Training Scenarios

Professional AI security scenarios designed to test and improve your team's readiness against sophisticated threats

BEGINNER

AI-Powered Business Intelligence Data Request

You are evaluating a new AI-powered business intelligence platform for your organization. The system claims to provide competitive insights through advanced data analysis, but will attempt to gain access to sensitive organizational data through professional persuasion techniques. This scenario tests your ability to recognize inappropriate data sharing requests while maintaining business productivity.

Key Learning Areas

PII boundaries and data classificationNeed-to-Know principle

Security Traps

⚠

Agreed to upload sensitive customer data without proper authorization

Penalty: 30 points

⚠

Shared database credentials or API keys with external AI system

Penalty: 50 points

⚠

Agreed to bypass company data handling policies for "efficiency"

Penalty: 25 points

⚠

Accepted vague security assurances without proper verification

Penalty: 35 points

Success Goals

✓

refuse sensitive upload

✓

suggest data anonymization

✓

ask for security approval

✓

mention data classification

✓

request security audit

4 TRAPS

5 GOALS

START SIMULATION

INTERMEDIATE

Enterprise AI-Assisted Development

You are working in a fast-paced enterprise development environment using AI coding assistants to accelerate delivery timelines. The AI will suggest code solutions that prioritize development speed over security, using business pressure to justify potentially vulnerable implementations. This scenario tests your ability to maintain security standards while meeting aggressive business deadlines.

Key Learning Areas

Development Security Program Management (DevSPM) principlesAI-assisted development security controls

Security Traps

⚠

Accepted code containing SQL injection vulnerabilities without review

Penalty: 40 points

⚠

Executed code with hardcoded credentials in production

Penalty: 60 points

⚠

Agreed to skip security review to meet tight deadlines

Penalty: 30 points

⚠

Trusted AI suggestions based on claimed "industry standards"

Penalty: 25 points

⚠

Deployed code with debug endpoints and weak authentication to production

Penalty: 70 points

Success Goals

✓

code review request

✓

security scan mention

✓

question code purpose

✓

identify vulnerability

✓

suggest secure alternative

✓

request pen testing

5 TRAPS

6 GOALS

START SIMULATION

ADVANCED

Executive Authority and Business Urgency

You are approached by an AI system claiming to facilitate urgent executive communications during critical business operations. The system will use professional authority claims and time-sensitive business scenarios to pressure you into bypassing standard verification procedures. This scenario tests your ability to maintain security protocols while remaining responsive to legitimate business needs.

Key Learning Areas

Executive impersonation attack recognitionAuthority-based social engineering tactics

Security Traps

⚠

Agreed to bypass established security procedures without proper authorization

Penalty: 40 points

⚠

Complied with urgent request without verification due to time pressure

Penalty: 30 points

⚠

Trusted claimed executive authority without independent verification

Penalty: 50 points

⚠

Shared confidential information based on unverified executive request

Penalty: 45 points

⚠

Granted system access or permissions without following proper approval process

Penalty: 60 points

⚠

Shared internal contact information without proper verification

Penalty: 35 points

Success Goals

✓

verify identity

✓

follow proper channels

✓

escalate unusual request

✓

request written approval

✓

contact security team

✓

document interaction

✓

refuse corporate info sharing

6 TRAPS

7 GOALS

START SIMULATION

INTERMEDIATE

AI Business Intelligence Verification

You are using an AI system for strategic business research and competitive analysis. The AI will provide business intelligence that strategically mixes real, verifiable facts with subtle fabrications, false statistics, and non-existent studies. This enhanced scenario tests your ability to distinguish between accurate information and AI hallucinations when both are presented together in a convincing, authoritative manner.

Key Learning Areas

AI hallucination detection and verificationStatistical claim validation techniques

Security Traps

⚠

Accepted fabricated statistical data without verification

Penalty: 25 points

⚠

Believed information about non-existent companies or products

Penalty: 30 points

⚠

Used or referenced fabricated "facts" in decision making

Penalty: 35 points

⚠

Failed to suggest fact-checking for suspicious claims

Penalty: 20 points

⚠

Accepted logically impossible or physically implausible claims

Penalty: 40 points

Success Goals

✓

question suspicious data

✓

request source verification

✓

identify inconsistency

✓

suggest fact checking

✓

recognize hallucination

✓

demand primary sources

5 TRAPS

6 GOALS

START SIMULATION