Breaching LLM-Powered Applications: Overcoming Security and Privacy Challenges by Brian Vermeer

Spring I/O 2026 - 14-15 April, Barcelona LLMs accessing the database and intelligent agents that perform online purchases? The possibilities for AI in applications seem endless but so are their security and data privacy risks. In this session, we’ll address common issues such as prompt injection, key leakage, abuse of private customer data for model training, legal restrictions, and more. In addition, we will show that general security issues in your systems can also influence the behavior and outcome of LLMs. During this session, you’ll get a solid overview of the vulnerabilities to avoid, strategies to ensure data privacy compliance and best practices for building secure LLM-powered applications.

New in Spring Security 7: MFA, OAuth2 and more by Daniel Garnier @ Spring I/O 2026
▶︎

New in Spring Security 7: MFA, OAuth2 and more by Daniel Garnier @ Spring I/O 2026

OWASP's Top 10 Ways to Attack LLMs: AI Vulnerabilities Exposed
▶︎

OWASP's Top 10 Ways to Attack LLMs: AI Vulnerabilities Exposed

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026
▶︎

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026

Harnesses in AI: A Deep Dive — Tejas Kumar, IBM
▶︎

Harnesses in AI: A Deep Dive — Tejas Kumar, IBM

Building Pi, and what makes self-modifying software so fascinating
▶︎

Building Pi, and what makes self-modifying software so fascinating

RAG & MCP Fundamentals – A Hands-On Crash Course
▶︎

RAG & MCP Fundamentals – A Hands-On Crash Course

John Cleese’s Brillian Take on Religion & 'Life of Brian' | The Dick Cavett Show
▶︎

John Cleese’s Brillian Take on Religion & 'Life of Brian' | The Dick Cavett Show

Bootiful Spring Boot 4 by Josh Long @ Spring I/O 2026
▶︎

Bootiful Spring Boot 4 by Josh Long @ Spring I/O 2026

Anthropic, OpenAI Should Not Be Allowed to IPO, Says Ed Zitron
▶︎

Anthropic, OpenAI Should Not Be Allowed to IPO, Says Ed Zitron

Architectural Patterns for Spring Security You Wish Your Tech Lead Knew @ Spring I/O 2026
▶︎

Architectural Patterns for Spring Security You Wish Your Tech Lead Knew @ Spring I/O 2026

Completing the Rewrite from Hell: Five Years of Technical Debt and How We Escaped - Aaron Stannard
▶︎

Completing the Rewrite from Hell: Five Years of Technical Debt and How We Escaped - Aaron Stannard

Have Firewalls changed? The shift from Firewalls to the Hybrid Mesh Firewall
▶︎

Have Firewalls changed? The shift from Firewalls to the Hybrid Mesh Firewall

Now more than ever: building reliable software in the age of agents | Ron Minsky | Bug Bash 2026
▶︎

Now more than ever: building reliable software in the age of agents | Ron Minsky | Bug Bash 2026

Attacking AI - Jason Haddix - NDC Security 2026
▶︎

Attacking AI - Jason Haddix - NDC Security 2026

Supercharging Spring AI: Scalable AI Agents with Koog + Spring AI + Spring Boot by Vadim Briliantov
▶︎

Supercharging Spring AI: Scalable AI Agents with Koog + Spring AI + Spring Boot by Vadim Briliantov

Domain-centric? Why Hexagonal- and Onion-Architecture are answers to the wrong question @ Spring I/O
▶︎

Domain-centric? Why Hexagonal- and Onion-Architecture are answers to the wrong question @ Spring I/O

Andrej Karpathy: From Vibe Coding to Agentic Engineering w/ Stephanie Zhan
▶︎

Andrej Karpathy: From Vibe Coding to Agentic Engineering w/ Stephanie Zhan

You Can Learn AI Agent Harness & Loop Engineering In 19 Min | LLM Ops, Eval, Tracing, RAG
▶︎

You Can Learn AI Agent Harness & Loop Engineering In 19 Min | LLM Ops, Eval, Tracing, RAG

China Is About To Pop The AI Bubble
▶︎

China Is About To Pop The AI Bubble

The World's Most Important Machine
▶︎

The World's Most Important Machine