Preface

I attended SANS SEC545S: GenAI and LLM Application Security training on December 15–18, 2025. The course is a three-day, intensive program designed to provide in-depth exposure to the security risks and mitigation strategies associated with GenAI and large language model (LLM) applications across their lifecycle, including core concepts such as model architectures, RAG, and securing vector databases and agents, supported by extensive hands-on labs.

While the training delivers a solid technical foundation and practical exercises, its emphasis on specific techniques means it offers limited coverage of higher-level threat modeling and architectural security design, and does not present a fully systematic, end-to-end security framework. To address these gaps and extend the value of the original material — within the constraints of copyright — I have augmented the core concepts with additional research and organized the content into the following minibook based on my interpretation.

On this mini-self-study-book

• Introduction: framing secure GenAI and ML
• 1. GenAI application taxonomy and architecture
• 2. GenAI vs traditional applications
• 3. Core GenAI programming logic and attack surface
• 4. GenAI attack techniques in context
• 5. GenAI / ML fundamentals for security engineers
• 6. Securing the GenAI application lifecycle
• 7. MLSecOps
• 8. Conclusion — principles and the road ahead
• 9. Secure GenAI / ML — executive summary
• 10. Appendix — additional resources