Big Techday 26: Lessons from the bleeding edge of AI/ML security - Keith Hoodlet, 1Password

Lessons from the bleeding edge of AI/ML security Large Language Models have moved from research curiosity to production reality at a pace that has left security teams scrambling. Organizations are racing to integrate LLMs into agentic browsers, AI-integrated development environments, customer service chatbots, and internal knowledge systems – often without fully understanding the novel attack surfaces they're introducing. This talk examines security challenges at the frontier of LLM adoption: Prompt injection attacks turning helpful assistants into unwitting accomplices, data exfiltration risks hiding within conversational interfaces, and the dangers of giving AI agents the ability to take real-world actions on behalf of users. Drawing from academic research, real-world implementations, and documented incidents, this talk will discuss what's working, what's failing, and what companies need to understand as these systems become embedded in critical workflows. About the speaker: Keith Hoodlet is an experienced leader and practitioner in the field of Offensive Security, holding both the Offensive Security Certified Professional (OSCP) and Offensive Security Web Assessor (OSWA) designations. As an early pioneer of responsible AI bias bounty hunting, Keith has worked closely with the world's leading AI laboratories to identify and address vulnerabilities in their systems. With years of experience building DevSecOps programs and guiding security teams in Fortune 100 enterprise organizations, Keith brings a unique perspective to the challenges of safely deploying AI technologies at scale that is informed by his collegiate education in both Computer Science and Psychology. Keith has delivered talks and trainings globally on topics including DevSecOps, web application security, and the emerging security challenges introduced by Large Language Models.