1-Day Training: June 24, 2026
Level: Intermediate
Trainer: Marco Morana
**Threat Modeling book (85 euro value) free to the first 10 registrants**To register, please purchase your training ticket
here. Training and conference are two separate ticket purchases.
As organizations deploy LLMs, chatbots, RAG pipelines, and autonomous AI agents, new attack surfaces emerge that traditional application threat modeling cannot fully capture. This one-day course provides a practical, hands-on introduction to threat modeling AI applications, grounded in the OWASP AI Testing Guide, OWASP AI Exchange, NIST AI RMF, and Secure AI Framework (SAIF).
Participants learn how AI reshapes attack surfaces at the data, model, pipeline, and API layers, and how adversarial risks such as prompt injection, model theft, data poisoning, membership inference, and supply-chain compromise can be identified early and validated before deployment.
Through structured modeling exercises, ATLAS Navigator demos, AI SBOM analysis, attack-flow mapping, and secure-by-design patterns, learners translate AI threat models into actionable test cases aligned to OWASP AITG Test IDs and MITRE ATLAS. The course concludes with an end-to-end capstone where participants model and test a real-world LLM or RAG pipeline.
By the end of the workshop, participants will be able to identify, model, test, and validate AI-specific threats, embed AI testing into DevSecOps workflows, and operationalize AI threat modeling as a repeatable, testable practice for QA, security, and incident response.
