OWASP Netherlands

Main    Supporters    Upcoming Events    Past Events    Resources

October 17 2024

Location: Radboud University, Huygens building
Address: Nijmegen

Please register via: https://www.meetup.com/owasp-chapter-netherlands-meetup/events/302961495

18:00 - 18:15 - Reception of attendees

18:15 - 19:00 - Pizza

19:00 - 19:15 - Welcome and OWASP updates

19:15 - 20:00 - AI Security: Safeguarding Software from Code to Architecture by Feiyang Tang

20.00 - 20:15 - Break with drinks

20:15 - 21:00 - Securing GenAI Applications - a Point of View by Burc Yildirim

AI Security: Safeguarding Software from Code to Architecture

Abstract:

AI is rapidly transforming software development, offering unprecedented capabilities but also introducing new security challenges. As organizations rush to adopt AI technologies, they often overlook critical security implications, potentially exposing themselves to novel threats and vulnerabilities.
In this talk, we’ll explore how to build secure AI-powered software, covering both coding practices and system design. We’ll dive into specific scenarios where AI can introduce security risks and discuss practical strategies to mitigate these issues in software development. We’ll also touch on privacy concerns when implementing AI solutions. Through real-world examples, you’ll gain actionable insights to enhance the security of your AI projects, from individual algorithms to complete systems.

Bio:

Feiyang Tang:

Feiyang Tang is a Technical Software Consultant at Software Improvement Group, specializing in code quality and security. He holds a Ph.D. in Software Privacy from Norway and a Master's degree in Artificial Intelligence. With a background spanning academia and industry, Feiyang focuses on enhancing software development practices through the responsible integration of AI technologies. His work aims to bridge the gap between advanced AI capabilities and robust, secure software engineering principles.

Securing GenAI Applications - a Point of View

Abstract:

The POV discusses the importance of securing generative AI (GenAI) and the challenges associated with it. GenAI empowers organizations to unlock new opportunities, drive innovation, and deliver value in an increasingly digital and dynamic world. However, securing GenAI introduces new challenges that must be addressed, including adversarial risks across the AI pipeline, data privacy and security concerns, and the need for a unified approach to security. The POV highlights the importance of understanding the risks associated with input, training, and output data, as well as the need for data provenance, transparency, and accountability. Further to this, it looks into the risks posed by use of GenAI, the importance of security in a GenAI strategy, and how we need to go about mitigating risks in practice; factoring in the different GenAI consumption models and the impact these will have on Security Management.
The POV concludes by highlighting the importance of understanding GenAI’s risks and challenges and taking a proactive approach to securing it.

Bio:

Burc Yildirim:

Burç Yıldırım is a seasoned Cyber Risk Services professional with over 20 years of experience in the security industry, specializing in offensive security. He provides cyber strategy, resiliency, and privacy consultancy to governmental institutions, finance, telecommunication, and energy companies, aligning cybersecurity solutions with business needs.
Combining deep technical expertise with management experience, Burç has a unique ability to fully understand both the technical and business challenges organizations face. This skill set enables him to manage complex teams and projects effectively. Throughout his career, he has built and led high-performing teams at Deloitte Turkey, Deloitte Netherlands, and IBM.
With a strong background in both offensive and defensive security, Burç is dedicated to helping organizations enhance their cybersecurity posture in an ever-evolving digital landscape.

November 28-29 2024, BeNeLux Days

See https://www.owaspbenelux.eu for information.