When your entire classification system fits on a Post-it note, you don't have a taxonomy. You have a problem.
Prompt injection is one of the defining threats of the AI era, but for a long time the security community had exactly two ways to describe it: direct, or indirect. No clustering. No campaigns. No detection logic. No shared language. Just a binary that told you almost nothing useful.
This talk is about what happens when you apply real CTI tradecraft to a space that's been flying blind.
Drawing on the analytical foundations taught in SANS FOR578, we'll walk through structured analysis, using taxonomies and the discipline of turning raw data into labelled information, clustered incidents, and eventually intelligence. How, when faced with a prompt injection "taxonomy" of just two subcategories, we went about building APE, a taxonomy that actually fits multiple use cases and what that process looked like.
You'll leave with a clear picture of how taxonomy-driven analysis works in practice, how APE maps prompt injection techniques to CTI-compatible labels, and how those labels translate directly into detection rules, hunt queries, and campaign tracking. Whether you work in IR, SOC, or red team, this is the talk that connects the AI threat landscape to the analytical discipline you already know you need.
