FreeCourse Logo
FreeCourse.io
Verified CouponsFree CoursesJobsBlog
Categories
Home/Courses/AI Security & Governance Masterclass: Build, Attack & Defend
AI Security & Governance Masterclass: Build, Attack & Defend
IT & Software100% OFF

AI Security & Governance Masterclass: Build, Attack & Defend

Udemy Instructor
0(7 students)
Self-paced
All Levels

About this course

This course contains the use of artificial intelligence. Build the practical skills required to design, attack, secure, monitor, and govern modern AI applications in this comprehensive AI Security and Governance Masterclass. As organizations rapidly adopt generative AI, large language models, RAG applications, and autonomous AI agents, security and governance have become essential.

AI systems introduce risks that traditional application security alone cannot address, including prompt injection, jailbreak attacks, document poisoning, memory manipulation, unauthorized tool execution, sensitive data exposure, hallucinations, and uncontrolled agent actions. This course takes a hands-on, project-based approach. You will not only study AI security concepts—you will build vulnerable AI systems, attack them, understand their weaknesses, and implement practical defenses.

You will begin by setting up Python, Visual Studio Code, Git, and Ollama, then build your first AI chat assistant. You will explore the AI threat landscape, understand the OWASP Top 10 for LLM Applications, and learn how security differs across traditional software and AI-powered systems. You will perform real-world direct prompt injection and AI jailbreak attacks, then create prompt validation, risk scoring, filtering, and guardrail mechanisms.

You will build a complete Retrieval-Augmented Generation application, attack it using malicious documents, poison retrieved context, and secure it through trusted-source validation, context isolation, content sanitization, and enforcement controls. The course also covers AI tool-calling security, including parameter injection, excessive permissions, unauthorized actions, input validation, least-privilege access, and human approval for sensitive operations. You will build persistent AI memory, demonstrate memory-poisoning attacks, and implement approval and validation controls before information is stored.

As you progress, you will develop an autonomous AI agent that can plan, reason, use tools, and complete workflows. You will then secure its decision-making process using human-in-the-loop approvals, restricted permissions, action validation, and traceable execution. You will combine these defenses into an integrated AI Security Gateway covering prompts, RAG, tools, memory, and agents.

You will also learn production practices involving Docker, deployment, security monitoring, logging, audit trails, and incident response. Beyond technical security, this course provides extensive coverage of enterprise AI governance. You will build AI inventories, usage dashboards, cost analytics, risk-scoring engines, model-evaluation dashboards, drift-monitoring systems, prompt-governance labs, agent-observability tools, and RAG governance dashboards.

You will learn how to map controls to NIST AI RMF, the EU AI Act, and ISO/IEC 42001. Topics include policy management, control evidence, model cards, AI impact assessments, approval workflows, exception management, guardrail effectiveness, governance KPIs, KRIs, incident remediation, and executive reporting. The final capstone brings everything together as you build an Enterprise AI Governance Command Center connecting AI telemetry, risk, controls, compliance evidence, incidents, remediation, and leadership dashboards.

Whether you are an AI engineer, cybersecurity professional, risk manager, enterprise architect, developer, auditor, compliance leader, or technology executive, this course will help you build AI systems that are not only powerful—but also secure, responsible, compliant, observable, and enterprise-ready.

Skills you'll gain

Network & SecurityEnglish

Available Coupons

Loading...

Course Information

Level: All Levels

Suitable for learners at this level

Duration: Self-paced

Total course content

Instructor: Udemy Instructor

Expert course creator

This course includes:

  • 📹Video lectures
  • 📄Downloadable resources
  • 📱Mobile & desktop access
  • 🎓Certificate of completion
  • ♾️Lifetime access
$0$89.99

Save $89.99 today!

Enroll Now - Free

Redirects to Udemy • Limited free enrollments

Share this course

https://freecourse.io/courses/ai-security-governance-masterclass-build-attack-defend

You May Also Like

Explore more courses similar to this one

AWS Security Specialty SCS-C02: Complete Exam Prep 2026
IT & Software
0% OFF

AWS Security Specialty SCS-C02: Complete Exam Prep 2026

Udemy Instructor

AWS Certified Security – Specialty (SCS-C02) | Complete Exam PrepAre you ready to become a certified AWS Security professional? This course is a complete, hands-on preparation guide for the AWS Certified Security – Specialty (SCS-C02) exam — one of the most respected and highest-paying certifications in cloud security today.Whether you're a cloud engineer, DevOps professional, or an experienced security practitioner moving into AWS, this course walks you through every exam domain with clear explanations, real-world scenarios, and practical AWS console demonstrations.---What Makes This Course DifferentThis course was built by an instructor who holds OSCP, CEH, and CISA certifications — so you don't just learn what AWSsecurity services do, you learn how attackers very concept is tied to real-world cloud attackpatterns and defensive architecture.---Course ModulesModule 0 – Course Introduction & Exam OverviewUnderstand the SCS-C02 exam structure, domains, question types, and how to use this course effectively to pass on yourfirst attempt.Module 1 – AWS Security FundamentalsReview core AWS concepts critical to security: the shared responsibility model, AWS global infrastructure, regions,availability zones, and the AWS Well-ArchitectModule 2 – Identity and Access Management (IAMMaster IAM users, groups, roles, and policies. Understand permissions boundaries, policy evaluation logic, service control policies (SCPs), and cross-account access pattModule 3 – Advanced IAM & Identity FederationExplore AWS IAM Identity Center (SSO), SAML 2.0, OIDC federation, Cognito user pools and identity pools, andattribute-based access control (ABAC).Module 4 – Data Protection & EncryptionLearn AWS Key Management Service (KMS) — CMKs, key policies, grants, and envelope encryption. Cover S3 server-sideencryption (SSE-S3, SSE-KMS, SSE-C), client-sior dedicated hardware security modules.Module 5 – Secrets and Certificate ManagementDeep dive into AWS Secrets Manager, Systems Manager Parameter Store, and AWS Certificate Manager (ACM). Learn rotationstrategies, cross-account secret sharing, and  management.Module 6 – Network Security & Infrastructure PDesign secure VPC architectures with security groups, NACLs, VPC Flow Logs, and PrivateLink. Implement AWS WAF, ShieldStandard and Advanced, AWS Firewall Manager, aed perimeter defense.Module 7 – DDoS Mitigation & Edge SecurityUnderstand DDoS attack categories and how AWS Shield Advanced, CloudFront, Route 53, and Global Accelerator work togetherto absorb and deflect volumetric attacks.Module 8 – Threat Detection with Amazon GuardDConfigure GuardDuty findings, suppression rules, and multi-account management with AWS Organizations. Integrate GuardDutywith EventBridge, Lambda, and Security Hub forows.Module 9 – Security Logging & MonitoringSet up comprehensive logging with CloudTrail (management and data events), CloudWatch Logs, VPC Flow Logs, and S3 serveraccess logs. Build security dashboards and alaModule 10 – Amazon Macie & Data ClassificationUse Macie to automatically discover and protect sensitive data (PII, financial records) in S3. Configure custom dataidentifiers, findings, and automated remediatiModule 11 – Vulnerability Management with AmazDeploy Inspector v2 for continuous EC2 and container vulnerability scanning. Understand CVE prioritisation, integrationwith ECR, and automated patching workflows usiModule 12 – AWS Security Hub & Centralized VisAggregate findings from GuardDuty, Inspector, Macie, and third-party tools into Security Hub. Configure security standards(CIS AWS Foundations, AWS Foundational Securitutomated response workflows.Module 13 – Incident Response on AWSBuild an incident response plan aligned to the NIST framework using AWS-native tools. Practice containment via IAM policyrevocation, EC2 isolation, snapshot forensics, techniques.Module 14 – Compliance, Governance & AuditingUse AWS Config rules and conformance packs to enforce compliance continuously. Cover AWS Audit Manager, AWS Artifact, andhow to demonstrate compliance for PCI-DSS, HIPModule 15 – Securing Compute & ContainersHarden EC2 instances with Systems Manager Session Manager, patch baselines, and IMDSv2. Secure containerised workloads onECS and EKS with IAM roles for service account ECR image scanning.Module 16 – Exam Strategy, Practice & Final ReWalk through all five SCS-C02 exam domains with a structured final review, exam-day tips, question dissection strategies,and a full-length practice session targeting t---By the end of this course you will be able to:- Architect and implement end-to-end AWS secur- Configure every major AWS security service with confidence- Detect, investigate, and respond to cloud se- Pass the AWS Certified Security – Specialty (SCS-C02) exam---Who This Course Is For:Cloud engineers, DevOps professionals, IT security practitioners, and anyone pursuing the AWS Security Specialtycertification.Enrol now and take the next step in your cloud

0.0•7•Self-paced
FREE$82.99
Enroll
Managing Human Risk: GRC, Compliance & Security Culture
IT & Software
0% OFF

Managing Human Risk: GRC, Compliance & Security Culture

Udemy Instructor

Are you ready to tackle the #1 cause of security breaches — human behavior?82% of all data breaches involve a human element. Phishing, insider threats, social engineering, accidental data exposure — no firewall stops them. The only defense is a structured, measurable Human Risk Management program built on behavioral science, GRC frameworks, and compliance controls.This course gives you the complete system — from the psychology of why employees make security mistakes to building an ISO 27001-aligned GRC framework, running phishing simulations, detecting insider threats, and measuring risk reduction with executive-ready dashboards.--- What Makes Human Risk Different?Technical controls assume threats come from outside. Human risk lives inside — in the employee who clicks a phishing link, the contractor who exfiltrates data, the manager who approves a fraudulent wire transfer. Traditional security programs treat this as a training problem. This course shows you it is a systems problem — and gives you the systems to solve it.---What You Will Learn- Understand the psychology of security behavior — cognitive biases, dual-process thinking, habit loops, and security fatigue that make employees vulnerable- Build a GRC framework (Governance, Risk & Compliance) that specifically addresses human risk alongside technical controls- Map human risk controls to ISO 27001, NIST CSF, SOC 2, GDPR, PCI-DSS, and HIPAA requirements- Design and measure a security awareness program that changes real behavior — not just checkbox compliance- Implement an insider threat program with behavioral indicators, UEBA tools, and legal guardrails- Run targeted phishing simulations and use failure data to drive training decisions- Build a security culture through champions programs, leadership engagement, and communication strategies- Define KPIs, dashboards, and executive reports that demonstrate risk reduction in monetary terms- Develop security policies that employees actually read, understand, and follow- Respond to human-caused incidents — phishing compromise, insider data theft, BEC, data mishandling — with targeted IR playbooks- Understand breach notification obligations — GDPR 72-hour clock, HIPAA 60-day rule, US state law variations- Conduct root cause analysis on human-caused incidents that produces systemic improvements, not just blame--- Practical Tools and Templates- Security awareness program design framework — needs assessment, content mapping, delivery channels, measurement- Phishing simulation metrics — click rate, report rate, repeat offender tracking, simulation-to-training pipeline- Insider threat behavioral indicators checklist — technical and behavioral signals, UEBA alert thresholds- Human Risk Score formula — aggregate behavioral, training, and incident data into a per-employee risk score- Policy writing template — plain language, visual hierarchy, acknowledgement tracking- IR playbook templates — for phishing compromise, insider theft, BEC wire fraud, data mishandling- Executive dashboard KPIs — Mean Time to Detect, training completion rates, click rate trends, incident reduction %--- Course Curriculum — 13 Modules- Module 0: Welcome & Course Overview — instructor background, learning objectives, course structure- Module 1: The Human Risk Landscape — breach statistics, why human risk dominates, the cost of inaction- Module 2: Psychology of Security Behavior — cognitive biases, System 1 vs System 2 thinking, habit loops, social engineering psychology- Module 3: GRC Fundamentals — governance structures, risk appetite, risk registers, control frameworks, maturity models- Module 4: Compliance Frameworks — ISO 27001 Annex A, NIST CSF, SOC 2 Trust Services Criteria, GDPR, PCI-DSS, HIPAA- Module 5: Security Awareness Program Design — needs assessment, content strategy, delivery channels, gamification, measurement- Module 6: Social Engineering & Phishing Defense — attack taxonomy, simulation design, metrics, targeted training- Module 7: Insider Threat Management — threat typology, behavioral indicators, UEBA, legal considerations, investigation protocol- Module 8: Building Security Culture — culture measurement, champions program, leadership engagement, communication strategy- Module 9: Risk Metrics & Measurement — Human Risk Score, KPI frameworks, dashboards, board reporting, ROI calculation- Module 10: Policy Development & Enforcement — policy writing, plain language, acknowledgement, enforcement without culture damage- Module 11: Incident Response for Human Causes — PICERL for human incidents, forensic preservation, breach notification obligations- Module 12: Wrap-Up & Certification Path — program design blueprint, CISM/CRISC/CISA paths, 30/60/90 day action plan--- Compliance Framework Coverage-  ISO 27001:2022 — Annex A human-facing controls (A.6, A.7, A.8)-  NIST CSF 2.0 — Govern, Identify, Protect (PR AT awareness and training)-  SOC 2 — CC1 (Common Criteria) people and culture controls-  GDPR — Article 32 security of processing, 72-hour breach notification, data minimisation-  PCI-DSS v4.0 — Requirement 12 (security policy) and Requirement 6 (secure development)-  HIPAA — Security Rule §164.308 administrative safeguards, workforce training requirements--- Who This Course Is For- Security managers and CISOs who need a repeatable system for reducing human risk across the organisation- GRC professionals building or maturing a compliance program that addresses the human element- HR and L&D professionals responsible for security awareness training programs- Security awareness practitioners who want behavioral science-backed methods, not just phishing click rates- IT and security generalists who want to move into GRC, risk management, or security culture roles- Compliance officers managing ISO 27001, SOC 2, GDPR, HIPAA, or PCI-DSS audit requirements- Anyone preparing for CISM, CRISC, CISA, or CISSP — this course maps directly to exam domains---Requirements- No prior GRC or compliance experience required — the course starts from fundamentals- Basic understanding of cybersecurity concepts is helpful but not essential- Relevant for both technical and non-technical security professionals---Enrol now and build the human firewall your organisation actually needs.

4.0•9•Self-paced
FREE$87.99
Enroll
Essential AI Guide: From Fundamentals to Real-World Impact
IT & Software
0% OFF

Essential AI Guide: From Fundamentals to Real-World Impact

Udemy Instructor

This course contains the use of artificial intelligence(AI).Artificial Intelligence is transforming the world — from how we work and learn to how we create, communicate, and make decisions. Essential AI Guide: From Fundamentals to Real-World Impact is your complete beginner-friendly journey into the world of Artificial Intelligence (AI) and its real-world applications across industries. Whether you’re a student, professional, or simply curious about AI, this course will help you build a solid foundation and understand how intelligent systems are shaping our future.You’ll start by learning what AI is, how it has evolved over time, and the key differences between narrow AI, general AI, and generative AI. Through clear explanations and practical examples, you’ll explore how AI systems use data, algorithms, and machine learning models to make predictions, recognize patterns, and generate insights. By understanding these core AI concepts, you’ll gain the confidence to engage with modern tools and technologies that are driving innovation across every sector.The course dives deep into essential technologies like Natural Language Processing (NLP), Computer Vision, Robotics, and Speech Recognition, giving you a broad overview of how these systems power everyday experiences — from chatbots and translation tools to self-driving cars and virtual assistants. You’ll also get hands-on experience through guided labs using no-code AI platforms such as Google Teachable Machine, IBM Watson Assistant, and Microsoft Azure AI. These labs will help you build your own mini-projects in image classification, content generation, and chatbot design, even if you have no programming background.Beyond technology, this course emphasizes ethical AI, fairness, and responsible innovation. You’ll learn how to identify bias in AI models, explore AI governance frameworks, and understand why transparency, accountability, and human oversight are vital to building trust in intelligent systems. You’ll also reflect on how AI ethics intersects with privacy, inclusivity, and societal impact, preparing you to think critically about the challenges of deploying AI in the real world.In the final sections, you’ll explore AI use cases across industries — from healthcare, finance, and education to marketing, manufacturing, and transportation. Through real-world case studies and mini-projects, you’ll analyze the measurable benefits of AI adoption and learn to propose actionable recommendations for improving AI integration in organizations. You’ll also examine emerging AI trends such as AI agents, edge computing, autonomous systems, and generative models, and how these innovations could reshape your career or business in the coming decade.By the end of this course, you’ll have a strong, well-rounded understanding of Artificial Intelligence, its technologies, its ethical considerations, and its profound impact on society. You’ll not only know how AI works — you’ll know why it matters, and how to harness it responsibly for real-world success.

3.8•2.7K•Self-paced
FREE$85.99
Enroll
FreeCourse LogoFreeCourse

Freecourse.io brings you high-quality online courses with free certificates to help you upskill, boost your career, and achieve your goals anytime, anywhere.

Resources

  • Courses
  • Jobs
  • Categories
  • Features

Company

  • About
  • Blog
  • Contact

Legal

  • Privacy
  • Terms
  • Cookies
  • Licenses

© 2026 FreeCourse. All rights reserved.