Advanced AI supply chain Mastery: Field Guide
RCCE students will learn software and hardware supply chain security including vendor risk assessment, third-party code analysis, dependency management, build pipeline integrity, and supply chain attack detection. RCCE students will learn to evaluate supply chain risks across software development lifecycles, implement software bill of materials (SBOM) practices, verify code signing and artifact integrity, detect compromised dependencies and malicious packages, configure dependency scanning in CI/CD pipelines, assess vendor security posture, and respond to supply chain compromise incidents such as dependency confusion, typosquatting, and upstream repository attacks. This advanced mastery course challenges experienced practitioners with complex scenarios, expert-level techniques, and nuanced decision-making. At an expert level, RCCE students will learn to handle the most demanding situations in this domain, developing the expertise expected of senior security professionals. Students tackle multi-layered problems that require synthesizing knowledge across multiple disciplines.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Advanced AI supply chain Mastery: Field Guide
- Execute hands-on tasks for field guide
- Explain Course Overview and Learning Objectives fundamentals
- Execute hands-on tasks for core focus areas — covering Advanced Competencies.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for the ai supply chain landscape
- Execute hands-on tasks for hardware supply chain — covering Package repos, CI/CD, code signing.
- Design a scalable privilege management architecture with policy and enforcement, including Chip fabrication, firmware integrity.
- Design a scalable privilege management architecture with policy and enforcement, including Pre-trained model, and Model hub poisoning.
- Execute hands-on tasks for data supply chain — covering Training data provenance, Dataset poisoning.
- Execute hands-on tasks for framework supply chain — covering ML framework.
- Explain Software Bill of Materials (SBOM) Foundations fundamentals — covering Complete inventory of software components, SPDX (ISO/IEC 5962:2021).
- Execute hands-on tasks for sbom standards — covering Complete inventory of software components.
| Module 01 | Field Guide |
| Module 02 | Course Overview and Learning Objectives |
| Module 03 | Core Focus Areas |
| Module 04 | CI/CD security architecture |
| Module 05 | The AI Supply Chain Landscape |
| Module 06 | Hardware Supply Chain |
| Module 07 | Third-party libraries, ML models |
| Module 08 | Model Supply Chain |
| Module 09 | Data Supply Chain |
| Module 10 | Framework Supply Chain |
| Module 11 | Software Bill of Materials (SBOM) Foundations |
| Module 12 | SBOM Standards |
| Module 13 | SBOM Lifecycle Management |
| Module 14 | Vendor Risk Assessment Framework |
All hands-on labs run on Rocheston Rose X OS. Students practice advanced ai supply chain mastery: field guide by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for field guide
- Lab 2: Explain Course Overview and Learning Objectives fundamentals
- Lab 3: Execute hands-on tasks for core focus areas
- Lab 4: Design a scalable privilege management architecture with policy and enforcement
- Lab 5: Execute hands-on tasks for the ai supply chain landscape
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Advanced AI supply chain Mastery: Field Guide, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI