SecAppDev 2024 - Threat modeling
SecAppDev 2024 offers three days of in-depth lectures and two days of hands-on workshops. Use the buttons below to navigate between the topics. The full schedule shows all sessions.
AI / ML security
Threat modeling
OWASP top 10
Authentication
Authorization
Architecture
Secure Coding
Supply chain security
API security
Web security
Cryptography
Governance
Application Security
Vulnerabilities of Large Language Model Applications
Deep-dive lecture by Vera Rimmer in room West Wing
Wednesday June 5th, 11:00 - 12:30
The session will start with a quick primer on data-driven AI and the key mechanisms behind LLMs. Then we will explore the general threat landscape, including academic attacks and more practical threats (OWASP Top 10 for LLMs).
Key takeaway: LLMs are a vulnerable intermediary between users and information. Increasing autonomy, complexity and integration of AI amplifies all existing risks.
When network protocols meet new threat models
Introductory lecture by Mathy Vanhoef in room West Wing
Wednesday June 5th, 09:00 - 10:30
This presentation will argue that several past (wireless) protocol attacks were found by creatively thinking about threat models.
Key takeaway: Attacks only get better: either by finding new flaws or by introducing new threat models.