InfoSec Hamilton Monthly Meetup for December 2024

6:30 - doors open
7pm - AI Security and the OWASP Top Ten for LLM w/ Danny Vacar
7:45 - intermission
8pm - continue talk / social time
9pm - wrap up

Session description:
The Open Worldwide Application Security Project (OWASP) is traditionally associated with web applications, however its guidelines are increasingly relevant to AI systems, especially when it comes to securing language models against a variety of threats.

This presentation will offer an overview of OWASP and its various initiatives including the "Top Ten" projects. I will then provide a high-level introduction to key concepts surrounding LLMs before delving into the OWASP Top 10 for LLM. We’ll explore key security risks, such as data injection, model poisoning, and privacy vulnerabilities, and discuss how these issues manifest in LLMs. By the end of the presentation, attendees will understand how to adapt OWASP's best practices to safeguard LLM-based applications, ensuring both security and reliability in real-world use cases.

Your speaker:
Danny Vacar (linkedin) is a security professional with over a decade of expertise in cybersecurity and more than 20 years in IT, networking, and systems administration. Throughout his career, he has held a variety of security-focused roles, including Penetration Tester and Security Consultant, and currently works as an Application Security Engineer. Danny holds certifications as a GIAC Penetration Tester (GPEN) and Web Application Penetration Tester (GWAPT), and outside of his professional work he is a passionate student pilot and aviation enthusiast.

Your host:
Todd Dow (linkedin) is a Technical Security Solutions Architect at Cisco. He is also a writer, speaker and founder of InfoSec Hamilton. Todd has over 20 years of experience in the cybersecurity field performing penetration tests, providing security architecture and compliance consulting and creating, developing and leading high performing security teams – this included working as the CISO at two organizations: First Ontario Credit Union and ArcelorMittal Dofasco. Todd maintains CISSP, CISA and PMP credentials and he has also earned an Hon BA in Philosophy and Religious Studies from the University of Toronto.