CompTIA SecAI+ Domain 2.1: MITRE ...
CompTIA SecAI+ Domain 2.1: MITRE ATLAS & OWASP LLM

Sec Guy by Sec Guy

Episode notes

SQL Injection won't save you when the database is a Vector Store. Welcome to Domain 2 of the CompTIA SecAI+ course. This domain makes up 40% of the entire exam, making it the most critical section to master.

In this video, we map the new battlefield. We explain why traditional frameworks like MITRE ATT&CK fail against AI, and introduce the new standard: MITRE ATLAS. We also break down the OWASP LLM Top 10, the risks of downloading models from Hugging Face, and how to apply STRIDE threat modeling to Neural Networks.

🎓 In this video, you will learn:

MITRE ATLAS vs. ATT&CK: The difference between "Initial Access" and "ML Model Access."

OWASP LLM Top 10: An intro to Prompt Injection, Insecure Output Handling, and Data Poisoning.

New Risk Frameworks: The MIT AI Risk Repository and the CVE AI Working Group.

 ... 

Read more