4D Training & Consultancy

IT Security

AI System Security and LLM Threat Modeling

This in-depth course develops directly applicable capability in AI System Security and LLM Threat Modeling. It connects AI System Attack Surface, LLM-Specific Threats, and Threat Modeling and Control Selection to the decisions, controls, and activities participants need to perform in their workplace.

Duration confirmed during proposalIn-house, online, or customized deliveryCorporate teams and professional groups

Overview

Practical learning for workplace transfer.

This in-depth course develops directly applicable capability in AI System Security and LLM Threat Modeling. It connects AI System Attack Surface, LLM-Specific Threats, and Threat Modeling and Control Selection to the decisions, controls, and activities participants need to perform in their workplace. The five-module curriculum progresses toward AI Security Design Review, using evidence, scenarios, and work products appropriate to the subject.

Objectives

  • Analyze ai system attack surface, including models, prompts, vector stores, tools, agents, apis, and data pipelines.
  • Configure or structure llm-specific threats, including prompt injection, insecure output handling, model denial of service, and extraction.
  • Evaluate threat modeling and control selection, including data-flow diagrams, stride-style analysis, and misuse cases.
  • Manage security testing and monitoring, including adversarial prompt suites, tool-call tests, and retrieval attacks.
  • Apply ai security design review, including threat-model an enterprise agent or rag application.

Target audience

  • Professionals responsible for this subject area
  • Managers, supervisors, and team leaders
  • Analysts, specialists, engineers, or coordinators working with the relevant processes
  • Project, implementation, assurance, or improvement team members
  • Professionals preparing for broader responsibilities in this field

Program outline

A clear structure for the learning journey.

Program outline

Outline points are grouped in one designed block instead of being treated as separate module cards.

Module 1: AI System Attack Surface

Models, prompts, vector stores, tools, agents, APIs, and data pipelines

Trust boundaries across users, providers, plugins, and enterprise systems

Asset classification and abuse-case development

Module 2: LLM-Specific Threats

Prompt injection, insecure output handling, model denial of service, and extraction

Training-data poisoning, supply-chain compromise, and excessive agency

Sensitive information disclosure and cross-tenant leakage

Module 3: Threat Modeling and Control Selection

Data-flow diagrams, STRIDE-style analysis, and misuse cases

Controls for identity, tool permissions, sandboxing, and context isolation

Risk rating using likelihood, impact, and control strength

Module 4: Security Testing and Monitoring

Adversarial prompt suites, tool-call tests, and retrieval attacks

Telemetry for prompts, policy decisions, tools, data, and outcomes

Incident triggers, containment paths, and forensic limitations

Module 5: AI Security Design Review

Threat-model an enterprise agent or RAG application

Map risks to preventive and detective controls

Present residual risk and prioritized engineering changes

Materials provided

  • ○ Course-specific presentation slides
  • ○ Guided exercises, scenarios, or configured-environment activities appropriate to the subject
  • ○ Course-specific worksheets, checklists, or calculation templates
  • ○ Applied workplace case materials
  • ○ 4D Certificate of Completion issued by 4D Training & Consultancy
  • ○ Post-course support for implementation questions

Training Options

Programs can be delivered in-house, online, or in a blended format depending on your team's schedule, location, and learning objectives. When an external certificate or exam is included, certification rules and fees remain under the relevant awarding body's policies, while 4D provides the training and preparation support.

Why choose 4D

4D Training & Consultancy adapts the program to the client’s operating environment. Delivery combines structured explanation with subject-specific analysis, exercises, and implementation decisions so participants can transfer the learning to real responsibilities without implying vendor authorization.

Speak to 4D

Plan the right training or consultancy path for your team.

Share a few details and 4D will help route your inquiry toward corporate training, consultancy, assessment, Phoenix-enabled support, or a tailored program.