| name | certifications-training |
| version | 2.0.0 |
| description | Professional certifications, CTF competitions, and training resources for AI security practitioners |
| sasmp_version | 1.3.0 |
| bonded_agent | 01-red-team-commander |
| bond_type | SECONDARY_BOND |
| input_schema | [object Object] |
| output_schema | [object Object] |
| owasp_llm_2025 | LLM01, LLM02, LLM03, LLM04, LLM05, LLM06, LLM07, LLM08, LLM09, LLM10 |
| nist_ai_rmf | Govern, Map, Measure, Manage |
AI Security Certifications & Training
Build professional expertise through certifications, CTFs, and structured training programs.
Quick Reference
Skill: certifications-training
Agent: 01-red-team-lead
OWASP: Full LLM Top 10 Coverage
NIST: Govern, Map, Measure, Manage
Use Case: Professional development
Career Progression Map
┌────────────────────────────────────────────────────────────────────┐
│ AI SECURITY CAREER PATH │
├────────────────────────────────────────────────────────────────────┤
│ │
│ ENTRY LEVEL (0-2 years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ Security Analyst → AI Security Analyst → Jr. Red Team │ │
│ │ Skills: Python, ML basics, Security fundamentals │ │
│ │ Certs: Security+, AI Fundamentals, CEH │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ ↓ │
│ MID LEVEL (2-5 years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ AI Red Team Engineer → Senior Red Team → Team Lead │ │
│ │ Skills: Adversarial ML, LLM security, Tool development │ │
│ │ Certs: OSCP, CAISP, Cloud AI certs │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ ↓ │
│ SENIOR LEVEL (5+ years) │
│ ┌─────────────────────────────────────────────────────────────┐ │
│ │ Principal → Director → CISO (AI Focus) │ │
│ │ Skills: Strategy, Research, Thought leadership │ │
│ │ Certs: CISSP, Research publications, Speaking │ │
│ └─────────────────────────────────────────────────────────────┘ │
│ │
└────────────────────────────────────────────────────────────────────┘
Professional Certifications
AI/ML Security Specific
Certifications:
CAISP (Certified AI Security Professional):
provider: "(ISC)²"
focus: "AI Security Architecture"
prerequisites: "5 years security experience"
domains:
- AI/ML Security Fundamentals
- Secure AI Development
- AI Threat Modeling
- AI Governance & Compliance
renewal: "3 years, CPE credits"
value: "Industry recognized, comprehensive"
Google AI Red Team Certificate:
provider: "Google"
focus: "LLM Security Testing"
prerequisites: "ML experience recommended"
topics:
- Prompt injection attacks
- Model extraction
- Safety evaluation
- Responsible disclosure
format: "Online, self-paced"
value: "Vendor-specific, practical"
Microsoft AI-900:
provider: "Microsoft"
focus: "Azure AI Fundamentals"
prerequisites: "None"
topics:
- AI/ML concepts
- Azure AI services
- Responsible AI principles
format: "Exam-based"
value: "Entry-level, cloud-focused"
AWS Machine Learning Specialty:
provider: "Amazon"
focus: "ML on AWS"
prerequisites: "AWS experience"
topics:
- Data engineering
- Modeling
- ML implementation
- Security considerations
format: "Exam-based"
value: "Cloud-focused, practical"
Traditional Security (AI-Applicable)
Core Security Certifications:
OSCP:
provider: "Offensive Security"
relevance: "Penetration testing methodology"
ai_application: "API testing, infrastructure attacks"
difficulty: "High"
recommendation: "Highly recommended"
GPEN:
provider: "SANS"
relevance: "Enterprise penetration testing"
ai_application: "Comprehensive testing approach"
difficulty: "Medium-High"
recommendation: "Recommended"
CEH:
provider: "EC-Council"
relevance: "Ethical hacking fundamentals"
ai_application: "Basic attack techniques"
difficulty: "Medium"
recommendation: "Good starting point"
CISSP:
provider: "(ISC)²"
relevance: "Security architecture"
ai_application: "Security program design"
difficulty: "High"
recommendation: "For senior roles"
CCSP:
provider: "(ISC)²"
relevance: "Cloud security"
ai_application: "Cloud-hosted AI systems"
difficulty: "High"
recommendation: "For cloud-focused roles"
CTF Competitions
AI/ML Focused CTFs
class AISecurityCTFs:
"""Catalog of AI security CTF competitions."""
CTF_CATALOG = {
"Tensor Trust": {
"focus": "Prompt injection defense",
"type": "ongoing",
"difficulty": "beginner_to_advanced",
"url": "https://tensortrust.ai/",
"skills_tested": [
"Prompt injection attack",
"Defense strategies",
"Jailbreak techniques"
],
"prizes": "Leaderboard ranking"
},
"HackAPrompt": {
"focus": "LLM jailbreaking",
"type": "annual",
"difficulty": "all_levels",
"organizer": "Learn Prompting",
"skills_tested": [
"Prompt engineering",
"Safety bypass",
"Creative attacks"
],
"prizes": "$35,000+ total"
},
"AI Village CTF": {
"focus": "General AI security",
"type": "annual",
"venue": "DEF CON",
"difficulty": "intermediate_to_expert",
"skills_tested": [
"Model attacks",
"Adversarial ML",
"LLM exploitation"
],
"prizes": "Recognition, swag"
},
"Adversarial ML CTF": {
"focus": "Image classification attacks",
"type": "conference",
"venue": "NeurIPS, CVPR",
"difficulty": "advanced",
"skills_tested": [
"Adversarial examples",
"Evasion attacks",
"Robustness evaluation"
],
"prizes": "Research recognition"
},
"Gandalf": {
"focus": "Prompt injection levels",
"type": "ongoing",
"difficulty": "beginner_to_intermediate",
"url": "https://gandalf.lakera.ai/",
"skills_tested": [
"Progressive prompt injection",
"Filter bypass",
"Secret extraction"
],
"prizes": "Learning experience"
}
}
Practice Platforms
Platforms:
Lakera (Red Team Arena):
focus: "LLM security"
cost: "Free"
features:
- Prompt injection challenges
- Jailbreak scenarios
- Leaderboard
url: "https://gandalf.lakera.ai/"
HackTheBox AI Labs:
focus: "AI/ML security"
cost: "Premium"
features:
- Realistic environments
- Progressive difficulty
- Write-ups available
url: "https://www.hackthebox.com/"
TryHackMe AI Paths:
focus: "Learning paths"
cost: "Freemium"
features:
- Guided learning
- AI security rooms
- Certificates
url: "https://tryhackme.com/"
PentesterLab:
focus: "Web + API security"
cost: "Subscription"
features:
- API testing skills
- Applicable to AI APIs
- Exercises with solutions
url: "https://pentesterlab.com/"
Training Resources
Structured Learning Paths
class LearningPathGenerator:
"""Generate personalized learning paths."""
PATHS = {
"beginner": {
"duration": "6 months",
"prerequisites": ["Basic Python", "Linux fundamentals"],
"modules": [
{
"name": "ML/DL Fundamentals",
"resources": [
"Fast.ai: Practical Deep Learning",
"Coursera: Machine Learning (Andrew Ng)",
"HuggingFace NLP Course"
],
"duration": "2 months"
},
{
"name": "Security Basics",
"resources": [
"TryHackMe: Pre-Security Path",
"OWASP Web Security Testing Guide",
"PortSwigger Web Security Academy"
],
"duration": "2 months"
},
{
"name": "AI Security Introduction",
"resources": [
"Gandalf (Lakera) - All levels",
"OWASP LLM Top 10 Study",
"Introduction to Adversarial ML (course)"
],
"duration": "2 months"
}
],
"certifications": ["CompTIA Security+", "AI-900"]
},
"intermediate": {
"duration": "12 months",
"prerequisites": ["ML experience", "Security fundamentals"],
"modules": [
{
"name": "Adversarial ML Deep Dive",
"resources": [
"Stanford CS234: Adversarial Robustness",
"ART (IBM) Tutorials",
"TextAttack Documentation"
],
"duration": "3 months"
},
{
"name": "LLM Security Specialization",
"resources": [
"PyRIT Documentation & Labs",
"garak Tool Mastery",
"Prompt Injection Research Papers"
],
"duration": "3 months"
},
{
"name": "Tool Development",
"resources": [
"Build custom probes for garak",
"PyRIT orchestrator development",
"Contribute to open source"
],
"duration": "3 months"
},
{
"name": "CTF Competition",
"resources": [
"Participate in AI Village CTF",
"HackAPrompt competition",
"Create CTF challenges"
],
"duration": "3 months"
}
],
"certifications": ["OSCP", "Google AI Red Team"]
},
"advanced": {
"duration": "24+ months",
"prerequisites": ["AI red team experience", "Research background"],
"modules": [
{
"name": "Original Research",
"resources": [
"Read latest papers (arXiv, OpenReview)",
"Conduct novel research",
"Publish findings"
],
"duration": "Ongoing"
},
{
"name": "Thought Leadership",
"resources": [
"Conference speaking (DEF CON, NeurIPS)",
"Blog writing",
"Tool development"
],
"duration": "Ongoing"
},
{
"name": "Mentorship",
"resources": [
"Mentor junior practitioners",
"Create training content",
"Community building"
],
"duration": "Ongoing"
}
],
"certifications": ["CISSP", "CAISP"]
}
}
Key Publications
Essential Reading:
Books:
- title: "Adversarial Machine Learning"
authors: "Joseph et al."
focus: "Attack and defense fundamentals"
level: "Intermediate"
- title: "Trustworthy Machine Learning"
authors: "Kang et al."
focus: "Safety, fairness, privacy"
level: "Advanced"
- title: "The Art of Prompt Engineering"
focus: "LLM interaction patterns"
level: "Beginner-Intermediate"
Research Papers:
- "Ignore This Title and HackAPrompt" (2023)
- "Universal and Transferable Adversarial Attacks" (2023)
- "Extracting Training Data from LLMs" (2023)
- "Jailbreaking LLMs: A Comprehensive Study" (2024)
Industry Reports:
- "OWASP LLM Top 10 2025"
- "NIST AI Risk Management Framework"
- "MITRE ATLAS Adversarial Threat Landscape"
- "Microsoft AI Red Team Reports"
Skill Development Tracker
class SkillTracker:
"""Track skill development progress."""
SKILL_MATRIX = {
"technical": {
"python_proficiency": ["basic", "intermediate", "advanced", "expert"],
"ml_fundamentals": ["none", "basic", "intermediate", "advanced"],
"adversarial_ml": ["none", "basic", "intermediate", "advanced"],
"llm_security": ["none", "basic", "intermediate", "advanced"],
"tool_proficiency": ["none", "user", "developer", "contributor"],
},
"offensive": {
"prompt_injection": ["none", "basic", "intermediate", "advanced"],
"jailbreaking": ["none", "basic", "intermediate", "advanced"],
"model_extraction": ["none", "basic", "intermediate", "advanced"],
"adversarial_examples": ["none", "basic", "intermediate", "advanced"],
},
"defensive": {
"input_validation": ["none", "basic", "intermediate", "advanced"],
"guardrails": ["none", "basic", "intermediate", "advanced"],
"monitoring": ["none", "basic", "intermediate", "advanced"],
"incident_response": ["none", "basic", "intermediate", "advanced"],
},
"professional": {
"reporting": ["none", "basic", "intermediate", "advanced"],
"communication": ["none", "basic", "intermediate", "advanced"],
"research": ["none", "basic", "intermediate", "advanced"],
"mentorship": ["none", "basic", "intermediate", "advanced"],
}
}
def generate_development_plan(self, current_skills, target_role):
"""Generate personalized development plan."""
gaps = self._identify_gaps(current_skills, target_role)
return DevelopmentPlan(
gaps=gaps,
resources=self._recommend_resources(gaps),
timeline=self._estimate_timeline(gaps),
milestones=self._set_milestones(gaps)
)
Community Resources
Communities:
AI Village:
platform: "Discord, DEF CON"
focus: "AI security research"
activities: "CTFs, talks, research"
url: "https://aivillage.org/"
OWASP AI Security:
platform: "OWASP Slack, GitHub"
focus: "AI application security"
activities: "Projects, documentation"
url: "https://owasp.org/www-project-ai-security/"
MLSecOps:
platform: "Slack, Conferences"
focus: "ML security operations"
activities: "Best practices, tools"
AI Safety:
platform: "Various"
focus: "AI alignment and safety"
activities: "Research, discussion"
Troubleshooting
Issue: Don't know where to start
Solution: Begin with Gandalf challenges, then TryHackMe AI rooms
Issue: Certification too expensive
Solution: Focus on free CTFs and open-source tool contributions
Issue: No practical experience
Solution: Participate in bug bounties, contribute to open source
Issue: Skill plateau
Solution: Try research, teaching, or tool development
Integration Points
| Component | Purpose |
|---|---|
| Agent 01 | Career guidance |
| /analyze | Skill gap analysis |
| Community | Networking |
| CTF platforms | Practical experience |
Build AI security expertise through structured learning.