 | Lab 3: MCP Auth, Authorization & Per-Tool Scopes | Hands-on |
| 12:30–1:00 | Lab 4: MCP Defense in Depth — Rate Limiting, Validation & Sanitization | Hands-on |
| 1:00–2:00 | Lunch | Break |
| 2:00–2:45 | Model governance pipeline, registry, compliance; audit trails and observability | Lecture |
| 2:45–3:15 | Lab 5: Model Registry & Governance Gates | Hands-on |
| 3:15–3:45 | Lab 6: Structured Audit Trails for AI Systems | Hands-on |
| 3:45–4:00 | Break | Break |
| 4:00–4:45 | Operational controls: kill switches, cost caps, canary deployments, red teaming | Lecture |
| 4:45–5:15 | Lab 7: Operational Controls — Kill Switches & Cost Caps | Hands-on |
| 5:15–6:15 | Lab 8: Capstone — Enterprise AI Security Assessment | Hands-on |
| 6:15–6:45 | Implementation roadmap, Monday morning checklist, wrap-up | Discussion |
Facilitated By
Brent Laster
Facilitator
Brent Laster is a global trainer, author, speaker, and founder/president of Tech Skills Transformations LLC. He helps enterprise teams adopt modern software practices in AI engineering, AI-assisted development, DevOps, automation, and secure software delivery. He is the author of Learning GitHub Copilot, Learning GitHub Actions, Professional Git, and Jenkins 2: Up and Running, as well as multiple online and live training programs for companies such as O'Reilly. In addition to AI expertise, Brent brings more than 25 years of experience in software development, management and technical leadership, DevOps, release engineering, and open-source technologies. He regularly presents and conducts workshops at industry conferences and for private clients.
Questions about this Course?
Phone: 1-800-373-7028
Email: info-us@softed.com
We'd love to have the opportunity to discuss how we can assist your business.