CompTIA SecAI+ Domain 2.1: MITRE ATLAS & OWASP LLM
Sec Guy por Sec Guy
Notas del episodio
SQL Injection won't save you when the database is a Vector Store. Welcome to Domain 2 of the CompTIA SecAI+ course. This domain makes up 40% of the entire exam, making it the most critical section to master.
In this video, we map the new battlefield. We explain why traditional frameworks like MITRE ATT&CK fail against AI, and introduce the new standard: MITRE ATLAS. We also break down the OWASP LLM Top 10, the risks of downloading models from Hugging Face, and how to apply STRIDE threat modeling to Neural Networks.
🎓 In this video, you will learn:
MITRE ATLAS vs. ATT&CK: The difference between "Initial Access" and "ML Model Access."
OWASP LLM Top 10: An intro to Prompt Injection, Insecure Output Handling, and Data Poisoning.
New Risk Frameworks: The MIT AI Risk Repository and the CVE AI Working Group.
 ...Â