Exploring beyond the boundaries and developing unexpected information in places you did not know exist using techniques to simplify and direct your results is just the beginning of what this training will do for you. Open source intelligence is more than just an ability to use the Internet. Special databases and offline sources are among the many rich veins of information that go unknown and untapped by the financial industry, intelligence analysts, business researchers, law enforcement, investigators, security personnel, EP teams, legal professionals, pharmaceutical industry, software intel units, FIUs, and financial researchers. You will learn various essential investigative skills:
• The Thought Process that will change the way you obtain information and open your mind!
• How to Protect your Identity while searching and maneuver covertly!
• Direct your Searches to obtain results quickly for Best Due Diligence!
• Find unexpected items such as Confidential and Financial Information!
• Use Social Networks and Media as an Investigative Tool!
• How to dive deep for Business Information!
• Learn to KYC (Know Your Customer) and KYCC (Know your Customer’s Customer)!
• How to conduct Vulnerability Assessments using Open Sources!
• Learn proper Security of your network and computers!
The Open Source Intelligence Training will provide an education and information you will not be able to acquire anywhere else. The class is completely interactive keeping you busy every moment and enjoying the activities. You will conduct your Financial Fraud Investigations, Backgrounds, Due Diligence Investigations, Locates, Asset Investigations, Vulnerability Assessments, Brand Protection/IP Investigations, Risk Assessments, Corporate Investigations, and all searches more thoroughly once you have attended this Open Source Intelligence Training!
OUTLINE OF THE ‘OPEN SOURCE INTELLIGENCE TRAINING’ COURSE:
• Privacy and Security – Online Protection of your Identity, Activity, and Information
• Approaches to Searching: Basic and Advanced Search Techniques
• Deep Web Part 1 – International and US People Searches
• Deep Web Part 2 – International and US Public Records
• Deep Web Part 3 –Social Networks, Blogs, Forums and Social Media Search Tips
• Ways to Utilize Social Media in Your Investigations and Research
• US and International Business Search Engines, Information and Sites
• Specialized Sites
• Tools and Downloads
Day 1:
Instruction: Defending Against AI Attacks
• Attacks against model file injection, inference attacks, and LLM attacks. What attacks look like, how to detect them, and how to respond.
Instruction: Vulnerabilities in MLOps Platforms
• Overview of the attack surface of MLOps Platforms, types of vulnerabilities which have been found, how to exploit them, and how to find zero days
Lab: MLOops - Attacking MLOps Platforms
• Interact with a live MLops platform
• Exploit known vulnerabilities
• Post exploitation scenarios (upload models, poison data, etc.)
Instruction: Intro to Generative AI and LLM Attacks
• Overview of how Generative AI such as Large Language Models, GPT’s, and RAG’s work in practice.
• Deep dive into attacking LLMs via Prompt Injection, Jailbreaking
• Prompt Leaking, Indirect Prompt Injection, etc.
Lab: Capture the RAG
• Interact with live LLMs to get hands-on experience with prompt injection, jailbreaking, etc.
• Learn how to extract sensitive data from RAGs.
• Use attack tooling to automate attacks against LLMs.
Day 2
Instruction: Multimodal Machine Learning
• Overview of how multimodal systems operate, where and how they are vulnerable, and how to attack them.
Lab: Attacks on multimodal systems
• Check Cashing OCR attack
• Image Prompt Injection
Instruction: Advanced GenAI Attacks
• Deep dive into the more advanced and nuanced attacks against generative AI such as LLM function calling, passthrough prompts, brand misuse, and other malicious use cases.
Lab: Advanced GenAI Attacks
• LLM function calling
• Indirect Prompt Injection
• Malicious Use Cases (Malware/Reverse Shells/Backdoored Code)
• Passthrough Prompts
Instruction: Defending Against Large Language Models
• Overview of defensive techniques on how to mitigate, block, detect, and respond to large language model attacks.
Minimum Attendee Requirements:
• Trainees need their own laptop
• An intermediate familiarity with Python
• Outbound SSH access to HiddenLayer adversarial ML lab, hosted in AWS
• Previous experience with adversarial machine learning strongly recommended