Present
Present the assessment, demonstrate a fixed exploit live, peer-review a colleague's hardening — and earn the Certified AI Security Specialist credential.
Final act: present the assessment, prove a fix live, review a peer's work adversarially, and earn the credential. The hero moment mirrors the whole course — you'll show an attack that used to work now failing safely, because a demonstrated defense beats any slide.
The 10-minute briefing
- 1The system and its risk (1.5 min): what it is, the highest-risk threat you found, and the one-line posture — before and after.
- 2The threat model (1.5 min): the data-flow diagram with trust boundaries; where the danger concentrated. Shows you assessed systematically, not opportunistically.
- 3The exploit, then the fix, live (3 min): land your best original attack against the vulnerable version (the indirect injection that moved money, ideally), then run the identical attack against the hardened version and show it fail — validator firing, action blocked, log entry written. This is the beat that proves everything.
- 4The posture numbers (2 min): attack success rate before/after by category, critical-actions at zero, suite-in-CI. Evidence, not adjectives.
- 5Residual risk & recommendations (2 min): what remains, stated honestly, and the ongoing practices (red-team CI gate, access reviews, monitoring). End on operational maturity, not a false 'it's fully secure'.
Questions you'll be asked
- 'Assume the model is fully compromised — what's the worst that happens?' (The least-privilege question; your architecture should make the answer survivable.)
- 'Show me an indirect injection, not a direct one.' (The channel that separates real assessments from front-door-only ones.)
- 'How do you know this stays fixed next month?' (The red-team suite in CI.)
- 'What did you not fix, and why is that acceptable?' (Residual risk — the honest answer builds more trust than a claim of perfection.)
Peer review & credential
- 1Review one peer's assessment: read the report, then attack their hardened system yourself with one injection and one privilege-abuse attempt you devise. Rubric: threat-model rigor / attack depth & evidence / remediation & defense-in-depth / red-team suite & measurement / report clarity & honesty (20% each).
- 2The one-change rule, final time: incorporate your reviewer's strongest finding — especially if they landed an attack you missed — before submission, logged with its fix and re-attack proof.
- 3Submit: threat model, the hardened system with its red-team suite, the assessment report, the presentation, and your peer review.
Passing earns Certified AI Security Specialist (credential format EDOVA-SEC-2026-XXXX): you threat-model AI systems, defend against injection and data leakage, govern access with least privilege, red-team systematically, and harden with layered runtime guardrails — then communicate it all in a professional assessment. In a field where most people build AI and few can secure it, this credential says you're the person who makes AI safe to ship.
You now hold the defensive half of the discipline. The systems you learned to secure by hand are exactly what Edova's products operate at scale: Sentinel automates the access-governance and vulnerability-detection you did in Module 4, across a whole company. Next in the track: AI Governance, Risk & Compliance puts the organizational and regulatory frame around everything you've hardened — turning individual security work into a program. You can build AI, operate it, and now defend it; governance is how an organization does all three, accountably.