Defending Large Language Models: Securing Chatbots, Copilots, and AI Agents

This talk will explore the critical and vulnerable points in large language models (LLMs) used in chatbots, AI copilots, and intelligent agents. We’ll begin by understanding the trust boundaries in these systems and then dive into how to defend them against emerging threats. Taking a comprehensive approach, we’ll examine the tools, processes, and best practices that every security professional should adopt.

The session will draw on several real-world case studies to demonstrate the concepts. We will dive into the Responsible AI Software Engineering (RAISE) framework as a way to approach end-to-end security for your LLM system.

Drawing on Steve’s expertise as the founder and project lead for the OWASP Top 10 for Large Language Model Applications, this session will equip you with the knowledge to secure the next generation of AI-driven software.

This is event is for anyone preparing to face the evolving challenges of AI security and protect their systems from tomorrow's cutting-edge threats.

Steve Wilson is a pioneer in Generative AI and cybersecurity, driving advancements in AI-powered cyber defense and securing AI systems. As the Chief Product Officer at Exabeam, Steve spearheaded the launch of a powerful Generative AI copilot for security analysts, significantly enhancing the speed and accuracy of cybersecurity incident investigations.

Steve leads the charge on securing large language models as the founder and project leader of the OWASP Top 10 for Large Language Model Applications, where he guides a global team in developing the industry-standard guide to critical vulnerabilities in AI systems. The Top 10 List has become the go-to reference for developers, architects, and security professionals working to safeguard AI applications.

As the author of The Developer’s Playbook for Large Language Model Security, Steve provides a comprehensive framework for building secure, responsible AI systems. His book has quickly become an essential resource for professionals navigating the complexities of AI and security.

He is an inventor on 11 U.S. and international patents in cybersecurity, networking, and IoT. In 2023, Steve was awarded Cybersecurity Innovation Leader of the Year by Enterprise Security Tech, and his 2024 RSA Conference talk was voted a Top Session.

CPEs: There will be 2 CPE credits for the meeting.

Disclaimer: ISSA-LA reserves the right to alter or delete items from the program in the event of unforeseen circumstances. Material has been prepared for the professional development of ISSA-LA members and others in the IT audit, control, security, and governance community. Neither the presenters nor ISSA-LA can warrant that the use of material presented will be adequate to discharge the legal or professional liability of the members in the conduct of their practices.

All materials used in the preparation and delivery of presentations on behalf of ISSA-LA are original materials created by the speakers, or otherwise are materials which the speakers have all rights and authority to use and/or reproduce in connection with such presentation and to grant the rights to ISSA-LA as set forth in speaker agreement. Subject to the rights granted in the speaker agreement, all applicable copyrights, trade secrets, and other intellectual property rights in the materials are and remain with the speakers. Please note: unauthorized recording, in any form, of presentations and workshops is prohibited.

Permission to be Photographed: By attending this event, the registrant grants permission to be photographed during the event. The resultant photographs may be used by ISSA-LA for future promotion of ISSA-LA’s educational events on ISSA-LA’s web site and/or in printed promotional materials, and by attending this event, the registrant consents to any such use. The registrant understands any use of the photographs will be without remuneration. The registrant also waives any right to inspect or approve the aforementioned use of any photographs now or in the future.

Host or Publisher Information Systems Security Association Los Angeles | ISSA-LA