SecAppDev 2026 lecture details
How to (still) trick AI: Adversarial ML for Today
There's many known (and still being discovered) attack vectors against deep learning models. In this session, we'll walk through some of the history of adversarial ML and deep learning and find what's changed and what's stayed the same.
Schedule TBD
Abstract
There's many known (and still being discovered) attack vectors against deep learning models. In this session, we walk through some of the history of adversarial ML and deep learning and find what's changed and what's stayed the same. We will look at mixtures of research and actual real world attacks to get an idea for the attack vectors that matter and where to focus on in upcoming years.
Key takeaway
AI/DL models are inherently nondeterministic and have other properties that allow for old, new and interesting attacks.
Content level
Introductory
Target audience
People curious about how ML security has evolved and where it's going
Prerequisites
Some understanding of deep learning is useful but not necessary..
Join us for SecAppDev. You will not regret it!
Grab your seat now
Join us for SecAppDev. You will not regret it!
Grab your seat nowRelated lectures
Model Context Protocol (MCP) Security
Advanced lecture by Jim Manico
An introduction to the Model Context Protocol (MCP) and its security risks. Covers MCP architecture, threat models, and practical defenses to prevent prompt injection, tool abuse, and data leakage in AI tool integrations.
Key takeaway: Understand MCP risks and apply concrete controls to secure AI tool integrations and prevent prompt injection, tool abuse, and data exfiltration.
Privacy Attacks on Deep Learning Systems
Advanced lecture by Katharine Jarmul
In this session, you'll dive into how this creates interesting vectors for privacy attacks on AI/ML systems. You'll also be introduced to what types of interventions might work to address such issues.
Key takeaway: Information exfiltration due to memorization is an interesting attack vector for today's AI/deep learning models.
Security by default - A European perspective on cyber resilience
Deep-dive lecture by Freddy Dezeure in room Lemaire
A technical deep dive into how Microsoft implements security, resilience, and regulatory compliance at scale—mapping NIS2, DORA, and Secure‑by‑Default principles to concrete controls, engineering processes, and tenant‑level protections
Key takeaway: Learn how regulatory requirements become enforceable controls, measurable metrics, and practical Secure‑by‑Default engineering across cloud systems