SecAppDev 2026 - AI / ML security

This training teaches engineers to use Claude Code with professional discipline: machine-readable requirements, secure coding prompts, and repeatable GitHub workflows. Participants learn to convert issues into structured plans, refine them before code generation, and enforce review gates for architecture, security, and quality. The course also covers repo governance files (CLAUDE.md, REQUIREMENTS.md, ARCHITECTURE.md, SECURITY.md) to constrain AI behavior and maintain traceability from requirements → plan → code → review.

Learning goal: Attendees will learn a disciplined workflow for using Claude Code professionally: defining machine-readable requirements, generating and reviewing implementation plans, enforcing architecture and security constraints, and producing AI-assisted code.

This workshop gives you hands-on experience with attacking large language models (LLMs) using a range of prompt-based strategies. You will actively explore how these attacks work in practice and what their impact is on real systems. The workshop also gives you insight into defensive techniques, and shows how architectural choices, testing approaches, and security observability can be used to strengthen applications built with generative models.

Learning goal: Practical strategies, best practices, and tools to improve the security posture of modern AI systems.

There's many known (and still being discovered) attack vectors against deep learning models. In this session, we'll walk through some of the history of adversarial ML and deep learning and find what's changed and what's stayed the same.

Key takeaway: AI/DL models are inherently nondeterministic and have other properties that allow for old, new and interesting attacks.

An introduction to the Model Context Protocol (MCP) and its security risks. Covers MCP architecture, threat models, and practical defenses to prevent prompt injection, tool abuse, and data leakage in AI tool integrations.

Key takeaway: Understand MCP risks and apply concrete controls to secure AI tool integrations and prevent prompt injection, tool abuse, and data exfiltration.

In this session, you'll dive into how this creates interesting vectors for privacy attacks on AI/ML systems. You'll also be introduced to what types of interventions might work to address such issues.

Key takeaway: Information exfiltration due to memorization is an interesting attack vector for today's AI/deep learning models.