Red Blue Purple AI (Live, July 15 & 17)

Super‑charge your day‑to‑day security workflow with AI tactics.

Jason Haddix
CEO, Lead Instructor

$2,000 USD

Enroll

Bulk Purchases

Live Training and Q&A

Class Recordings Available Online

Class Time

Recommended Level

All Levels

Community Access

Course Last Updated

Super‑charge your day‑to‑day security workflow with AI tactics.

Course Schedule:

  • Day 1: July 15 - 10am-5pm MST
  • Day 2: July 17 - 10am-5pm MST

Red Blue Purple AI – Course Description

Over the past few years, I’ve had the privilege of straddling two passions: offensive security and generative AI. That obsession has snowballed into a series of talks, tools, and now—this course. Red Blue Purple AI is a deep-dive into using LLMs like GPT, Claude, and others to supercharge your work across all major domains of cybersecurity.

This course isn’t just theory. It’s built from real-world consulting, hands-on research, and daily workflows I use as a practitioner. We’ll walk through not just how LLMs think—but how to train, trick, and optimize them to perform at a high level. By the end, you’ll have the knowledge to build domain-specific, high-performance bots that augment your workflow or even act autonomously.

If you're a security practitioner (offensive, defensive, or hybrid) or a curious leader looking to infuse AI into your security program, this course is for you.

See you in Red Blue Purple AI.

Who This Is For

  • Security engineers, SOC analysts, red‑/blue‑/purple‑teamers who already know the fundamentals of their role but want to 10× their output
  • Solo consultants and small teams that need “force‑multipliers” without head‑count increases
  • Tech‑savvy CISOs & security managers evaluating AI adoption for their operations

What You’ll Learn

  • Model IQ: quick‑start on LLM architecture, fine‑tuning options, context windows, cost models
  • Prompt Engineering Patterns: reusable templates for creating bots and agents.
  • Bot Factory: hands‑on labs building GPTs and micro‑agents that tackle repetitive tasks.

v2.0 Syllabus:

AI History & LLMs for Power Users

  • The modern rise of AI: GPT-3 onward...
  • My own LLMs in action (e.g., Arcanum Cyber Security Bot, GPT Store bots)
  • Model evaluations: Claude, GPT, DeepSeek, Gemini, Llama 3, ++
  • My choices for security tasks, research, and user use cases
  • Privacy strategies: obfuscation, local-first, Azure OpenAI
  • LLM architecture basics: context windows, temperature, system prompts, RAG, Agents
  • MCP and MCP in Security
  • Chat interfaces vs APIs
  • Playgrounds for APIs
  • Cloud vs local models
  • Frontends: Ollama, LM Studio, OpenWebUI, Fabric, ++

Prompt Engineering:

  • Problem solving for humans
  • Single-shot vs multi-shot
  • Chain-of-thought prompting
  • Metadata seeding
  • “Weird machine” tricks
  • The Arcanum System Prompt Methodology
  • Automation of best in class prompting via Systembot

New ways to use LLMS:

  • NotebookLM
  • Browser "driving"
  • General agents
  • Streaming
  • AI aided development and best practices
  • Multiprompting
  • Automation frameworks

Breaking Down Security Programs

  • Mental modeling of Red, Blue, and Purple domains
  • Mapping day-to-day workflows to AI agents
  • Tools, pain points, and how AI fits into daily security tasks

Red AI (Offensive Security & AI)

Augmenting Recon, OSINT

  • Custom GPTs: Subdomain Doctor, Acquisition and Recon GTP
  • Phishing and pretexting with AI

Vuln Analysis and Exploitation (Web)

  • LLM-assisted AppSec testing questions
  • JavaScript Analysis
  • LLM assisted filter bypass
  • Web CVE Bot
  • Scaling automated scanners (Nuclei, Nessus)

Burp Suite

  • A compete overview of all new Burp Suite AI features and extensions

Vuln Analysis and Exploitation (Red Teaming)

  • Initial access payload modification with LLMs
  • Ducky Script
  • Extending your C2 and research capabilities with LLMs
  • MCPs for Red Teaming

Reverse Engineering

A overview of the current RE assist extensions and MCPs for:

  • Ghidra
  • IDA Pro
  • LLDB
  • RADARE
  • Binary Ninja

Automating Pentesting with AI

  • An overview of the open source space, research space, and startup space when it comes to automating hacking. With a breakdown of the most common architectures and technologies to achieve that goal.

Misc

  • CloudSec, Privilege Escalation, Reporting with AI, and more

Blue AI (Defensive Operations & AI)

SOC, DFIR, and Threat Hunting bots:

  • ELK Sec Bot
  • Splunk Bot
  • Suricata Bot
  • YARA
  • OSQuery
  • Wireshark
  • PolicyBot
  • IR playbook creation with Incident Responder Bot
  • Tabletop and exec briefing bots
  • STIX data transformation bot

The future of blue teaming - MCP SIEM

Vuln management:

  • Best practices
  • Augmenting with LLMs
  • Automation approaches

Purple AI (Training & Simulation)

Code Analysis

  • Semgrep Bot
  • Snyk Bot
  • CodeQL resources
  • VulnHunter

MITRE ATT&CK

LLM-generated tabletops and security training tools

LLMs as force multipliers in program maturity and paved road security documentation

LLM Assisted Threat Modeling

Silver AI (Leadership, Strategy & Management)

  • AI for CISO-level decision making
  • Bots for risk communication and planning
  • Automation of executive briefs and strategic alignment

Future Tech and AI Research Frontiers

  • AI agents and autonomous security tools
  • The edge of AI-driven vulnerability discovery
  • Preparing for AGI-level assistants and ethical dilemmas

Having dedicated years to the cybersecurity community, I've decided it's time to embark on a new journey—launching Arcanum Information Security, infused with a unique approach that sets us apart. At Arcanum, our mission is to make a tangible impact on the security community with world class, modern, and accessible training. In parallel to our training efforts, Arcanum aims to disrupt the consulting model with our unique consulting services.

Level up your security with Arcanum

We're trying to leave a tangible positive impact on cybersecurity through content, consulting, and training. Reach out to learn more!