O'Reilly Archive: Anatomy of a Cyberattack
Level: Beginner to Intermediate. Theme: Bots, identity attacks, and AI threats.
Unpack the anatomy of various cyberattacks, including online fraud and botnet activity, attacks on identities, and AI threats. Get an in depth understanding of attack types, detection strategies, and defense mechanisms, and be better equipped to protect your organization from these sophisticated threats.
Course outcomes
- Understand forms of online fraud and the role of botnets in facilitating these activities
- Uncover common tactics in identity attacks, such as phishing, credential stuffing, and token replay
- Learn the risks associated with large language models, including prompt injection and other emerging threats
- Discover the risks in the AI and ML supply chain
- Understand the proliferation and impact of deepfakes
What you’ll learn
- Detect and mitigate botnet activities to prevent online fraud
- Identify and counter identity attacks effectively
- Adopt strategies to mitigate risks associated with LLMs
- Recognize and respond to emerging threats such as deepfakes
- Understand and address risks in the AI and ML supply chain
This course is for you if
- You’re a CISO, director of information security, cybersecurity executive, SOC manager, or in a similar cybersecurity leadership role
- You want an in depth understanding of the most common cyberattacks
Schedule
Online fraud and bots (65 minutes). Definitions and types of online fraud. How botnets facilitate online fraud. Detection and mitigation strategies for botnet activities. Group discussion on bot related challenges (Twitter/X bot accounts, fraudulent accounts inflating MAU during peak season, etc). Q&A.
Identity attacks (55 minutes). Common tactics in identity attacks (phishing, credential stuffing, token replay, etc). Methods for detecting and preventing identity attacks. Group discussion: real world examples of identity theft and compromise. Q&A.
Attacks on artificial intelligence systems (60 minutes). Introduction to large language models. Prompt injection attacks on LLMs. OWASP Top 10 risks for LLMs. NIST and other frameworks for AI and LLM security. Proliferation and impact of deepfakes. Challenges and potential of artificial general intelligence. Group discussion on assessing risks in the AI and ML supply chain. Q&A.
Read next
-
Zero Trust for AI Agents at ATARC ZT4
Recap of my session at ATARC's Zero Trust Virtual Learning Exchange on extending Zero Trust principles to autonomous AI agents.
- Digital Identity
Entra Agent ID Across Clouds: Part 5, Anti-Patterns
Final article in the five-part series on running Microsoft Entra Agent ID against third-party clouds. Closes the loop with the variants and failure modes that consume the same operational budget as the federated pattern without delivering its security properties, and ends with the takeaways worth pinning to the team wiki.
- Digital Identity
Entra Agent ID Across Clouds: Part 4, FIC, Cross-Tenant, and OBO
Fourth article in the five-part series on running Microsoft Entra Agent ID against third-party clouds. Opens up the Federated Identity Credential as a first-class object: single-tenant, cross-tenant SaaS shape, and the orthogonal world of on-behalf-of (OBO) where the agent acts for a signed-in user.
Worth reading again?
Get the next one in your inbox.