AI Security Learning Resources: Frameworks, Labs, and Podcasts
The intersection of artificial intelligence and cybersecurity is evolving at breakneck speed. Whether you are a seasoned security professional looking to understand AI threats or an ML engineer wanting to harden your models, having the right learning resources is essential. This guide covers the most authoritative reading materials, hands-on training environments, and audio resources available today.
Essential Reading and Guides
OWASP Top 10 Series
The Open Worldwide Application Security Project (OWASP) has become the de facto standard for security awareness. Their AI-focused resources are indispensable:
-
OWASP Machine Learning Top 10 — Covers the most critical security risks facing machine learning systems, from model poisoning to adversarial inputs. This is the starting point for anyone working with ML in production.
-
OWASP LLM Top 10 — Specifically targets risks in large language model applications, including prompt injection, insecure output handling, and training data poisoning. Essential reading if you build or deploy LLM-powered tools.
-
OWASP AI Security and Privacy Guide — A broader guide covering both security and privacy considerations across the AI lifecycle, from data collection to deployment.
-
OWASP Multi-Agentic System Threat Modeling — As AI agents become more prevalent, this guide addresses the unique threat landscape of multi-agent systems.
-
OWASP MCP Server Security CheatSheet — A practical guide for securely using third-party Model Context Protocol servers, covering authentication, authorization, and data handling.
Government and Standards Bodies
-
NIST AI Resource Center (AIRC) — The National Institute of Standards and Technology provides the Trustworthy and Responsible AI Resource Center, offering frameworks, guidelines, and measurement tools for AI risk management.
-
The MLSecOps Top 10 — Published by the Institute for Ethical AI & Machine Learning, this list focuses on the operational security challenges specific to ML systems in production.
Hands-On Labs and CTFs
Theory is important, but nothing beats hands-on practice. These deliberately vulnerable environments let you safely explore AI security concepts:
MCP-Specific Labs
| Lab | Focus Area | Difficulty |
|---|---|---|
| Damn Vulnerable MCP Server | MCP protocol vulnerabilities | Beginner |
| otto-support | Privilege escalation, tool misuse | Intermediate |
| vulnerable-mcp-servers-lab | MCP pentesting | Intermediate |
The otto-support lab from Bishop Fox is particularly noteworthy. It implements a vulnerable MCP server using mcp-go with tiered authentication across 4 roles, 19 tools, and a built-in sandboxed container with Claude Code. It is designed specifically for practicing privilege escalation and tool misuse scenarios.
LLM and Agent Labs
-
Damn Vulnerable LLM Agent — An intentionally vulnerable LLM agent for learning about prompt injection, tool misuse, and agent security. Ideal for understanding how agent-based architectures can be exploited.
-
AI GOAT — A deliberately vulnerable LLM application with 10 challenges covering the OWASP LLM Top 10 risks. Think of it as DVWA for AI applications.
-
OWASP WrongSecrets LLM Exercise — Part of the broader WrongSecrets project, this exercise focuses on LLM-specific secret management challenges.
-
FinBot Agentic AI CTF — An interactive CTF platform simulating real-world vulnerabilities in agentic AI systems using a financial services-focused application.
-
AI Red Teaming Playground Labs — Microsoft’s infrastructure for running AI red teaming trainings, complete with lab environments and exercises.
Podcasts
For staying current with the rapidly evolving AI security landscape, these podcasts are invaluable:
-
MLSecOps Podcast — Deep dives into the operational side of ML security, covering topics from model scanning to adversarial defense in production systems.
-
AI Security Podcast — Broad coverage of AI security topics including adversarial ML, LLM security, and emerging threats.
-
AI Security Ops — A weekly podcast from Black Hills Information Security exploring how AI transforms cybersecurity. Covers emerging threats, tools, and trends with practical, actionable knowledge.
-
GenAI Security Podcast — Focused specifically on generative AI security challenges, from prompt injection to deepfakes.
Building Your Learning Path
For those just starting in AI security, I recommend the following progression:
- Week 1-2: Read through the OWASP ML Top 10 and LLM Top 10 to understand the threat landscape
- Week 3-4: Set up a local lab using Damn Vulnerable MCP Server or AI GOAT
- Week 5-6: Work through the OWASP WrongSecrets LLM exercises
- Ongoing: Subscribe to 1-2 podcasts and follow the NIST AIRC for updates
Key Takeaways
- The AI security landscape has matured significantly with OWASP, NIST, and industry frameworks providing structured guidance
- Hands-on labs are essential for understanding how AI vulnerabilities manifest in real systems
- The shift toward agentic AI and MCP-based architectures introduces entirely new attack surfaces that traditional security training does not cover
- Staying current requires continuous learning through podcasts, community resources, and hands-on practice
The field is moving fast, but the resources above provide a solid foundation for understanding and defending against AI-specific threats. Whether you are building AI systems or securing them, these resources will help you stay ahead of the curve.