This certification has been designed by industry experts to validate the hands-on, job-ready skills required to attack and defend real AI systems. It focuses on practical AI security across the full threat lifecycle - from threat modelling and prompt injection through to supply chain security and data poisoning - aligned to OWASP LLM Top 10 and MITRE ATLAS.
A Guide to AI Security Skills
Threat Modelling of AI Systems
Analyse interactive architecture diagrams of production-style AI systems (LLM applications, RAG pipelines, agent frameworks), identify exposed components and data flows, score likelihood and impact, prioritise risks, and build mitigation plans grounded in OWASP LLM Top 10 and MITRE ATLAS.
Prompt Injection & Jailbreaking
Craft direct and indirect prompt injections against protected AI assistants. Extract hidden system prompts, embed malicious instructions in content the AI ingests (emails, documents), bypass content moderation guardrails, and trigger unauthorised actions in workplace AI assistants.
AI Supply Chain Security
Triage models by provenance and risk level using metadata and documentation, perform static analysis on model artefacts (pickle files, configs, dependencies) to spot tampering, run behavioural testing on sandboxed suspicious models to discover triggers, and produce a comprehensive remediation strategy.
Data Poisoning (RAG Attack & Defence)
Craft poisoned documents that manipulate AI responses, extract sensitive information from RAG-enabled assistants by bypassing guardrails, and design defences using corpus controls, retrieval filtering, and output guardrails.
Hands-On Tooling & Workflow Fluency
Work confidently across browser-based interactive threat modelling interfaces, AI chatbots, model artefact analysis environments, RAG systems, and monitoring dashboards. No local installation required.
Analytical Reasoning & Risk Prioritisation
Justify attack/defence strategies, score likelihood and impact across multiple threats, prioritise risks under time pressure, and trade off feasibility, cost, and risk reduction.
Professional Communication & Reporting
Articulate findings through structured reporting tasks: mitigation plans, remediation strategies, and threat reports aimed at both technical and non-technical audiences.
Frequently Asked Questions
What is AI1?
What is AI1?
AI1 is a beginner-friendly, hands-on AI security certification that validates your ability to identify, exploit, and defend AI systems through realistic, practical scenarios.
Who is AI1 designed for?
Who is AI1 designed for?
Students, cyber security enthusiasts, and early-career security professionals stepping into AI security. Also relevant for SOC analysts, penetration testers, and application security engineers adding AI to their toolkit.
Do I need AI/ML experience to take AI1?
Do I need AI/ML experience to take AI1?
No. AI1 is designed for beginners. The preparation path starts with AI basics and builds up to hands-on attack and defence scenarios. A basic security background is enough to start.
How is AI1 different?
How is AI1 different?
AI1 balances offensive and defensive skills, focuses on hands-on technical proficiency over policy, covers the full AI security stack (threat modelling β data poisoning), uses realistic scenario-based assessments instead of MCQs, and aligns with OWASP LLM Top 10, CompTIA SecAI+, and MITRE ATLAS.
Is AI1 fully hands-on?
Is AI1 fully hands-on?
Yes. AI1 validates real skills through realistic scenarios - you'll execute attacks, analyse systems, and design defences.
What roles does AI1 support?
What roles does AI1 support?
AI Security Engineer, AI Red Teamer, AI/ML Security Consultant, Security Architect (AI Systems), Detection Engineer (AI Threats), Application Security Engineer (AI Features), and SOC Analyst (L2/L3) with AI specialisation.
What does AI1 evaluate?
What does AI1 evaluate?
Threat modelling AI systems, prompt injection and jailbreaking, AI supply chain security (model provenance, artefact analysis, backdoor detection), and data security (RAG poisoning, sensitive data leakage, embedding attacks). It also assesses risk communication, mitigation strategy, and structured reporting.
What does the exam format look like?
What does the exam format look like?
4 major sections, 13 hands-on scenarios mixing static-site exercises and live AI chatbot interactions. Evaluation combines technical task completion with analytical reasoning.
How long do I have to complete the exam?
How long do I have to complete the exam?
48-hour exam window (expected completion 6β8 hours), non-proctored, available 24/7 once started.
Is there a retake policy?
Is there a retake policy?
Yes. One free retake is included with your exam purchase.
What roles can AI1 help me qualify for?
What roles can AI1 help me qualify for?
AI Security Engineer, AI Red Teamer, AI/ML Security Consultant, AI Detection Engineer, Application Security Engineer (AI features), and SOC Analyst (L2/L3) with AI specialisation.
Does AI1 expire?
Does AI1 expire?
Yes. The certification is valid for 3 years to ensure certified professionals stay current with evolving AI security threats and techniques.
βStill got more questions?
You can reach out to [email protected] or ask in our Discord server or Subreddit for further assistance.
TryHackMe