Skip to content
All programs
AGT-07 governance

AI Agent Security

Prompt injection, MCP exfiltration, compromised agents. Red teaming, sandboxing, permissions, security hooks. What your CISO needs to know.

2 days (14 hours) CISO, CTO, DevSecOps, developers, security architects
Request the program

What you'll be able to do

Identify attack vectors specific to AI agents

Conduct agent red teaming: injection, exfiltration, escalation

Configure defenses: hooks, MCP sandboxing, permissions

Build an AI governance policy

Align with NIS2, OWASP LLM Top 10, ISO 42001

Program

Day 1 — Morning

Threats and attack vectors

  • OWASP Top 10 for LLM Applications (v2.0, 2025): critical risks
  • Direct and indirect prompt injection: live demos
  • MCP supply chain: malicious servers, data exfiltration, poisoned dependencies
  • Shadow AI: unapproved agents in the company
Day 1 — Afternoon

Agent red teaming

  • Workshop: attacking an agent via web content injection
  • Workshop: exfiltrating data via a trapped MCP server
  • Workshop: escalating an agent's permissions
  • Analysis: which defenses held, which failed
Day 2 — Morning

Defenses and secure architecture

  • Security hooks: validate every action
  • MCP sandboxing: allowlists, denylists, per-tool permissions
  • Granular per-agent and per-context permissions
  • Real-time monitoring: detect anomalies
Day 2 — Afternoon

Governance and compliance

  • NIS2 and AI agents: obligations
  • AI security policy: template
  • Agent and MCP server validation process
  • Response plan: what to do when an agent goes rogue

Practical info

Duration

2 days (14 hours)

Target audience

CISO, CTO, DevSecOps, developers, security architects

Prerequisites

Cybersecurity basics. AI agent understanding (AGT-01 or AGT-02 recommended)

Group size

4 to 10 people

Pedagogy

30% theory, 70% offensive and defensive workshops on sandbox environments. Each participant leaves with an AI security policy.

Trainer

A Pyrmetia co-founder — AI developer and cybersecurity expert.

Pricing

Open enrollment
€950 / person / day
In-company
€5,500 / group (4-10 pers.) / 2 days

Post-training support

Security support for 30 days
Templates: AI security policy, checklist, response plan
Monthly AI threat watch
Follow-up session at D+15 (1 hour)

Related programs

AGT-03

MCP, Skills & Hooks — Agent Infrastructure

The core system. Connect Claude to your APIs (MCP), teach it methodologies (Skills), automate guardrails (Hooks). Build a custom agent ecosystem.
AGT-05

Agent SDK — Deploy Autonomous Agents in Production

The Claude Agent SDK is the same engine as Claude Code. Python or TypeScript. Custom MCP tools, programmatic hooks, multi-agent orchestration. We deploy a real agent in production.
AGT-06 Deadline August 2026

AI Act & Autonomous Agents

The AI Act classifies autonomous AI agents as high-risk systems. Classification, obligations, documentation — and a workshop to build your compliance file. Deadline August 2026.

Request the full program

Bespoke program, tailored to your industry. First call is free.

Request the program

Voir cette page en français