Course 2A — Building AI Harnesses for Cybersecurity

Security
Harness Engineering

Course 1 taught you to build any harness. This course teaches what changes when the harness's job is to find real vulnerabilities, ship AppSec gates, audit cloud posture, and check smart contracts. The target is adversarial by design. Tool outputs may contain injected payloads. Verification means can I prove it to a client, a program, or a court. Four pillars. Fourteen modules. Two capstones. Twelve deep-dives. Four security domains.

~29
hours
14
modules
2
capstones
12
deep-dives
8

Eight assumptions from Course 1 invert when the domain is security. The target is adversarial. Tool outputs are untrusted. The loop runs until evidence is met, not until the task is done. The sandbox does not contain the agent — the agent reaches out through it to attack a target. This course is the engineering depth on what changes.

Course 1 assumptionCourse 2A reality
Target environment is cooperativeTarget is adversarial by design
Tool outputs are trustedTool outputs may contain injected payloads
Loop runs until task completeLoop runs until evidence threshold met or scope exhausted
Verification = did it work?Verification = can I prove it to a client, program, or court?
Memory persists your workMemory may accumulate noise and false positives
Context management = efficiencyContext management = evidence chain integrity
Sandbox contains the agentAgent reaches out through the sandbox to attack a target
One harness fits all tasksSecurity domains require domain-specific tool stacks
Pillar 0 — Security Harness Foundations
2 modules · ~2 hrs
Pillar 1 — Offensive Harnesses
4 modules · ~7 hrs
Pillar 2 — AppSec and SDLC Harnesses
3 modules · ~5 hrs
Pillar 3 — Cloud Security Harnesses
2 modules · ~3.5 hrs
Pillar 4 — Smart Contract Security Harnesses
2 modules · ~4 hrs
Capstones
2 capstones · ~3.5 hrs
Deep-Dives — 12 Security Harness Studies
12 studies · live
SDD-01
CAI — Cybersecurity AI
An end-to-end cybersecurity AI harness. Multi-tool reasoning across the offensive kill chain.
SDD-02
RedTeamLLM — Red Team Reasoning
LLM-driven red team planning and plan correction under adversarial conditions.
SDD-03
Bug Bounty Tool Stack
nmap, nuclei, httpx, ffuf, and friends — wrapped, orchestrated, and triaged as harness tools.
SDD-04
Prowler — Cloud Posture Scanning
AWS-centric multi-service security checks. The reference tool for cloud posture harnesses.
SDD-05
Scout Suite — Multi-Cloud Auditing
Unified posture view across AWS, Azure, GCP. How a multi-cloud inventory feeds a harness.
SDD-06
Cloud Attack-Path Analysis
Graph-based reasoning over IAM, network, and resource exposure to find exploitable chains.
SDD-07
Secure Code Review Stack
Semgrep, CodeQL, and AST tools layered with LLM semantic reasoning and false-positive triage.
SDD-08
Threat Modeling Stack
Architecture ingestion, STRIDE analysis, and mitigation generation as a harness pipeline.
SDD-09
Heimdallr — Smart Contract Decompiler
EVM bytecode decompilation and cascaded verification. The reference for audit harnesses.
SDD-10
EVMbench — Vulnerability Benchmark
117 vulnerabilities across 40 repos. The scoring layer for smart contract audit harnesses.
SDD-11
Purpose-Built DeFi AI
Domain-specific harnesses for DeFi: invariant extraction, economic-exploit detection, MEV reasoning.
SDD-12
InjecAgent — Prompt Injection Benchmark
Adversarial tool outputs as a first-class threat. The quality gate for every security harness.
SDD-13
tau — Minimalist Coding Agent Harness
The base harness for Course 2A: three-layer architecture, AgentTool design, scored 40/60. How a coding agent becomes a security agent.

Prerequisite: Course 1 — the Master Course (or equivalent production harness experience). All fourteen modules, both capstones, and all twelve deep-dives are live now. Each module ships the same eight-artifact stack: teaching document, diagrams (n8n workflows as the primary visual), slide deck, teaching script, flashcards, exam, lab specification, and web page. Every page is live on here.now for mobile review. Course 2B (breaking and hardening the harnesses themselves) is a separate future course — 2A must exist first, because the defensive decisions reveal the attack surface.