O'Reilly Archive: Zero Trust for AI Systems

Level: Beginner. Theme: Securing modern environments.

This is the canonical archive of my O’Reilly live online course Zero Trust for AI Systems. O’Reilly retires public listings about a year after a course’s last delivery, so the description is preserved here.

As Agentic AI and Generative AI reshape how enterprises operate and make decisions, the need for a modernized security model has never been greater. This course teaches the principles, standards, and implementation strategies of Zero Trust architecture, rooted in the foundational “never trust, always verify” approach. Zero Trust must now do more than protect traditional assets. With the rise of autonomous agents and AI systems that can access sensitive data, act independently, and even influence security outcomes, the classic model has to evolve. The course explores how to extend Zero Trust to AI powered systems, address emerging risks, and embrace AI led security approaches that help organizations stay resilient in an increasingly AI driven world.

What you’ll learn

• Define roles and responsibilities for Zero Trust adoption
• Apply Zero Trust principles to secure systems powered by Generative AI and autonomous AI agents
• Identify and address security gaps introduced by AI integrated workflows
• Implement controls that protect people, devices, data, and the expanding surface of AI powered systems and agents

This course is for you if

• You want to design and implement a modern Zero Trust architecture that meets today’s security demands
• You’re a security or system architect focused on securely integrating Generative AI workflows including AI agents across the organization
• You’re exploring how Zero Trust must evolve to address the security challenges introduced by AI
• You’re driving the adoption of forward looking security practices and want to stay ahead of the AI driven threat landscape

Prerequisites

• Basic knowledge of computer security topics, including authentication, authorization, firewall, storage devices, cloud computing, and networking
• Basic familiarity with AI/ML systems and their integration

Schedule

Zero Trust Security Fundamentals (55 minutes). Origins of Zero Trust. Understanding the meaning of “never trust, always verify”. What isn’t Zero Trust (marketing buzzwords, approaches, and hacks). The role of key players, including governments, cloud providers, and standards and compliance bodies. The evolution of Zero Trust for AI systems, reinterpreting “never trust, always verify” for machine learning models, AI specific security challenges. Group discussion and Q&A.

Adapting Security for AI using Zero Trust (55 minutes). The evolution of Zero Trust for AI systems. Reinterpreting “never trust, always verify” for AI systems adoption. AI driven attacks and security challenges. Group discussion to identify potential AI related security vulnerabilities in common enterprise scenarios. Q&A.

AI Specific Frameworks and Standards for Zero Trust (55 minutes). Common Zero Trust frameworks (NIST, CISA, etc). AI specific security frameworks and guidance. MITRE ATLAS, OWASP Top 10 for LLMs. Exercise: identify key AI risks mapped to Zero Trust pillars (Identity, Device, Application, Data, Network). Q&A.

Using AI to Enhance Zero Trust (45 minutes). AI driven decision making for Zero Trust. Contextual decision making. Risk assessment and anomaly detection. Real time threat intelligence. Case study on AI use cases that enhance Zero Trust security. Q&A.

Future Directions (15 minutes). AI’s role in implementing and enhancing Zero Trust architectures. Resources for continued learning in AI security and Zero Trust. Final Q&A.