AI Inherited Our Bad Security Habits
A free six-week bootcamp, and why I'm taking it myself
Why I’m Recommending a Free AI Security Bootcamp
AI has been trained on our bad security behaviors. Every shortcut, every unpatched dependency, every “we’ll fix it later” that made it into a codebase, some model somewhere learned it as normal. That’s the part most AI-security conversations skip. We keep asking how to secure AI systems as if the insecurity is new, when a lot of it is just our own habits, reflected back at scale.
Here’s the recursive problem. If we want AI to exercise good judgment about security, we need people who have good judgment about security first. You can’t hand off what you don’t have. Every guardrail, every review process, every “should this agent be allowed to do that” decision still runs through a human who has to actually know what they’re looking at. AI doesn’t dissolve that requirement. It raises the stakes on it.
Which is why I’m taking Manoj’s free six-week bootcamp on securing AI agents, and why I’m telling you about it here instead of just sharing the link.
I know Manoj, the person teaching this. We’ve worked in security together for ten years. He knows what he’s talking about.
The bootcamp’s structure is the argument made concrete. Six weeks, each one the same shape repeated: build something, attack it, defend it.
Week one, you build a single tool-calling agent, then hijack its goal with a direct prompt injection, then defend it with allow-listing and input separation. Week two, multi-agent systems, an injection that cascades from one agent to the next, defended with trust labeling between them. RAG and memory poisoning. Tool abuse escalating to a real CVE walkthrough. MCP supply chain risk. A final week of red-teaming your own system with Garak, DeepTeam, and PyRIT, then writing up what you found.
That repetition is the point. Security judgment isn’t a lecture you absorb once. It’s a pattern you rehearse until it becomes instinct: build, break, fix, build, break, fix. Six times, six different attack surfaces, so the instinct generalizes instead of staying tied to one scenario.
Which brings me back to where I started. AI didn’t invent insecurity, it inherited ours. The only way out of that loop is people who’ve actually built the judgment, not just the tooling. This bootcamp is one way to build it.
It’s free. It’s recorded if you can’t make it live. Everything, code, labs, material, goes up on GitHub. Sign-ups close 15 July, sessions start 1 August, Saturdays at 8am PDT.
The Inner Chamber

