Cloudflare

Hands-On Lab

AI Security Bootcamp

Break it • Detect it • Mitigate it • Govern it

What You Are Given

KiwiCart AI Assistant

NZ e-commerce app + KiwiCart Ops MCP server

Cloudflare Account & Zone

WAF, Zero Trust org — you build from zero

Step-by-Step Guide

Screenshots, dashboard paths, validation & troubleshooting

Windows 11 Client

CF1 / WARP preinstalled

Ubuntu Server

Origin server

SAML IdP

Shared test identity provider

Architecture — Protecting AI Apps

You (attacker) Browser prompts M1 CLOUDFLARE EDGE WAF + AI Security for Apps Prompt Injection PII Detection Unsafe Topics Custom Topics M2 M3 monitor & mitigate KiwiCart AI Workers AI Llama 3.1 8B

Cloudflare sits inline between user and AI app — every prompt is scanned before reaching the LLM

Architecture — Governing AI & MCP

Win 11 + WARP CF1 Client enrolled M0 SAML IdP M0 identity CLOUDFLARE ONE Gateway + DLP Sanction Gemini · Redirect unsanctioned AI · Prompt inspection · Shadow AI M4 M0 Access + MCP Portal Identity auth · Sanctioned MCP path · 3-layer shadow block M5 M0 Gemini Sanctioned AI tool 🚫 ChatGPT etc. Redirected to Gemini KiwiCart MCP Via sanctioned portal Shadow path blocked

All employee traffic routes through Cloudflare One — AI tools governed, MCP access sanctioned, shadow paths blocked

Lab Modules

M0 •

Zero Trust Foundation

Configure SAML IdP, reusable Access policies, CF1 Client / WARP

M1 •

Explore & Attack

Send normal and adversarial prompts, confirm the app is vulnerable

M2 •

AI Security — Monitor

Enable AI Security for Apps, discover endpoints, inspect detections

M3 •

AI Security — Mitigate

Apply WAF rules, retest attacks, compare before/after

M4 •

Zero Trust AI Governance

Gateway AI controls, DLP prompt inspection, Shadow AI analytics

M5 •

Sanctioned MCP Portal

Configure MCP portal + Access policy. Block direct MCP via Gateway/DLP.

How to Validate Success

At Each Module Checkpoint

  •  Follow the "Expected Result" section in the guide
  •  Complete the "Validation" step before moving on
  •  Check the "Troubleshooting" section if something doesn't match

By End of Lab

  •  SAML IdP & WARP traffic through Gateway
  •  Detected and blocked risky AI traffic
  •  Governed workforce AI with Gateway + DLP
  •  Sanctioned MCP portal & blocked shadow MCP

Open the lab guide nowhttps://kiwistore-lab-guide.mythingy.io

Appendix

Important URLs

Lab Guide

https://kiwistore-lab-guide.mythingy.io/

Step-by-step guide for all modules (M0 – M5)

Redirect Worker

kiwi-redirect.jamal-workers.workers.dev

Redirects unsanctioned AI traffic to the sanctioned Generative AI tool

Direct MCP Server

kiwistore-mcp.mythingy.io

KiwiCart Ops MCP server — used in M5 for sanctioned portal setup

Stealth MCP Server

kiwistore-shadow.mythingy.io

Shadow MCP endpoint — used in M5 to test 3-layer Gateway defense