Sec Guy

SecAI+ Domain 4.2: Compliance & Law

The Final Objective: Mastering the Law and Frameworks for global AI compliance. In the finale of our SecAI+ course, we cover Objective 4.3: Compliance and Frameworks. We break down the EU AI Act's risk-based approach, the four core functions of the NIST AI RMF, and the critical ISO standards (42001, 23894, 22989) you need for the exam. Plus, learn about Data Sovereignty and how the OECD Principles impact security architecture. 📝 Pass the Exam: Take the practice quiz and join the Discord study group at: secguy.org [http://secguy.org] 📍 Timestamps (Chapters): 00:00 – Introduction: The Law of AI 00:30 – The EU AI Act: Global Impact 00:44 – The 4 Levels of AI Risk & Regulation 01:43 – NIST AI Risk Management Framework (RMF) 02:13 – ISO 42001: AI Management Systems 02:29 – ISO 23894 & 22989: Risk & Terminology 02:58 – Data Sovereignty & GDPR 03:24 – Course Wrap-up: You're Ready! #EUAIAct #NIST #ISO42001 #SecAI #CyberSecurityLaw #SecGuy

SecAi+ Domain 4.1: AI CoE, Responsible AI, and AI RIsk

From the server room to the boardroom: Mastering AI GRC for the SecAI+ Exam. This episode covers Domain 4: AI Governance, Risk, and Compliance. We explore the AI Center of Excellence (CoE), identify the Builders, Defenders, and Watchers on an AI team, and deep-dive into the dangers of Shadow AI. Learn the essential Responsible AI Principles—Fairness, Transparency, and Accountability—needed to pass objective 4.1. 🎓 Join the Mission: Get free practice tests and the Python for Security module at: secguy.org [http://secguy.org] 📍 Timestamps (Chapters): 00:00 – Introduction to AI GRC (Domain 4) 00:28 – The AI Center of Excellence (CoE) 00:50 – Team Roles: Builders vs. Defenders 01:23 – Team Roles: The Watchers (Auditors & Analysts) 01:40 – Shadow AI vs. Shadow IT 02:17 – Beyond Data: Safety & Reputational Risk 02:35 – Responsible AI Principles: Fairness & Transparency 02:50 – Accountability = Human (Avoiding Bias) 03:13 – Coming Up: EU AI Act & Regulatory Frameworks #AI #Governance #SecAI #CompTIA #RiskManagement #SecGuy

SecAI+ Domain 3.3: The AI Analyst (Blue Team Tools, MCP & Co-Pilot)

We have seen the weapons (Video 10). Now, let’s look at the shields. Welcome to Domain 3: AI-Assisted Security. In this video (Objective 3.3), we switch to the Blue Team. We are breaking down the "AI Co-Pilot" stack, the new hardware you need to know for the exam, and the critical standard that connects AI to your internal data without causing a leak. In this video, we cover: The AI Co-Pilot: IDE vs. CLI Plugins (GitHub Copilot vs. Terminal Assistants). Critical Exam Term: Model Context Protocol (MCP)—The standard for connecting AI to secure internal servers. Analysis Tools: Vulnerability Analysis, Anomaly Detection, Summarization, and Real-Time Translation. Hardware: NVIDIA Jetson Nano Orin (Edge AI) and Vector Databases. Privacy: Using Ollama to run local LLMs and prevent data leaks. Timecodes: 0:00 - Intro: Switching to the Blue Team 0:25 - The AI Co-Pilot (IDE vs. CLI Plugins) 1:00 - CRITICAL TERM: Model Context Protocol (MCP) 1:30 - Analysis Tools: Vuln Scans & Translation 2:15 - Anomaly Detection & Vector Databases 2:38 - Edge AI Hardware: NVIDIA Jetson Nano Orin 3:02 - Threat Hunting with Neo4j Graph Database 3:22 - Privacy Tools: Ollama & Local LLMs 3:45 - What’s Next: Automation & SOAR (Video 12) 📚 Resources & Support 🎓 FREE Interactive Learning Tools Don't just watch—practice. Access our new browser-based tools to test your skills live. AI-Powered Exam Simulators: https://secguy.org/exam-simulators [https://secguy.org/exam-simulators] Python for Security Labs: https://secguy.org/python-practice [https://secguy.org/python-practice] Mock Interview Board: https://secguy.org/mock-interview [https://secguy.org/mock-interview] 💬 Join the Squad Connect with other industry veterans and students in our new dedicated study group. Official Discord: https://secguy.org/discord-chat [https://secguy.org/discord-chat] 📚 Download Course Materials Get the SecAI+ Cheat Sheet (including the MCP Architecture Diagram & Jetson specs) and full course slides directly from the academy. Access Here: https://secguy.org/courses [https://secguy.org/courses] #SecAI #CompTIA #BlueTeam #CyberDefense #MCP #ModelContextProtocol #Ollama #JetsonNano #CoPilot #Cybersecurity

SecAI+ Domain 3.1: The AI Analyst (Blue Team Tools, MCP & Co-Pilot)

🛡️ Domain 3: AI-Assisted Security (Objective 3.1) We’ve analyzed the weapons in Domain 2—now it’s time to deploy the shields. Welcome to the Blue Team. In this video, we break down the "AI Co-Pilot" stack and the defensive tools you need to master for the SecAI+ exam. From the hardware powering Edge AI to the critical protocols that secure internal data, this is your crash course in AI-assisted defense. 🚀 What We Cover in This Video: The AI Co-Pilot Stack: Understanding the difference between IDE plugins (GitHub Copilot) and CLI Terminal Assistants. CRITICAL Exam Concept: The Model Context Protocol (MCP)—the industry standard for connecting AI models to secure internal servers without risking data leaks. Defensive Analysis: leveraging AI for vulnerability scanning, anomaly detection, automated summarization, and real-time translation. Hardware & Architecture: A look at NVIDIA Jetson Nano Orin (Edge AI) and how Vector Databases power modern security tools. Threat Hunting: visualizing threats with Neo4j Graph Databases. Data Privacy: How to use Ollama to run local LLMs, ensuring your sensitive data never leaves the network. ⏱️ Timecodes 0:00 - Intro: Switching to the Blue Team 0:25 - The AI Co-Pilot (IDE vs. CLI Plugins) 1:00 - CRITICAL TERM: Model Context Protocol (MCP) 1:30 - Analysis Tools: Vuln Scans & Translation 2:15 - Anomaly Detection & Vector Databases 2:38 - Edge AI Hardware: NVIDIA Jetson Nano Orin 3:02 - Threat Hunting with Neo4j Graph Database 3:22 - Privacy Tools: Ollama & Local LLMs 3:45 - What’s Next: Automation & SOAR (Video 12) 📚 Resources & Support 🎓 FREE Interactive Learning Tools Don't just watch—practice. Access our new browser-based tools to test your skills live. AI-Powered Exam Simulators: https://secguy.org/exam-simulators [https://secguy.org/exam-simulators] Python for Security Labs: https://secguy.org/python-practice [https://secguy.org/python-practice] Mock Interview Board: https://secguy.org/mock-interview [https://secguy.org/mock-interview] 💬 Join the Squad Connect with other industry veterans and students in our new dedicated study group. Official Discord: https://secguy.org/discord-chat [https://secguy.org/discord-chat] 📚 Download Course Materials Get the SecAI+ Cheat Sheet (including the MCP Architecture Diagram & Jetson specs) and full course slides directly from the academy. Access Here: https://secguy.org/courses [https://secguy.org/courses] Next Up: Domain 3.3: The AI Automator (SOAR & Agents) #SecAI #CompTIA #BlueTeam #CyberDefense #MCP #ModelContextProtocol #Ollama #JetsonNano #CoPilot #Cybersecurity

Domain 3.2: The AI Offensive (Red Team, Deepfakes & Malware)

We have talked about how to hack an AI. Now, let’s talk about when the AI becomes the hacker. Welcome to Domain 3: AI-Assisted Security. In this video (Objective 3.2), we switch to the Red Team. We are breaking down exactly how attackers weaponize LLMs to scale social engineering, clone voices for "Vishing," and generate polymorphic malware that evades traditional antivirus. In this video, we cover: Identity Attacks: Deepfakes, Impersonation, and Social Engineering at Scale. Infrastructure Attacks: Automated Reconnaissance, Attack Vector Discovery, and AI-Enhanced DDoS. Payloads: Polymorphic Code, Obfuscation, and Adversarial Malware Generation. Hardware: Why GPUs are required for Password Cracking (PassGAN). Timecodes: 0:00 - Intro: The AI Offensive (Domain 3) 0:42 - Social Engineering & Personalized Phishing 1:05 - Voice Cloning & Vishing (The 3-Second Rule) 1:38 - Automated Recon & Attack Vector Discovery 2:05 - AI-Enhanced DDoS (Traffic Shaping) 2:28 - Writing Malware & Polymorphic Code (Obfuscation) 3:05 - Hardware: GPUs & Password Cracking (PassGAN) 3:35 - What’s Next: The Blue Team (Video 11) 📚 Resources & Support 🎓 FREE Interactive Learning Tools Don't just watch—practice. Access our new browser-based tools to test your skills live. AI-Powered Exam Simulators: https://secguy.org/exam-simulators [https://secguy.org/exam-simulators] Python for Security Labs: https://secguy.org/python-practice [https://secguy.org/python-practice] Mock Interview Board: https://secguy.org/mock-interview [https://secguy.org/mock-interview] 💬 Join the Squad Connect with other industry veterans and students in our new dedicated study group. Official Discord: https://secguy.org/discord-chat [https://secguy.org/discord-chat] 📚 Download Course Materials Get the SecAI+ Cheat Sheet (including the MCP Architecture Diagram & Jetson specs) and full course slides directly from the academy. Access Here: https://secguy.org/courses [https://secguy.org/courses] Next Video: Domain 3.1: The AI Analyst (Blue Team Defense) #SecAI #CompTIA #Cybersecurity #RedTeam #Deepfakes #Malware #EthicalHacking #PassGAN #AIsecurity