Do I need a security background?

Yes. This sprint is designed for practitioners with at least 3–5 years in security engineering, security architecture, or vulnerability management. You'll be running live labs and redesigning real systems from Week 1.

How is this different from AI Red Teaming?

AI Red Teaming is about securing the AI products you ship — finding vulnerabilities in LLMs, RAG pipelines, and agentic systems before attackers do. Autonomous Attacker Defense is about securing your entire infrastructure from AI-powered attackers — your code, cloud, IAM, legacy systems, and supply chain. Different buyer, different threat model, different skill set.

What tools will I use?

Garak, PyRIT, Caldera, and open-source equivalents of frontier offensive AI capability. All tools are open-source — no paid licenses required. A sandbox environment is provided for lab weeks.

Is this relevant outside critical infrastructure?

Yes. Autonomous attackers target any organization with valuable code, credentials, or data. Critical infra orgs are highest-priority targets, but the defensive capability built in this sprint is universally applicable.

How much time per week?

Plan for 12–15 hours: three live sessions (Sunday 4hrs, Wed 1hr, Thu 2hrs) plus 5–7 hours of lab work and deliverable construction each week.

Are sessions recorded?

Yes. All sessions are recorded and available within 24 hours. We strongly recommend attending live — the war games and tabletop exercises in Weeks 3–5 require real-time interaction to get full value.

What is the refund policy?

Full refund within 7 days of cohort start — no questions asked.

Will I get a certificate?

Yes. Students who complete all sessions and submit the capstone defense playbook receive a Dexity Certificate of Completion, shareable on LinkedIn.

Free Live Kickoff

Find Your Zero-Days Before an Autonomous Attacker Does

Join Nahid Farady, PhD (Principal Tech Lead, AI Security & Privacy · Microsoft) for a free live session.

📅 May 3, 2026⏰ 5:30 PM PDT⏱ 60 minutes🆓 Free to Join

Nahid Farady, PhD

Principal Tech Lead, AI Security & Privacy · Microsoft

⭐ 4.9 / 5

Find your zero-days before an autonomous attacker does.

Mythos found a 17-year-old FreeBSD flaw and built a working exploit in hours. It surfaced 2,000+ unknown vulnerabilities in seven weeks. Your traditional vuln management cycle measures itself in months. The math doesn't work anymore. This sprint is for security leaders whose defensive cycle has to compress — fast — to match an attacker that operates at machine speed, never tires, and chains exploits autonomously. In 6 weeks, you'll build the defensive capability that doesn't exist as a discipline yet: running offensive AI against your own code and infrastructure before adversaries do.

6 WeeksLive instruction

3 ProjectsReal deliverables

30 SeatsPer cohort, capped

What You'll Learn

🎯

AI-Attacker Threat Model

Map the autonomous-attacker lifecycle against your environment. Identify which assets, legacy systems, and third-party paths compress hardest under machine-speed attack. The reusable starting document for every Mythos-era security review.

🔍

Defensive AI for Your Codebase

Run offensive AI tools against your own code, dependencies, and infrastructure. Build a continuous self-attack pipeline. Discover your zero-days before adversaries get the same tools.

⏱

Compressed-Cycle Vulnerability Management

Redesign vuln management for a disclosure-to-exploit window measured in hours. Patch pipeline automation, virtual patching for unpatchable critical infra, SBOM hygiene, and dependency monitoring.

🚨

Machine-Speed Detection and Response

Behavioral detection for novel exploits, AI-augmented log triage, pre-authorized automated containment, and IR playbooks tabletoped against simulated AI-attacker scenarios.

Who Is This For?

This sprint is designed for:

🛡️

Security Architects and Leads at Critical Infra Orgs

Energy, utilities, manufacturing, water, transportation, finance — sectors with significant operational technology exposure where CISA has explicitly flagged the AI-attacker risk as material.

🎯

Vulnerability Management Leads

Who own SLAs designed for a 30/60/90-day patch cycle now sized against a threat that compresses to hours. This sprint rewrites the job description.

📋

Security Engineering Leads / Deputy CISOs

Who need to brief their CISO and board on what they're doing about autonomous attackers and don't currently have a defensible answer. Leave with a board-ready plan, not a vendor RFP.

Sprint Outline

6 weeks · 3 sessions per week

Projects You'll Ship

Leave with real work to show, not just a certificate.

AI-Attacker Threat Model + Defensive Stack Audit

Your full environment mapped against autonomous-attacker TTPs, with a prioritized list of structural gaps. Becomes the standard input to every security review your org runs going forward.

Defensive AI Pipeline (Self-Attack Loop)

Open-source offensive AI tools running continuously against your own code and dependencies, integrated into CI/CD, with findings triaged and routed. A working self-attack pipeline you keep running after the cohort.

Mythos-Era Defense Playbook

Vuln management SLA redesigned for hours. Machine-speed detection rules deployed. IR playbook tabletoped against a simulated AI attacker. A board-ready, defensible answer to 'what is our plan against autonomous adversaries.'

Your Instructors

Nahid Farady, PhD

Principal Tech Lead, AI Security & Privacy · Microsoft

⭐ 4.9 / 5

Nahid leads AI security, privacy, and responsible AI engineering at Microsoft Copilot, with prior roles at Google Cloud and Capital One CyberML. She holds a PhD from Virginia Tech and brings 10+ years of applied experience in cybersecurity, threat modeling, and ML deployment at scale. She also teaches AI and security as adjunct faculty at UC Berkeley.

What Students Say

⭐⭐⭐⭐⭐

"Week 2's self-attack pipeline is now running in our CI/CD permanently. We found three dependency vulnerabilities in the first month that our traditional scanner missed entirely."

Marcus Chen

Security Architect · JPMorgan Chase

⭐⭐⭐⭐⭐

"The board presentation from Week 6 is the first time our CISO felt we had a real answer to the autonomous attacker question. We walked out with budget approved."

Sarah Okafor

Deputy CISO · Constellation Energy

⭐⭐⭐⭐⭐

"The tabletop in Week 5 against a simulated AI attacker exposed three gaps in our IR playbook we had no idea existed. We've since closed all three."

Derek Walsh

Head of Vulnerability Management · Lockheed Martin

Sprint Schedule

All sessions are instructor-led and live. Recordings available within 24 hours.

SUNDAY

9:00 AM PDT

Live Class

Deep dive with live attack labs, war games, and threat modeling exercises. Offensive and defensive every week.

WEDNESDAY

6:00 PM PDT

Lab Session

Structured attack or defense lab with instructor guidance. Bring your environment, your findings, your blockers.

THURSDAY

6:00 PM PDT

Build & Ship

Build and pressure-test your weekly deliverable. Peer review before submission.

Frequently Asked Questions

LIVE KICKOFF

Find Your Zero-Days Before an Autonomous Attacker Does

with Nahid Farady, PhD · Principal Tech Lead, AI Security & Privacy, Microsoft

📅 May 3, 2026

⏰ 5:30 PM PDT

⏱ 60 minutes

💻 Live on Zoom

What you'll walk away with:

✔Build a Mythos-era threat model for a provided environment — identify your highest-risk surface in the session

✔Run an open-source offensive AI tool against a live target and see what it finds in under 60 minutes

✔Score your current vuln management SLA against the machine-speed threat model — identify the structural gaps

✔Detailed preview of the 6-week sprint

🎁 Bonus for attendees:

Get "The Autonomous Attacker Defense Starter Kit"

Mythos-era threat model template + self-attack tool list + compressed-cycle vuln management SLA framework

Claim your free seat

Skills you can deploy on Monday morning.