Explore how AI model artefacts and supply chains can be compromised and how to defend them.

This module focuses on the security of AI models from procurement through deployment. Learners investigate how supply chains are targeted (OWASP LLM03), how to detect tampered or untrusted artefacts at ingestion, and how embedded triggers, poisoned checkpoints, and compromised fine-tunes manifest in real-world scenarios. Two hands-on challenge rooms reinforce defensive skills in identifying and responding to malicious models.

Understanding AI Supply Chains

Explore how AI's dependency on external models, datasets, and packages creates attack surfaces.

Supply Chain Attack Vectors

Learn how trusted ML components can be turned into attack vectors.

Securing the AI Supply Chain

Build SupplySecLab and learn to inspect models, audit dependencies, and govern LLM supply chains.

Payload

TryTrainMe's production code review model is phoning home. Investigate the breach.

Checkpoint

Four candidates. Three threats. Make the production call.

Topic Rewind Recap

Lock in what you learned with a recap. Earn points and keep your streak.

Next steps

Data Poisoning

Discover how attackers corrupt the data AI systems rely on, from RAG pipelines to training sets.

What are modules?

A learning pathway is made up of modules, and a module is made of bite-sized rooms (think of a room like a mini security lab).

Hierarchical diagram showing how learning pathways contain modules, which contain individual rooms.