Prompt injection Incident Response: In Practice
RCCE students will learn prompt injection attacks against AI/LLM systems including direct prompt injection, indirect prompt injection, jailbreaking techniques, and prompt leaking. RCCE students will learn to identify prompt injection vulnerabilities in AI-powered applications, execute prompt injection attacks in controlled environments to demonstrate data extraction, instruction override, and unintended actions, implement defensive measures including input sanitization, system prompt hardening, output filtering, and architectural separation of trusted and untrusted content, monitor AI systems for prompt injection attempts, and develop incident response procedures for compromised AI systems. This incident response course prepares students to act decisively during security incidents with structured workflows and clear decision frameworks. Starting from foundational concepts, RCCE students will learn containment, evidence collection, eradication, and recovery procedures specific to this domain. Students practice incident scenarios that build the composure, coordination, and documentation skills essential for effective incident handling.
- Security Engineers building defensive controls
- Security Analysts and Blue Team members
- Systems Administrators with security responsibilities
- GRC and Risk Professionals supporting controls
- Professionals implementing Prompt injection Incident Response: In Practice
- Execute hands-on tasks for prompt injection
- Build detections and response workflows for privilege escalation
- Explain Course Overview fundamentals
- Execute hands-on tasks for what you will learn
- Execute hands-on tasks for course structure — covering Prompt injection attack categories, Foundations & threat landscape.
- Execute hands-on tasks for prerequisites & audience — covering Basic understanding of AI/ML concepts.
- Design a scalable privilege management architecture with policy and enforcement
- Execute hands-on tasks for how they work — covering Accept text prompts as.
- Execute hands-on tasks for common applications — covering Chatbots and virtual.
- Execute hands-on tasks for user input
- Execute hands-on tasks for application layer
| Module 01 | Prompt Injection |
| Module 02 | Incident Response: In Practice |
| Module 03 | Course Overview |
| Module 04 | What You Will Learn |
| Module 05 | Course Structure |
| Module 06 | Prerequisites & Audience |
| Module 07 | What Are Large Language Models |
| Module 08 | How They Work |
| Module 09 | Common Applications |
| Module 10 | AI Application Architecture |
| Module 11 | User Input |
| Module 12 | Application Layer |
| Module 13 | External Tools |
| Module 14 | Security Boundaries |
All hands-on labs run on Rocheston Rose X OS. Students practice prompt injection incident response: in practice by implementing the controls discussed in class, with a focus on real-world deployment, monitoring, and validation.
- Lab 1: Execute hands-on tasks for prompt injection
- Lab 2: Build detections and response workflows for privilege escalation
- Lab 3: Explain Course Overview fundamentals
- Lab 4: Execute hands-on tasks for what you will learn
- Lab 5: Execute hands-on tasks for course structure
Upon successful completion of this course, students will receive an official RCCE Course Completion Certificate for Prompt injection Incident Response: In Practice, verifiable through the Rocheston certification portal.
- Full access to all course materials and slide decks
- Hands-on lab access on Rocheston Rose X OS environment
- Access to Rocheston CyberNotes
- Access to Rocheston Zelfire — EDR/XDR SIEM platform
- Access to Rocheston Raven — online cyber range exercise platform
- Access to Rocheston Vulnerability Vines AI