AI Under Attack: A Practical Guide to Threats, Defenses, and Governance for AI Systems

Built on Fortune 500 experience, this guide delivers hands-on methods to secure generative AI with extensive coverage of RAG, agents, prompt injection, data pipelines, Zero Trust, and sustainable programs

Key Features

Defend LLMs, RAG, and autonomous agents against prompt injection, jailbreaks, and tool abuse

Apply Zero Trust architecture to AI agents with tool access, memory, and goal-directed reasoning

Run AI governance and red teaming programs aligned to NIST AI RMF, ISO 42001, and OWASP for LLMs

Book DescriptionContrary to general AI texts or cybersecurity books with limited AI coverage, this guide offers a comprehensive dive into securing the generative AI ecosystem.

It moves through five parts: Foundations explains why AI security is unique, covering threat modeling, attack surfaces, and defense principles. Attacks examines vectors against system anatomy, data/models, prompt injection, memory, RAG, and agents, concluding with red teaming and evaluation. Designing, Deploying, and Architecting Secure AI Systems covers secure infrastructure/MLOps, APIs, defensive prompting, agent security, supply chain integrity, and Zero Trust patterns. Operationalizing AI Security and Responsibility addresses governance, risk, compliance (GRC), security operations, safety/alignment, and AI-driven misinformation. Building Sustainable AI Security Programs focuses on organizational capability, threat intelligence, collaboration, and the future of AI security. Throughout, you will gain access to practical insights and structured approaches applicable to real-world scenarios.

By the end, you will be able to design, implement, and maintain security programs for generative AI, defend against advanced threats, communicate risks to stakeholders, and establish governance ensuring secure, compliant operations across the lifecycle.What you will learn

Identify AI-specific risks and clearly communicate them to business teams

Defend models, data, RAG, and agents from threats like poisoning, prompt injection, jailbreaking, and data exfiltration

Design resilient cloud/MLOps with Zero Trust, supply chain security, and isolation

Build secure APIs, apps, and agents with strong auth, validation, and safe tool use

Apply AI-focused GRC, alignment checks, bias mitigation, monitoring, and incident response

Translate complex concepts into actionable steps, using threat intel and collaboration for lasting security

Who this book is forThis book is for mid- to senior-level cybersecurity professionals, security architects, and tech leaders managing risks in generative AI deployments. It’s also valuable for early-career practitioners, AI/ML engineers, red teamers, DevSecOps, governance specialists, compliance officers, and product stakeholders with foundational cybersecurity knowledge. Readers should have basic familiarity with security concepts, some exposure to cloud platforms (AWS, Azure, or GCP), and a fundamental grasp of AI/ML, though no prior AI security expertise is required.