6.2. Securing AI Solutions

AI introduces attack surfaces that don't exist in traditional applications. Agents can be manipulated through their inputs (prompt injection). Models can leak training data through their outputs. Grounding data can expose sensitive information if access controls are insufficient. The architect must design defense-in-depth security that addresses these AI-specific threats while building on standard platform security.

The exam gives this area significant weight because security failures in AI solutions have outsized consequences — a compromised agent with access to customer data doesn't just expose one record, it can expose the entire knowledge base through a single conversation.

⚠️ Common Misconception: Agent security is fully handled by the platform's built-in security features. Architects must design additional security layers including data access controls, prompt injection defenses, model protection, secret management, and channel-specific security configurations.