AI security is the practice of protecting systems that use machine learning models from misuse, manipulation, and failure — and protecting everyone else from what those systems do. That splits into two halves: securing the model and its pipeline (data, weights, infra) the way you'd secure any software, and securing against the model itself being tricked, since natural-language inputs are a much richer attack surface than a login form ever was. The field is young enough that its two major reference frameworks — NIST's AI Risk Management Framework and the OWASP Top 10 for LLM Applications — were both first published only in 2023, years after production LLM apps had already shipped.
The field borrows heavily from classic infosec — threat modeling, least privilege, defense in depth — but adds a new twist: the "input" an attacker controls is often a paragraph of English, not a byte string, and the "code" it can influence is a probability distribution, not a parser. Traditional security tools weren't built for that.