Enterprise AI Security: A Comprehensive 2-Day Workshop

This intensive 2-day workshop equips enterprise teams with the knowledge and hands-on skills to secure AI systems across the full stack — from RAG pipelines and AI agents to MCP tool integrations and production operations. Participants will work through a battle-tested six-layer security blueprint while building real defenses against the attacks that matter most: document poisoning, prompt injection, agent manipulation, tool abuse, and data exfiltration. Every concept is reinforced with hands-on labs where attendees first observe attacks succeeding on vulnerable systems, then implement and verify layered defenses. By the end, participants will have a concrete implementation roadmap and practical experience with the security controls needed to deploy AI responsibly at enterprise scale.

Duration: 2 days (6 hours per day, 12 hours total)

Lab Environment: GitHub Codespace with pre-configured Python, Node.js, and security tooling

Target Audience: Software engineers, security practitioners, DevOps/platform engineers, engineering managers, architects, and technical leaders responsible for building or governing AI systems. Content is primarily technical but structured so that leaders and decision-makers gain the strategic context needed to fund, prioritize, and oversee AI security initiatives.

Prerequisites:

Basic familiarity with Python (reading and running scripts)
General understanding of how LLMs and AI applications work
A laptop with a modern browser (Chrome recommended) and GitHub account
No prior AI security experience required

What Participants Will Learn:

How AI systems differ from traditional software from a security perspective
The OWASP Top 10 for LLM Applications (2025) and how each risk manifests in real systems
A six-layer enterprise AI security blueprint covering identity, data boundaries, prompt defenses, model governance, audit trails, and operational controls
How to detect and defend against document poisoning in RAG systems
How to build multi-agent systems with enterprise-grade budget enforcement
How to secure agents against goal hijacking, data exfiltration, and privilege escalation
How to implement authentication, authorization, and per-tool scopes for MCP servers
How to build defense-in-depth MCP security with rate limiting, input validation, and output sanitization
How to design PII tokenization and multi-tenant isolation pipelines
How to implement structured audit logging for compliance and incident response
How to build operational controls including kill switches and cost caps
How to create an implementation roadmap tailored to their organization's maturity

What Participants Will Take Away:

Hands-on experience with 16 security labs covering attack and defense scenarios
A reusable six-layer security blueprint framework
Code samples and patterns for every defense technique covered
An implementation roadmap with phased rollout guidance
A Monday-morning checklist for immediate action

About Brent Laster

Hi, I'm Brent Laster - a global trainer and book author, experienced corporate technology developer and leader, and founder and president of Tech Skills Transformations LLC. I've been working with and presenting at NFJS events for many years now and it is always exciting and interesting.

Through my decades in programming and management,I've always tried to make time to learn and develop both technical and leadership skills and share them with others Regardless of the topic or technology, my belief is that there is no substitute for the excitement and sense of potential that come from providing others with the knowledge they need to help them accomplish their goals.

In my spare time, I hang out with my wife Anne-Marie, 4 children and 2 small dogs in Cary, North Carolina where I design and conduct trainings and write books. You can find me on LinkedIn (linkedin.com/in/brentlaster), Twitter (@brentclaster) or through my company's website at www.getskillsnow.com.

More About Brent »