Question 1

What Are The Laptop Requirements?

Accepted Answer

Cloud AccountsSANS provides students with time-limited AWS accounts 24 hours before class starts for completing the labs. Students can log in to their SANS account and visit the MyLabs page to download their cloud credentials the day before class begins.Mandatory Laptop Requirement Students must bring their own system configured according to these instructions.A properly configured system is required to fully participate in this course. If you do not carefully read and follow these instructions, you will likely leave the class unsatisfied because you will not be able to participate in hands-on exercises that are essential to this course. Therefore, we strongly urge you to arrive with a system meeting all the requirements specified for the course.Students must be in full control of their system's network configuration. The system will need to communicate with the cloud-hosted student VM using a combination of HTTPS, SSH, and SOCKS5 traffic on non-standard ports. Running VPN, intercepting proxy, or egress firewall filters may cause connection issues communicating with the student VM. Students must be able to configure or disable these services to connect to the lab environment.Bring Your Own Laptop Configured Using the Following Directions A properly configured system is required for each student participating in this course. Before starting your course, carefully read and follow these instructions exactly:Host Operating System: Latest version of Windows 10, macOS 10.15.x or later, or Linux that also can install and run the Firefox browser described below. Fully update your host operating system prior to the class to ensure you have the right drivers and patches installed. Mandatory Host Hardware Requirements CPU: 64-bit 2.5+ GHz multi-core processor or higher Wireless Ethernet 802.11 B/G/N/AC Local Administrator Access within your host operating system Must have the ability to install Firefox, enable a Firefox extension, and install a new trusted root certificate on the machine. Mandatory Software Requirements Prior to class, ensure that the following software is installed on the host operating system: Firefox 120.0+ Firefox SmartProxy extensionSummary Before beginning the course you should: Have a laptop with a solid-state drive (SSD), 16GB of RAM, and a 64-bit operating system. Install the latest version of Firefox and the SmartProxy extension. Download the SEC545 Lab Setup Instructions from your sans.org account. After you have completed those steps, access the SANS provided AWS account to connect to the SANS Cloud Security Flight Simulator and connect to the SEC545 student VM. The SEC545 Instance hosts an electronic workbook, VSCode, Gitlab, and Terminal services that can be accessed through the Firefox browser. Your course materials include a "Setup Instructions" document that details important steps you must take before you travel to a live class event or start an online class. It may take 30 minutes or more to complete these instructions. Your class uses an electronic workbook for its lab instructions. In this new environment, a second monitor and/or a tablet device can be useful for keeping class materials visible while you are working on your course's labs.  If you have additional questions about the laptop specifications, please contact customer service.

Question 2

Who Should Attend SEC545 Training?

Accepted Answer

SEC545 is designed for practitioners in Protect AI roles who are responsible for securing GenAI and LLM-powered applications, AI-enabled workflows, and the infrastructure that supports them. This includesAI/ML Security Engineers AI Security Specialists Application Security Engineers working with GenAI or LLM applications MLSecOps Engineers AI SOC Orchestrators Blue team leads for AI environments Cloud Security Engineers responsible for GenAI deployments. Many of these titles are still being defined inside organizations. SEC545 gives you the practical skills to step into them with credibility as the roles form, rather than waiting for hiring patterns to catch up.

Question 3

What Is GIAC AI Platform Security (GAIPS) Certification?

Accepted Answer

The GIAC AI Platform Security (GAIPS) certification validates a practitioner’s ability to audit and secure Generative AI applications and large language model (LLM) development pipelines. GAIPS certification holders demonstrate hands-on skills protecting data flows, model integrations, APIs, and deployment workflows against emerging threats across the AI lifecycle.Generative AI common terminology and fundamental concepts Tuning, augmenting, and aligning foundational models for custom business requirements Designing and securing agentic systems and AI integrations AI application architecture and development frameworks Implementing MLOps and MLSecOps practices Responsible AI usage and risk management strategiesMore Certification Details

Question 4

What Will You Get?

Accepted Answer

Electronic and printed coursewareMp3 audio files of course lectureSANS provisioned AWS accountSANS provided OpenAI API Key

Question 5

What Are The Prerequisites For This Course?

Accepted Answer

Familiarity with Linux command shells and associated commandsFamiliarity Python and Bash scriptingBasic understanding of common application attacks and vulnerabilitiesBasic knowledge of public cloud services and cloud-native technologies, including Kubernetes

Question 6

What Learning Path Is This Course A Part Of?

Accepted Answer

While many GenAI systems run in cloud environments, SEC545 is a defensive AI course focused on protecting the AI application stack itself, not a general cloud infrastructure security course.Depending on your current or desired future role, the courses below are great next steps in your cybersecurity journey.SEC546: Securing Agentic AI - protect agentic AI systems in production by securing guardrails, goals, context, multi-agent workflows, and compromised or rogue agent behavior.LDR520: Emerging Trends for Cyber Leaders: AI and Cloud – lead AI security programs with the governance, risk, and policy foundation that makes GenAI and agentic AI adoption defensible.

Question 7

How Does SEC545 Align with the SANS Secure AI Blueprint?

Accepted Answer

SEC545: GenAI and LLM Application Security aligns with the Protect AI pillar by teaching defenders how to secure GenAI and LLM applications in production. The course focuses on protecting AI systems by threat modeling GenAI architectures, defending RAG and vector database pipelines, mitigating prompt injection, and hardening MLOps deployments across cloud and on-prem environments. While many GenAI systems run in cloud environments, SEC545 is a defensive AI course focused on protecting the AI application stack itself, not a general cloud infrastructure security course. Students learn to identify security risks in GenAI and LLM application architectures, secure RAG pipelines, vector databases, and model-serving workflows to protect AI data flows from leakage, poisoning, and abuse, and apply defensive controls to MLOps environments and AI-enabled application stacks in support of a Protect AI strategy.

Question 8

What Is GenAI and LLM Application Security And Why Is It Important?

Accepted Answer

GenAI and Large Language Model (LLM) application security refers to the strategies, tools, and practices used to protect generative AI systems from misuse, manipulation, and cyber threats. As organizations increasingly build and deploy GenAI-powered applications, these systems become valuable targets for attackers. Unlike traditional software, GenAI introduces unique risks, including prompt injection attacks, malicious model outputs, and vulnerabilities in third-party tools or models. Without strong security measures, GenAI applications can inadvertently leak sensitive data, generate harmful content, or expose organizations to supply chain attacks.Prioritizing security in GenAI applications ensures that these powerful technologies can be used safely, ethically, and reliably. Securing GenAI is essential not only for protecting business assets but also for maintaining public trust. This 5-day course provides a comprehensive look at GenAI and LLM application security, covering everything from prompt-level risks and supply chain vulnerabilities to in-depth topics like model training, MLSecOps, agent infrastructure, and cloud deployment scenarios. Students gain hands-on experience in threat modeling real-world GenAI pipelines and defending AI infrastructure that includes components such as Airflow, SageMaker, AWS Bedrock, and containerized environments.Why it matters:Prevent data leaks from malicious prompts or compromised models  Reduce risk of manipulation through prompt injection or model abuse  Protect third-party supply chains involved in building GenAI apps  Secure full GenAI stacks, including agents, pipelines, and infrastructure Ensure regulatory compliance and responsible AI use  Safeguard organizational reputation by preventing harmful or biased outputs

Question 9

How Will This Course Benefit My Career?

Accepted Answer

SEC545 will strengthen your cybersecurity career by equipping you with the skills needed to secure one of the fastest-growing areas in technology: Generative AI. As more organizations adopt GenAI tools, there is a growing demand for security professionals who can identify risks, implement controls, and build secure AI applications. This course provides both technical knowledge and strategic guidance, helping you stand out in a competitive job market.  The 5-day course goes significantly further than its 3-day predecessor. It includes new labs on threat modeling with MAESTRO, securing MLOps pipelines, training models with SageMaker, and attacking agent infrastructure through MCP. Students gain hands-on experience defending against advanced GenAI threats across a real deployment pipeline. This level of depth gives practitioners a unique edge in applying GenAI security concepts in production environments.Career benefits:  Boost your value with specialized GenAI security skills Demonstrate proficiency with modern AI infrastructure like LangChain, Bedrock, and MCP Stay ahead of emerging security trends in LLMs, agents, and AI-driven apps Build hands-on experience with threat modeling, MLSecOps, and cloud AI security Strengthen leadership potential by integrating GenAI into enterprise security strategies Align AI security with organizational risk management and compliance frameworks

SEC536: Adversarial AI - Penetration Testing AI Systems

SEC545: GenAI and LLM Application Security

Featured Quote

Course Overview

What You'll Learn

Business Takeaways

Meet Your Author

Ahmed AbuGharbia

Course Syllabus

Section 1GenAI, Large Language Models (LLMs), and Security Risks

Topics covered

Labs

Section 2Securing GenAI Applications

Topics covered

Labs

Section 3Agentic AI Security

Topics covered

Labs

Section 4MLSecOps and Securing GenAI Applications Lifecycle

Topics covered

Labs

Section 5AI for Security

Topics covered

Labs

Things You Need To Know

What Are The Laptop Requirements?

Who Should Attend SEC545 Training?

What Is GIAC AI Platform Security (GAIPS) Certification?

What Will You Get?

What Are The Prerequisites For This Course?

What Learning Path Is This Course A Part Of?

How Does SEC545 Align with the SANS Secure AI Blueprint?

What Is GenAI and LLM Application Security And Why Is It Important?

How Will This Course Benefit My Career?

Relevant Job Roles

Cloud Security Engineer Training, Salary, and Career Path

Cloud Security Analyst Training, Salary, and Career Path

Cybersecurity Architecture (OPM 652)

Technology Research and Development (OPM 661)

Network Operations (OPM 441)

Software Security Assessment (OPM 622)

Enterprise Architecture (OPM 651)

Secure Systems Development (OPM 631)

Course Schedule and Pricing

OnDemand Bundle

SANS Skills Quest by NetWars Core Edition

Group and Private Pricing

Virtual (OnDemand)

SANSFIRE 2026

Washington, DC, US & Virtual (live)

SANS August Singapore 2026

Singapore, SG & Virtual (live)

SANS Cloud Security Exchange Summit & Training 2026

San Francisco, CA, US & Virtual (live)

SANS AI Security Training August 2026

Virtual (live)

SANS Riyadh AI & Cloud Security 2026

Riyadh, SA & Virtual (live)

SANS Network Security 2026

Las Vegas, NV, US & Virtual (live)

SANS DC Metro September 2026

Bethesda, MD, US & Virtual (live)

SANS Manchester October 2026

Manchester, GB

SANS Miami 2026

Coral Gables, FL, US & Virtual (live)

Benefits of Learning with SANS