We may earn an affiliate commission when you visit our partners.
Ahmed M. Hamza
In this course you will learn how the security of web-based software, including deployed AI agents, can be compromised. Real-world attacks we study are conducted against a variety of web technologies and frameworks. In addition, we will introduce the topic of Adversarial Machine Learning (exploiting algorithms and learning techniques) in the Artificial Intelligence domain, including Language Models. We will review and study modern, cutting-edge research in this area.
Course assessments are through quizzes, hands-on exercises and an exam.
Read more
In this course you will learn how the security of web-based software, including deployed AI agents, can be compromised. Real-world attacks we study are conducted against a variety of web technologies and frameworks. In addition, we will introduce the topic of Adversarial Machine Learning (exploiting algorithms and learning techniques) in the Artificial Intelligence domain, including Language Models. We will review and study modern, cutting-edge research in this area.
Course assessments are through quizzes, hands-on exercises and an exam.
Read more
In this course you will learn how the security of web-based software, including deployed AI agents, can be compromised. Real-world attacks we study are conducted against a variety of web technologies and frameworks. In addition, we will introduce the topic of Adversarial Machine Learning (exploiting algorithms and learning techniques) in the Artificial Intelligence domain, including Language Models. We will review and study modern, cutting-edge research in this area.
Course assessments are through quizzes, hands-on exercises and an exam.
This course can be taken for academic credit as part of CU Boulder’s MS in Data Science or MS in Computer Science degrees offered on the Coursera platform. These fully accredited graduate degrees offer targeted courses, short 8-week sessions, and pay-as-you-go tuition. Admission is based on performance in three preliminary courses, not academic history. CU degrees on Coursera are ideal for recent graduates or working professionals. Learn more:
MS in Data Science: https://www.coursera.org/degrees/master-of-science-data-science-boulder
MS in Computer Science: https://coursera.org/degrees/ms-computer-science-boulder
Register for this course and see more details by visiting:
OpenCourser.com/course/7aog9u/security
Two deals to help you save
Save money when you learn. Here are two deals and offers that may be relevant to this course.
All coupon codes, vouchers, and discounts are applied automatically unless otherwise noted.
Valid until July 14
Coursera Plus Annual
Work toward what's next for your career with access to 10,000+ programs. Discover emerging skills and save.
Up to
40%
off
Get offer
Valid until August 30
Google AI App Builder
Learn how to use Gemini API and API Studio with a three-course series from Google DeepMind
Take
100%
off
Get offer
What's inside
Syllabus
Server Side Attacks
In this module, we introduce the protocols of the World Wide Web communication, history, and examine several important attack types targeting the server directly through vulnerabilities of web applications – including logic flaws not tied to a particular software weakness.
Read more
Syllabus
Server Side Attacks
In this module, we introduce the protocols of the World Wide Web communication, history, and examine several important attack types targeting the server directly through vulnerabilities of web applications – including logic flaws not tied to a particular software weakness.
Read more
Save this course
Create your own learning path.
Save this course to your list so you can find it easily later.
Save
Save
Activities
Coming soon
We're preparing activities for
Security & Ethical Hacking: Attacking Web and AI Systems.
These are activities you can do either before, during, or after a course.
Career center
Learners who complete Security & Ethical Hacking: Attacking Web and AI Systems will develop knowledge and skills
that may be useful to these careers:
Machine Learning Security Engineer
Machine Learning Security Engineer
A Machine Learning Security Engineer specializes in identifying, mitigating, and preventing security vulnerabilities within machine learning systems and models. This complex and rapidly evolving field requires a deep understanding of both cybersecurity and artificial intelligence. This course is an outstanding choice for an aspiring Machine Learning Security Engineer. It directly addresses adversarial machine learning principles, exploring how to exploit algorithms and learning techniques in the artificial intelligence domain, including language models. The curriculum specifically reviews and studies modern research in this area, offering insights into manipulating machine learning models. Modules on language model-based agentic systems and advanced topics in adversarial AI will provide hands-on experience and a deep dive into fundamental exploitation techniques against AI, crucial for building secure and resilient AI systems.
Artificial Intelligence Red Team Specialist
Artificial Intelligence Red Team Specialist
An Artificial Intelligence Red Team Specialist proactively simulates sophisticated cyberattacks specifically targeting AI systems, models, and their integrated applications to uncover hidden vulnerabilities. This role is at the forefront of AI security. This course directly aligns with the expertise required for an Artificial Intelligence Red Team Specialist. It focuses on "Attacking Web and AI Systems," providing extensive knowledge of how deployed AI agents can be compromised. The syllabus includes practical attacks on live, deployed language models with excessive agency in server environments, offering high-level exploitation primitives. Furthermore, the deep dive into adversarial machine learning, studying the manipulation of underlying models, is precisely the kind of advanced technique an AI Red Team Specialist employs. This specialized training will prepare you to identify and exploit unique risks in AI systems.
Penetration Tester
Penetration Tester
A Penetration Tester systematically simulates cyberattacks to identify vulnerabilities in computer systems, networks, and web applications. This hands-on role involves exploiting identified weaknesses to assess an organization's security posture. This course is exceptionally well-suited for aspiring Penetration Testers, as it directly teaches how the security of web-based software can be compromised. Learners will gain practical experience with real-world attacks against web technologies, covering server-side vulnerabilities and client-side web exploitation. Furthermore, understanding the unique risks of function-calling language models and adversarial machine learning techniques will be invaluable for testing modern AI-powered systems. This particular course provides the critical knowledge and practical skills needed to pinpoint and exploit security flaws, preparing you to excel as a Penetration Tester by mastering both traditional web exploitation and cutting-edge AI system attacks.
Research Scientist Artificial Intelligence Security
Research Scientist Artificial Intelligence Security
A Research Scientist Artificial Intelligence Security explores novel vulnerabilities, develops new defense mechanisms, and advances the understanding of security in AI and machine learning systems. This role often requires an advanced degree. This course is exceptionally well-suited for an aspiring Research Scientist Artificial Intelligence Security. It specifically reviews and studies modern, cutting-edge research in adversarial machine learning and exploiting algorithms. The 'Advanced Topics - Adversarial AI' module provides a deep dive into fundamental, algorithmic types of exploitation against AI systems through model manipulation. The course also examines language model-based agentic systems, including practicing attacks on live, deployed models. This direct exposure to research methodologies and advanced exploitation techniques against AI systems, along with the focus on web security for AI deployments, is critical for foundational research in this burgeoning field.
Ethical Hacker
Ethical Hacker
An Ethical Hacker legally attempts to penetrate computer systems, applications, and networks to identify and report security weaknesses before malicious actors can exploit them. Similar to a penetration tester, this role requires a deep understanding of attack methodologies. This course is an excellent fit for an aspiring Ethical Hacker, as its very name includes "Ethical Hacking" and "Attacking Web and AI Systems." Learners will gain hands-on experience with real-world attacks against a variety of web technologies and frameworks, covering server-side vulnerabilities and client-side web exploitation. Crucially, the course also introduces adversarial machine learning and the exploitation of language model-based agentic systems, equipping an Ethical Hacker with the skills to assess the security of cutting-edge AI deployments, making them proficient in a crucial and rapidly expanding domain of cybersecurity.
Application Security Engineer
Application Security Engineer
An Application Security Engineer focuses on embedding security into the entire software development life cycle, ensuring that applications are designed, developed, and deployed securely. This role is crucial for protecting web-based software from malicious attacks. This course is highly relevant for those pursuing a career as an Application Security Engineer, as it dives deep into understanding how web applications can be compromised. You will learn about server-side attacks, including logic flaws and vulnerabilities of web applications, as well as client-side web exploitation. This foundational knowledge is essential for designing robust defenses. The specialized modules on attacking deployed AI agents, language models, and adversarial machine learning will further equip you to secure modern applications integrating artificial intelligence, providing a unique advantage in protecting complex, cutting-edge systems.
Vulnerability Researcher
Vulnerability Researcher
A Vulnerability Researcher identifies, analyzes, and documents security weaknesses in software, hardware, and systems, often discovering zero-day exploits. This role involves deep dives into technical specifics and understanding how various technologies can be compromised. This course is highly relevant for a future Vulnerability Researcher, as it teaches how the security of web-based software, including deployed AI agents, can be compromised. You will study real-world attacks conducted against a variety of web technologies and frameworks, covering server-side attacks, client-side web exploitation, and even logic flaws not tied to particular software weaknesses. The introduction to adversarial machine learning and the review of modern, cutting-edge research in exploiting AI systems provide a unique edge in discovering novel vulnerabilities in emerging technologies, making this course invaluable for a researcher.
Security Engineer
Security Engineer
A Security Engineer designs, builds, and maintains secure systems and infrastructure, implementing robust defenses against a wide range of cyber threats. This foundational cybersecurity role requires a comprehensive understanding of attack vectors. This course helps build a foundation for a Security Engineer by providing a deep understanding of how systems are attacked. You will learn about the compromise of web-based software and deployed AI agents, studying real-world attacks against web technologies. Knowledge of server-side attacks, client-side exploitation, and the unique risks presented by language model-based agentic systems will be critical for designing resilient defenses. Furthermore, understanding adversarial machine learning will enable the Security Engineer to anticipate and protect against sophisticated attacks targeting AI systems, ensuring more comprehensive security solutions.
Security Architect
Security Architect
A Security Architect designs and oversees the implementation of an organization's security infrastructure, frameworks, and policies. This strategic role requires a holistic view of potential threats and robust defense strategies. This course may be useful for a Security Architect by offering a detailed understanding of advanced attack vectors against web and AI systems. By learning how web-based software, including deployed AI agents, can be compromised, a Security Architect can design more resilient and forward-thinking security architectures. The in-depth study of server-side attacks, client-side web exploitation, and the unique risks associated with language model-based agentic systems and adversarial machine learning provides critical knowledge for building comprehensive security frameworks that protect against both traditional and emerging threats in complex, modern environments.
Cybersecurity Consultant
Cybersecurity Consultant
A Cybersecurity Consultant advises organizations on various aspects of cybersecurity, including risk assessment, compliance, and implementing security solutions. This role requires broad expertise in current threats and mitigation strategies. This course may be useful for a Cybersecurity Consultant by equipping them with highly specialized knowledge in critical, fast-evolving areas of attack. Understanding how web-based software, including deployed AI agents, can be compromised through real-world attacks provides practical expertise. The detailed study of server-side attacks, client-side web exploitation, and particularly adversarial machine learning and language model-based agentic systems allows a Cybersecurity Consultant to offer cutting-edge advice on securing modern digital infrastructures. This specialized insight into advanced threats enables offering targeted and effective recommendations to clients navigating complex web and AI security challenges.
Cloud Security Engineer
Cloud Security Engineer
A Cloud Security Engineer is responsible for securing cloud environments, ensuring data integrity, confidentiality, and availability within cloud-based infrastructure and applications. Many web and AI systems operate in the cloud. This course may be useful for a Cloud Security Engineer by providing detailed insights into the attack surfaces common in cloud deployments. You will learn about server-side attacks and client-side web exploitation, which are highly relevant given the prevalence of web applications hosted in the cloud. The course's focus on attacking deployed AI agents and language models also directly applies, as these systems are increasingly cloud-native. Understanding how these components can be compromised will enable a Cloud Security Engineer to implement more effective security controls and monitor for specific vulnerabilities within cloud service provider environments and custom cloud applications.
Incident Response Analyst
Incident Response Analyst
An Incident Response Analyst is on the front lines, detecting, analyzing, containing, and recovering from cyberattacks. Understanding the methodologies and vectors of various attacks is paramount for effective response. This course may be helpful for an Incident Response Analyst by providing a detailed understanding of how systems are compromised. Learning about server-side attacks, including logic flaws and web application vulnerabilities, and client-side web exploitation, will enable quicker identification of initial access methods. Furthermore, the course's unique focus on attacking deployed AI agents and adversarial machine learning provides crucial insight into less common, yet increasingly prevalent, attack techniques. This knowledge helps an Incident Response Analyst identify specific indicators of compromise related to AI systems and formulate appropriate containment and eradication strategies when such advanced threats materialize.
DevSecOps Engineer
DevSecOps Engineer
A DevSecOps Engineer integrates security practices into every phase of the software development and operations lifecycle, automating security controls and ensuring secure deployments. Understanding vulnerabilities is key for this preventive role. This course may be useful for a DevSecOps Engineer by providing a comprehensive understanding of how web-based software and deployed AI agents can be compromised. Knowledge of server-side attacks, client-side web exploitation, and the specific vulnerabilities of web technologies and frameworks will directly inform the implementation of secure coding practices and automated security testing. Furthermore, insights into language model-based agentic systems and adversarial machine learning techniques will enable the DevSecOps Engineer to build security pipelines that account for emerging threats in AI-driven applications, ensuring security is "shifted left" for these advanced systems.
Threat Hunter
Threat Hunter
A Threat Hunter proactively and iteratively searches through networks and systems to detect and isolate advanced threats that evade existing security solutions. This role requires a deep understanding of attacker tactics, techniques, and procedures. This course may be useful for a Threat Hunter by providing an in-depth perspective on attacker methodologies. By learning how the security of web-based software, including AI agents, can be compromised through real-world attacks, you gain insight into the specific behaviors and vulnerabilities attackers target. Understanding server-side attacks, client-side exploitation, and especially adversarial machine learning allows a Threat Hunter to anticipate sophisticated threats and craft effective queries and hypotheses for uncovering hidden malicious activity, going beyond automated alerts to find elusive and advanced persistent threats in both traditional web infrastructure and AI systems.
Security Operations Center Analyst
Security Operations Center Analyst
A Security Operations Center Analyst monitors, detects, and analyzes security events within an organization's networks and systems. While not actively attacking, a deep understanding of attack methods is vital for detection and initial triage. This course may be helpful for a Security Operations Center Analyst by providing critical insight into attacker tactics. Knowing how web-based software and deployed AI agents can be compromised through real-world attacks, including server-side and client-side exploitation, enables better detection of suspicious activity. Understanding the nuances of adversarial machine learning and attacks on language models helps an analyst recognize indicators of compromise specific to advanced AI threats, leading to more accurate threat identification and prioritization. This specialized knowledge enhances an analyst's ability to interpret security alerts and respond effectively to complex cyber incidents.
For more career information including salaries, visit:
OpenCourser.com/course/7aog9u/security
Reading list
We haven't picked any books for this reading list yet.
Save
Provides a practical guide to cryptography. It covers a wide range of topics, from basic cryptographic principles to advanced topics such as public key cryptography, digital signatures, and secure protocols. It is written by a renowned cryptography expert with over 30 years of experience.
Save
Provides a comprehensive overview of security engineering. It covers a wide range of topics, from basic security principles to advanced topics such as cryptography and network security. It is written by a renowned security expert with over 30 years of experience.
Provides a comprehensive overview of cybersecurity operations. It covers a wide range of topics, from basic security principles to advanced topics such as incident response, threat hunting, and security monitoring. It is written by a team of cybersecurity experts with over 20 years of experience.
Save
Provides a comprehensive overview of computer security. It covers a wide range of topics, from basic security principles to advanced topics such as cryptography and network security. It is written by a renowned cybersecurity expert with over 40 years of experience.
Provides a comprehensive overview of network security. It covers a wide range of topics, from basic security principles to advanced topics such as firewalls, intrusion detection systems, and virtual private networks. It is written by a renowned security expert with over 40 years of experience.
Provides a comprehensive guide to web application security. It covers a wide range of topics, from basic web application security principles to advanced exploitation techniques. It is written by two cybersecurity experts with over 15 years of experience.
Provides a comprehensive overview of cybersecurity, covering the threats, risks, and challenges facing governments and businesses. It is written by two former Secretaries of Homeland Security and provides insights from their experience in leading the nation's cybersecurity efforts.
Save
Provides a unique perspective on cybersecurity from the perspective of a former hacker. It covers a wide range of topics, from basic security principles to advanced topics such as social engineering, phishing, and malware. It is written by a renowned cybersecurity expert with over 30 years of experience.
Provides a practical guide to cybersecurity for businesses. It covers a wide range of topics, including risk assessment, threat intelligence, and incident response. It is written by a cybersecurity expert with over 15 years of experience.
Provides a practical guide to cybersecurity for beginners. It covers a wide range of topics, from basic cybersecurity principles to specific threats such as phishing and malware. It is written by a cybersecurity expert with over 10 years of experience.
A comprehensive guide to ethical hacking, covering advanced techniques and methodologies used by professional penetration testers.
A study guide for the Certified Ethical Hacker (CEH) certification, covering the exam objectives and providing practice questions.
A comprehensive guide to penetration testing, with a focus on practical techniques and real-world scenarios.
A practical guide to ethical hacking, focusing on the tools and techniques used by white hat hackers.
Save
A comprehensive textbook on security engineering, covering risk assessment, threat modeling, and secure design.
Save
A classic text on network security, covering vulnerabilities, exploits, and countermeasures.
Save
A comprehensive textbook on computer security, covering fundamental concepts, cryptography, and ethical hacking.
A guide to malware analysis, covering reverse engineering, dynamic analysis, and detection techniques.
A comprehensive guide to web application security, covering common vulnerabilities and how to exploit them.
An accessible and practical guide to ethical hacking, covering essential concepts, techniques, and tools.
For more information about how these books relate to this course, visit:
OpenCourser.com/course/7aog9u/security
Share
Similar courses
Similar courses are unavailable at this time. Please try again later.
Level
Advanced
Via
Coursera
Institution
University of Colorado Boulder
Instructor
Ahmed M. Hamza
Session
November 3, 2025
- December 8, 2025
Language
English
Our mission
OpenCourser helps millions of learners each year. People visit us to learn workspace skills, ace their exams, and nurture their curiosity.
Our extensive catalog contains over 50,000 courses and twice as many books. Browse by search, by topic, or even by career interests. We'll match you to the right resources quickly.
Find this site helpful? Tell a friend about us.
Affiliate disclosure
We're supported by our community of learners. When you purchase or subscribe to courses and programs or purchase books, we may earn a commission from our partners.
Your purchases help us maintain our catalog and keep our servers humming without ads.
Thank you for supporting OpenCourser.
© 2016 - 2025 OpenCourser