セキュアコーディング分割

This enables junior developers to understand the entire development process from planning to code writing, deployment, and validation by using artificial intelligence as a development tool, allowing them to survive and thrive in the AI era by acquiring the full-spectrum capabilities needed.

Describes the need for LLM, its technical background, and basic concepts.

This course is a systematic learning process for prompt engineering, which is a core technology for effectively utilizing large language models (LLMs) or generative artificial intelligence. It covers a wide range of topics from basic theory to practical techniques, as well as the latest application cases and security/ethical issues, providing practical help to LLM-based service developers, data scientists, and AI planners alike.

Explains the basic principles of large language models like ChatGPT, focusing on theory.

Now is the era of development using AI. To create better, more accurate code and documents by better utilizing AI, methods are needed, so we propose suitable ones.

👨‍🍳 Like cooking code, neatly and deliciously! 『Clean Coding』 is a code cooking class for chef-like developers, where they joyfully learn clean coding through a cooking analogy. 🍽️

Problematization (문제화) is a term also translated as problem posing, problem framing, problem setting, or problem definition. This concept involves questioning known facts (like requests or common sense) from a new perspective, defining the problem, and devising methods to solve it. Problematization should be the starting point for all development, yet it remains insufficiently discussed within the field. Performing projects or developing programs is, in essence, planning to solve problems. This means they are related to problematization. To solve a problem, it must first be clearly defined. However, problems are mostly presented as vague requests. Therefore, the ability to transform vague requests into clear problems is essential to reduce unnecessary 'development waste,' facilitate smooth collaboration, and accurately grasp users' true needs. This lecture helps train 'the thinking of problem construction' through practical examples and tools.

What should be done when building a generative AI or LLM-based RAG (Retrieval-Augmented Generation) system, but the desired performance isn't achieved and there's no suitable solution? This lecture presents methods to improve RAG performance based on Cognitive Load theory. Through this lecture, you will understand the limitations of LLM context windows and learn how to effectively manage cognitive load in RAG systems. It is a practical-level theoretical lecture covering Chunk size and structure design, high-quality Chunk generation techniques, dynamic optimization, performance evaluation, and practical techniques.

You can learn the concepts and methods of 'service design' necessary when planning applications or web services based on LLMs, a type of generative artificial intelligence (generative AI).

"One name change, code transformed." "The key to readable code, 'naming for readability,' summarized from principles to examples." "Easy-to-read names begin collaboration."

You can quickly understand C language's basic concepts and grammar.

Describes in detail the various language models developed from the inception of Natural Language Processing technology to the process leading up to the latest LLM models.

We create an AI judge by combining CrewAI, facilitating LLM-based multi-agent technology, with knowledge graphs and inference systems.

We will examine methods for collecting and analyzing user requirements to plan LLM services.

We explore the limitations of LLMs, methods to overcome them, and the latest research topics.

Let's explore the types of applications or web services that can be built using LLMs.

Work training to check compliance with personal information-related laws and proactively prevent personal information leaks by analyzing personal information flow, including ISMS-P, ISO27701, and Privacy Impact Assessment. Work education for establishing a personal information management system.

Develop a system to submit annual activity performance including establishment of information security regulations and preparation of various activity evidence by applying domestic and international certification standards related to information protection management systems and internal/external audit criteria for Risk assessment standards for management and physical sectors of major information and communication infrastructure facilities revised in the second half of 2025. Establish activity plans for enhancing information security levels compared to last year in response to external environmental changes (AI, etc.), internal environmental changes (new systems and employee changes including external staff), and prepare for legal amendments and new evaluation indicators. In particular, objectively and thoroughly inspect various activities to strengthen accident prevention systems such as personal information leakage due to hacking, establish plans for central (headquarters) management and supervision of all departments and safe management and supervision of service companies, operate DevSecOps systems following the establishment of AI systems, operate PbD adequacy review systems, etc. Based on performing expanded monitoring areas, regular inspection report areas, external disclosure areas, data integration system inspections (API, MyData, etc.), establishment of network separation improvement plans according to N2SF, advancement of Zero Trust application, etc. *Possessing over 150 references for establishing and applying world's first highest-level information security and personal information protection activity and system enhancement plans

This lecture is designed to make personal information protection education interesting and ‘social engineering-based.’ Rather than covering the revisions to the Personal Information Protection Act, it focuses on real-life information protection threat cases and responses.

This is a theoretical/practical training course to prepare for the certification exam for those who dream of becoming an ISMS-P certification auditor in 2025. It is an extended version that includes general ISMS-P and financial ISMS-P.

KCA Information Security Risk Manager (ISRM) certification course! The cornerstone for acquiring the top 3 personal information protection certifications: CPPG, ISMS-P!

Repeatedly study the 100 most frequently appearing CPPG core topics through theory, mind maps, and problem solving.

This course systematically teaches practical Docker skills (installation→operation→automation→security) and comprehensively covers the latest security threats and countermeasures in each section. It features a hands-on approach where you learn by following along with practical exercises. This curriculum is highly recommended for DevOps engineers, infrastructure engineers, and security practitioners who want to experience the latest container/cloud environments in real-world scenarios.

Cyber security threats are increasing every year, stealing personal information and abusing privacy. This course covers security issues and security activities that employees must know and follow in their work and personal lives.