Track 03

Applied AI Security Sessions

AI Security Engineering & Technical Practice Track

Focused one-hour technical sessions designed for cybersecurity professionals, DevSecOps teams, security engineers, AI developers, red teamers, and practitioners responsible for securing AI-enabled systems.

Overview

A focused series of one-hour technical sessions covering the practical security challenges associated with artificial intelligence, machine learning systems, generative AI applications, and large language models. The sessions help technical professionals understand how AI systems are attacked, how their risks differ from traditional application security, and how security controls can be integrated across development, deployment, testing, and incident response activities.

Focus Areas

  • Prompt Injection Attacks & Defenses
  • Secure RAG Architecture
  • AI Threat Modeling
  • AI Supply Chain Security
  • AI DevSecOps
  • AI Red Teaming & Security Testing

Applied AI Security Domains

The sessions address the security of AI applications across the full technical lifecycle—from training data, models, dependencies, and development pipelines to APIs, agent permissions, production monitoring, and incident response. Each session focuses on a specific technical risk or security practice that participants can relate directly to real AI-enabled systems and enterprise use cases.

Applied AI Security Ecosystem

Applied AI Security Sessions Ecosystem

Eight focused technical sessions covering the AI security lifecycle—from application architecture and prompt attacks to secure development, assurance, and incident response.

01 / 08
LLM SECURITY

Securing Generative AI and LLM Applications

Security Architecture, Attack Surface & Defensive Controls for Generative AI Applications

This session introduces the security architecture of generative AI and LLM applications, covering risks across prompts, models, APIs, data sources, plugins,…

02 / 08
LLM SECURITY

Prompt Injection Attacks and Defenses

Direct, Indirect & Agent-Based Prompt Injection Risks

This session examines how attackers manipulate AI applications through direct and indirect prompt injection, bypass system instructions, expose sensitive data,…

03 / 08
ARCHITECTURE

Secure RAG Architecture

Protecting Knowledge Sources, Vector Databases & Retrieval Pipelines

This session explores the security risks of Retrieval-Augmented Generation systems, including poisoned documents, unauthorized data retrieval, weak access…

04 / 08
THREAT & RISK

Threat Modeling for AI Systems

STRIDE, Trust Boundaries, OWASP LLM & MITRE ATLAS

This session shows how to identify and prioritize threats across AI applications using data-flow diagrams, trust boundaries, STRIDE, OWASP guidance, MITRE…

05 / 08
SUPPLY CHAIN

AI Supply Chain Security

Securing Models, Datasets, Dependencies & Third-Party AI Components

This session examines risks introduced by external models, datasets, open-source packages, model repositories, compromised dependencies, backdoored components,…

06 / 08
DEVSECOPS

AI DevSecOps and Secure Model Lifecycle

Embedding Security Across AI Development and Deployment Pipelines

This session covers how to integrate security controls into AI development, MLOps, and CI/CD pipelines through dependency analysis, model validation, artifact…

07 / 08
ASSURANCE

AI Red Teaming and Security Testing

Adversarial Testing, LLM Assessments & AI Security Validation

This session introduces practical methods for testing AI applications, including prompt attacks, API assessments, data-leakage testing, tool-abuse scenarios,…

08 / 08
INCIDENT RESPONSE

Incident Response for AI Security Breaches

Detection, Containment, Investigation, Recovery & Model Rollback

This session examines how organizations should respond to AI-specific incidents such as model poisoning, data exfiltration, compromised AI services, malicious…