SecAppDev 2025 lecture details
Navigating the Security Landscape of Modern AI
In this session, we will overview the general security landscape of AI technologies, including foundational machine learning, deep learning, and large language models.
Wednesday June 4th, 11:00 - 12:30
Room West Wing
Abstract
The fast-evolving ecosystem of AI-enabled applications has exposed a complex interplay of vulnerabilities, some stemming from intrinsic pitfalls of data-driven AI and others arising from its unsafe integration into real-world applications. The goal of the session is to raise awareness about the underlying principles and practical challenges of AI security and privacy, and the ongoing mitigation efforts by both academic and industry players.
Key takeaway
Integrating AI inevitably increases the threat landscape of a system. Understanding how AI can be exploited is key to developing effective mitigations
Content level
Deep-dive
Target audience
Industry practitioners, developers, security analysts, security managers, and policy makers
Prerequisites
None
Join us for SecAppDev. You will not regret it!
Grab your seat now
Vera Rimmer
Research expert, DistriNet, KU Leuven
Expertise: Computer security and privacy, applied machine learning and deep learning
Join us for SecAppDev. You will not regret it!
Grab your seat nowRelated lectures
My Name Is Not Cassandra: AppSec and "I Told You So"
Advanced lecture by Izar Tarandach in room Lemaire
Wednesday June 4th, 16:00 - 17:15
Lack of authority, an outsider's view of the development process and a faulty language of risk..Are security practitioners fated to point at risk and not be heard?
Key takeaway: "Raw" security can be fun, but does not lead to change. We must adapt our ways in order to impact the environment we want to protect.
The Bug Bounty Effect: From DevSecOops to Success!
Deep-dive lecture by Emil Vaagland in room Lemaire
Tuesday June 3th, 09:00 - 10:30
Discover how bug bounty programs outperforms traditional AppSec tools by uncovering more vulnerabilities at lower cost. We share real-world examples, strategies, and challenging takes on conventional security practices.
Key takeaway: Bug bounty programs are essential and should be the key ingredient in modern AppSec programs.
Get out of your Bubble: Collaborative Threat Modeling
Deep-dive lecture by Avi Douglen in room Lemaire
Tuesday June 3th, 16:00 - 17:30
Threat modeling by yourself is great - noone is there to tell you you're wrong. But if you want to discover nontrivial issues, the ones you'd not have on your checklist, you'll need to engage with others. But too often we chase them away.
Key takeaway: Threat modeling is not JUST a technical activity, and should intentionally leverage social techniques to maximize stakeholders participation.