HackWithZach HACKWITHZACH™ Join the waitlist Enroll now
AI Security Foundations Course . HackWithZach

Defend any AI system. In 4 weeks.

Cybersecurity Education That Gets You Hired, Promoted and Paid.

A 4-week hands-on course that takes you through the 4 Pillars of AI Security framework. Build a defended RAG chatbot, a hardened AWS Bedrock deployment, a 2-agent system with human-in-the-loop controls, and a vibe-code audit pipeline. Every pillar gets a working portfolio project you can put on GitHub, your resume, and your next job conversation.

Join the waitlist Enroll for $97 → See the curriculum
Doors open Sunday, June 14, 12pm Eastern. 30 founder seats at $97.
30 founder seats. $97 today. Standard price $147 after the cap.
4
Pillars
4
Hands-on projects
1
AWS Bedrock build
$150K+
Career trajectory
The problem

Most engineers cannot answer the questions hiring managers ask about AI security.

AI is the most under-defended layer of the modern stack. Security teams know they need to cover it. Engineers building AI features know they need to secure their work. Both groups end up reading the same scattered OWASP posts, frontier-lab blog posts, and certification material that does not include real implementation.

You read about prompt injection.

But you have never written the prompt-fencing code or tested it against the OWASP attack catalog.

You know AI APIs cost money.

But you have never set per-key cost caps, anomaly alerts, or a daily budget ceiling on AWS Bedrock.

You know agents need guardrails.

But you have never built a human-in-the-loop gate or implemented memory validation on signed entries.

You use AI to write code.

But you have never run a full audit chain: secret scanning, static analysis, dependency vulns, dangerous-function linting.

The transformation

This is not another video course. It is a 4-week build that ends with portfolio proof.

Before the course

  • Hesitate when asked to threat-model an AI system
  • Know terms like prompt injection but cannot show defense code
  • No AWS Bedrock production experience to point at
  • No public GitHub artifact that proves AI security skill
  • Career stalled at "I know enough to be dangerous"

After the course

  • Walk any AI system through the 4 Pillars framework
  • Show 4 hardened projects with working code on GitHub
  • A Bedrock deployment with IAM scoping and cost caps
  • Speak fluently about agent guardrails, audit pipelines, and threat models
  • Portfolio that maps to senior engineer and architect roles paying $150K+
The method

Build it. Release it. Break it. Harden it.

Every pillar in this course follows the same four-step loop. You do not read about security. You run the loop on a real project, then again, then again, then again.

B
Build
Build the working system. The chatbot, the Bedrock deployment, the agent fleet, the audit pipeline. Make it function before you make it safe.
R
Release
Deploy it. Get it serving requests. Real systems are the only ones worth securing. Local-only experiments do not teach production.
B
Break
Attack your own work. Prompt-inject your chatbot. Cost-bomb your Bedrock deployment. Drift your agent. Pen-test before the attacker does.
H
Harden
Apply the defenses. Fence inputs, scope IAM, sign memory, audit the code. Then publish the work as a portfolio artifact.
The curriculum

Four pillars. Four weeks. Four projects you actually build.

Every pillar gets one week of focused work: 3 to 5 short video lessons, a step-by-step checklist guide, and one hands-on project that ends with a working artifact in the GitHub repo.

Week 1
01
LLM Security

Defend the model itself.

Project: Prompt-injection-defended RAG chatbot

The four threats inside Pillar 1: prompt injection, data leakage, training data poisoning, hallucinations. You build a small Python chatbot that retrieves from a vector store, fences user input and retrieved content as untrusted, filters output for PII and secrets, and seeds canary tokens to detect leaks.

Outcome: a working defended chatbot in your GitHub repo, with the OWASP LLM Top 10 prompt injection test cases passing.

Week 2
02
AI APIs

Harden the deployment layer. AWS Bedrock

Project: Bedrock-deployed Claude with full deployment-layer hardening

The four threats inside Pillar 2: API misuse, runaway costs, non-deterministic actions, insecure defaults. You provision Bedrock with Terraform, scope a least-privilege IAM role, set per-key request and token caps, enforce a daily cost ceiling, wire CloudTrail logging, and validate every output against a strict schema.

Outcome: a production-grade Bedrock deployment in IaC that translates directly to enterprise interviews. AWS hands-on experience that hiring managers verify.

Week 3
03
Agentic AI

Control agents with tools and memory.

Project: 2-agent system with allowlisting, memory validation, human-in-the-loop

The four threats inside Pillar 3: tool misuse, memory poisoning, cascading hallucinations, privilege compromise. You build a small orchestrator running two cooperating agents (researcher and communicator) with tool allowlisting, signed memory entries, human approval gates on destructive actions, loop depth caps, and a kill switch.

Outcome: a multi-agent system that demonstrates the discipline most production agent code lacks.

Week 4
04
Vibe Coding

Audit AI-generated code before it ruins your day.

Project: AI-generated code audit pipeline

The four threats inside Pillar 4: insecure code generation, hardcoded secrets, dangerous functions, architectural blind spots. You build an audit chain that runs secret scanning, static analysis, dependency vulnerability scanning, dangerous-function detection, and an architectural review checklist on any AI-generated codebase.

Outcome: an audit pipeline you run on every AI-generated commit. The kind of artifact that gets you the architect interview.

What is included

Everything you need to complete the 4 projects.

01 . Curriculum

4 modules . 1 per pillar

Self-paced video lessons covering the threat, the defense, and the build, for each pillar.

02 . Videos

16 to 20 short video lessons

3 to 5 short videos per pillar. Filmora-recorded screen walks of the actual build. No fluff, no padding.

03 . Projects

4 working projects on GitHub

Starter code, reference solution, and student fork pattern. Apache 2.0 licensed so you can use them in your portfolio.

04 . Checklists

4 audit checklists

One step-by-step audit checklist per pillar. Print them, walk them, apply them to systems you work on.

05 . AWS Bedrock

A real AWS production build

Pillar 2 puts you inside the AWS console doing IAM, CloudTrail, Terraform, and Bedrock the right way. Resume-grade experience.

06 . PDF

The 4 Pillars annotated edition

The Free Training PDF expanded with founder-only annotations and an extra section on career framing.

07 . Community

30 days of direct access

Ask questions, share progress. Zach is active for the first 30 days post-purchase.

08 . Career

Resume + interview module

How to put your 4 projects on your resume, how to talk about them in interviews, what hiring managers look for.

09 . Lifetime

Lifetime access

Course materials, recordings, repo, and future updates. No subscription, no expiration.

Is this for you?

Honest fit check before you spend $97.

This is for you if

  • You already write code. Python or similar.
  • You have some cloud experience (AWS, GCP, Azure, anything).
  • You want to specialize in AI security.
  • You want portfolio projects you can talk about in interviews.
  • You want a structured path, not scattered tutorials.
  • You will actually do the projects, not just watch videos.

This is not for you if

  • You are completely new to IT or coding.
  • You want a survey course with no implementation.
  • You want a guarantee of employment or specific salary.
  • You are unwilling to troubleshoot when AWS or pip breaks.
  • You only want certificates, not real proof of skill.
  • You will not put $5 to $30 into AWS and API calls to complete the projects.
Career trajectory

Cloud + AI + API security is the highest-leverage specialty in 2026.

The trifecta of cloud, AI, and API security taught together does not exist as a single track at any major training provider. The person who can speak fluently to all three is rare and well-paid. Typical salary bands in the US market:

Early AI Security Engineer
0 to 2 years
$90K - $130K
AI / Cloud Security Engineer
2 to 4 years
$130K - $170K
Senior AI Security Engineer
4 to 7 years
$170K - $230K
AI Security Architect
7+ years
$220K - $320K+

Source: 2026 salary ranges from publicly posted job listings and industry surveys. Salary not guaranteed by this course. Salaries vary by region, employer, and individual negotiation.

Founder pricing

Join the AI Security Foundations Course.

$97 $147
Founder price . First 30 buyers . Save $50
Doors open Sunday, June 14
12:00 PM Eastern . Waitlist gets first access
30 founder seats
Founder price closes June 20 at midnight Eastern or when seats sell out
  • 4 modules, one per AI security pillar
  • 16 to 20 short video lessons
  • 4 hands-on projects on GitHub (Apache 2.0 licensed)
  • AWS Bedrock production deployment included (Pillar 2)
  • 4 audit checklists, one per pillar
  • The 4 Pillars annotated PDF (founder edition)
  • 30 days of direct community access
  • Resume and interview career module
  • Lifetime access to materials and updates
  • 14-day no-questions-asked refund

Waitlist members get the founder price 24 hours before public.

Enroll for $97 →

Secure checkout via Stripe. 14-day refund guarantee. Lifetime access.

FAQ

Frequently asked questions.

How much time will this take per week?

Plan on 5 to 8 hours per week for 4 weeks. Each pillar has 3 to 5 short video lessons (about 1 to 2 hours) plus the hands-on project (3 to 6 hours). Self-paced, so you can compress or stretch as needed.

Do I need an AWS account?

Yes, for Pillar 2 (the Bedrock project). New AWS accounts are free to create. Plan on $5 to $15 in Bedrock and adjacent service costs across the project with disciplined Terraform teardown.

What about API costs for the other pillars?

Pillar 1 (RAG chatbot) needs $5 to $10 in OpenAI or Anthropic API calls. Pillar 3 (agents) is $0 to $5. Pillar 4 (code audit) is $0. Total course infra cost: $10 to $30.

Can I do this with a full-time job?

Yes. The course is designed for working engineers. Self-paced with lifetime access. Most students complete in 4 to 8 weeks.

Will this get me a job?

The course is designed to make you a stronger candidate. It cannot guarantee employment. What it can do: give you 4 portfolio projects, 4 working systems on GitHub, and the technical vocabulary to interview confidently for AI security roles.

What is the refund policy?

14 days, no questions asked. If the course is not what you expected, email zach@hackwithzach.com within 14 days of purchase for a full refund.

What happens after the 30 founder seats sell?

The price moves to $147 for the next cohort. The founder price does not return. If you want the $97 price, the waitlist is the path.

Who is this taught by?

Zach Marcy. 10+ years in cybersecurity, focused on cloud, API, and AI security. Career-switcher turned security architect. Every lesson comes from systems he has defended in production.

Defend any AI system.

Four pillars. Four weeks. Four projects that prove what you know. Lifetime access. $97 founder pricing for the first 30.

Join the waitlist Enroll for $97