A forward-looking primer on how AI models and systems work, the attacks that can disrupt them, and what security measures the industry uses to keep them safe.

Artificial intelligence now underpins everything from chatbots to national infrastructure, but with new capability comes new risk. Attacks like prompt injection, data poisoning, and model theft are already targeting the systems we rely on.

Practical AI Security is a comprehensive foundation to the field—a 0-to-60 guide to everything you need to know at the intersection of AI and cybersecurity. Drawing real-world experience securing deployed systems, Harriet Farlow demystifies how modern AI works, why it’s vulnerable, and how to protect it. You’ll learn how AI systems differ from machine learning models, why that matters for security, and how to defend both.

Through clear explanations, real-world examples, and over 30 hands-on Python demos, you will:

• Understand how different kinds of machine learning models—from computer vision and language models to signal models—are built and how their architectures create unique vulnerabilities
• Explore how these models are integrated into more autonomous, agentic AI systems, and why deployment introduces new weaknesses and risks
• Identify, exploit, and defend against dozens of weaknesses and attacks across the AI lifecycle, including data poisoning, model theft, and prompt injection
• Use industry frameworks such as OWASP and MITRE ATLAS to threat model different types of AI systems
• Design and execute AI-specific red teaming campaigns, and understand what makes them distinct from traditional security tests
• Examine how AI itself can be weaponized in cybersecurity, including cases where AI attacks other AI
• Build robust frameworks for AI risk management, assurance, and testing
• Bridge technical and policy perspectives to strengthen AI security culture across organizations

Covering fundamentals through to advanced topics—from adversarial machine learning and red teaming to risk management, governance, and AI safety—this book turns theory into skill. Even if you don’t think you’re technical now, you’ll finish with practical confidence and a security mindset.

Whether you use, build, deploy, or oversee AI, this isn’t niche knowledge—it’s the foundation for defending the technologies that will define the next era of human progress.

Break AI Systems. Then Secure Them.

If you’re a security practitioner learning to operate in AI environments, or an ML engineer who needs to understand what adversaries actually do, Practical AI Security gives you the technical foundation the field demands.

Built from first principles, this book takes you from how models fail to how they’re exploited to how they’re defended and audited. Every technique includes clear explanations and real-world examples, and you can run the attacks and defenses yourself with over 30 hands-on Python demos.

• Understand how different kinds of machine learning models create unique vulnerabilities, and explore how these models are integrated into more autonomous, agentic AI systems to introduce new weaknesses and risks.
• Identify, exploit, and defend against dozens of weaknesses and attacks across the AI life cycle, including data poisoning, model theft, and prompt injection.
• Evaluate AI systems for safety failures, bias, and alignment risks using structured benchmarking.
• Threat-model agentic systems, RAG pipelines, and multimodal architectures using MITRE ATLAS, OWASP, and the MAESTRO framework.
• Design and execute AI-specific red teaming campaigns, and understand what makes them distinct from traditional security tests.
• Conduct rapid risk audits and navigate AI governance frameworks for real deployments.

Whether you use, build, deploy, or oversee AI, this isn’t niche knowledge—it’s the foundation for defending the technologies that will define the next era of human progress.