Back to course overview
Module 6Capstone 15 min

Present

Present the assessment, demonstrate a fixed exploit live, peer-review a colleague's hardening — and earn the Certified AI Security Specialist credential.

Final act: present the assessment, prove a fix live, review a peer's work adversarially, and earn the credential. The hero moment mirrors the whole course — you'll show an attack that used to work now failing safely, because a demonstrated defense beats any slide.

The 10-minute briefing

  1. 1The system and its risk (1.5 min): what it is, the highest-risk threat you found, and the one-line posture — before and after.
  2. 2The threat model (1.5 min): the data-flow diagram with trust boundaries; where the danger concentrated. Shows you assessed systematically, not opportunistically.
  3. 3The exploit, then the fix, live (3 min): land your best original attack against the vulnerable version (the indirect injection that moved money, ideally), then run the identical attack against the hardened version and show it fail — validator firing, action blocked, log entry written. This is the beat that proves everything.
  4. 4The posture numbers (2 min): attack success rate before/after by category, critical-actions at zero, suite-in-CI. Evidence, not adjectives.
  5. 5Residual risk & recommendations (2 min): what remains, stated honestly, and the ongoing practices (red-team CI gate, access reviews, monitoring). End on operational maturity, not a false 'it's fully secure'.

Questions you'll be asked

  • 'Assume the model is fully compromised — what's the worst that happens?' (The least-privilege question; your architecture should make the answer survivable.)
  • 'Show me an indirect injection, not a direct one.' (The channel that separates real assessments from front-door-only ones.)
  • 'How do you know this stays fixed next month?' (The red-team suite in CI.)
  • 'What did you not fix, and why is that acceptable?' (Residual risk — the honest answer builds more trust than a claim of perfection.)

Peer review & credential

  1. 1Review one peer's assessment: read the report, then attack their hardened system yourself with one injection and one privilege-abuse attempt you devise. Rubric: threat-model rigor / attack depth & evidence / remediation & defense-in-depth / red-team suite & measurement / report clarity & honesty (20% each).
  2. 2The one-change rule, final time: incorporate your reviewer's strongest finding — especially if they landed an attack you missed — before submission, logged with its fix and re-attack proof.
  3. 3Submit: threat model, the hardened system with its red-team suite, the assessment report, the presentation, and your peer review.

Passing earns Certified AI Security Specialist (credential format EDOVA-SEC-2026-XXXX): you threat-model AI systems, defend against injection and data leakage, govern access with least privilege, red-team systematically, and harden with layered runtime guardrails — then communicate it all in a professional assessment. In a field where most people build AI and few can secure it, this credential says you're the person who makes AI safe to ship.

Where this sits — and leads

You now hold the defensive half of the discipline. The systems you learned to secure by hand are exactly what Edova's products operate at scale: Sentinel automates the access-governance and vulnerability-detection you did in Module 4, across a whole company. Next in the track: AI Governance, Risk & Compliance puts the organizational and regulatory frame around everything you've hardened — turning individual security work into a program. You can build AI, operate it, and now defend it; governance is how an organization does all three, accountably.