New Section

AI Security

Comprehensive notes on securing AI systems — from prompt injection and adversarial attacks to LLM red-teaming and production guardrails. Essential reading for anyone building or deploying AI.

notes

The 3-Bucket Threat Model

Shadow AI, attacks on AI, and agentic tool-use attacks — the framework that organizes all of AI security.

Read notes
notes

Prompt Injection (Deep Dive)

Direct vs indirect injection, why agents make it 10× worse, and real production threat scenarios.

Read notes
notes

Jailbreaking vs Prompt Injection

Two different attacks on two different rule sets — model safety training vs app developer instructions.

Read notes
notes

Excessive Agency / Tool Abuse

Excessive functionality, permissions, and autonomy — why least privilege is the #1 agent design principle.

Read notes
notes

MCP Security

Tool poisoning, rug pulls, and confused deputy attacks — how the Model Context Protocol creates new threat surfaces.

Read notes
notes

Runtime Detection

The 4 detection points, the 5 detection techniques, and why detection is probabilistic not categorical.

Read notes
notes

Layered Defenses + Judge LLM

Heuristics → classifiers → LLM judges → behavioral monitoring → policy engine. Why systems hold through redundancy.

Read notes
notes

Encoder Fine-Tuning for Classification

How DeBERTa-style models become prompt injection classifiers — architecture, training loop, and the data problem.

Read notes
notes

Frameworks, Tools & Landscape

OWASP LLM Top 10 (2025), MITRE ATLAS, the 5 vendor pillars, and the 2024-25 acquisition wave.

Read notes
notes

Quick-Reference Cheat Sheet

One-liner definitions, the damage formula, 4 detection points, 5 techniques, key sentences to memorize.

Read notes

More topics coming soon — detailed notes from real-world AI security research and practice.

Nerchuko Academy · Free DS Interview Prep