BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//pretalx//pretalx.com//bsides-cymru-2024//speaker//RB3ABT
BEGIN:VTIMEZONE
TZID:GMT
BEGIN:STANDARD
DTSTART:20001029T030000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10
TZNAME:GMT
TZOFFSETFROM:+0100
TZOFFSETTO:+0000
END:STANDARD
BEGIN:DAYLIGHT
DTSTART:20000326T020000
RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=3
TZNAME:BST
TZOFFSETFROM:+0000
TZOFFSETTO:+0100
END:DAYLIGHT
END:VTIMEZONE
BEGIN:VEVENT
UID:pretalx-bsides-cymru-2024-NTWYXY@pretalx.com
DTSTART;TZID=GMT:20240427T112500
DTEND;TZID=GMT:20240427T121000
DESCRIPTION:Both LLMs as application components and code generation has sec
 urity challenges. The goal of the talk is to demystify the complexities of
  securing applications.\nWe discuss AI security and software engineering c
 hallenges according to recent research.\nHighlighting three popular AI use
  cases: Code Completion\, Code Generation and Code Quality tools. We discu
 ss how they fit in modern development environments and CI/CD\, and what th
 eir implications are.\nWe seek to resolve conflicting interests of Product
  Management\, Security and Software Development.\nThe talk will build on w
 ell-known security knowledge\, extend it by looking at frameworks\, such a
 s MITRE ATLAS and OWASP Top 10 for LLMs.\nWith a quick intro to some of th
 e key attack techniques\, we look at where prevention should occur\, and h
 ow to prioritize defenses.\nThe presentation will have a demo including on
 e potential workflow.\nThe goal is to overcome the obstacles of securing s
 oftware by decomposing it. The typical challenges are: specialised tooling
 \, lots of moving parts\, unclarity of the components.\nWe discuss the app
 roaches to deal with securing software with high Go to Market pressure inc
 luding.
DTSTAMP:20260512T130046Z
LOCATION:Sophia Room - Track 2
SUMMARY:Practical security challenges posed by AI adoption: Code Quality an
 d Threat Modeling - Balazs Greksza
URL:https://pretalx.com/bsides-cymru-2024/talk/NTWYXY/
END:VEVENT
END:VCALENDAR