⚡ Fresh Talk Alert for BSides Luxembourg 2026!

“𝗕𝗘𝗬𝗢𝗡𝗗 𝗧𝗛𝗘 𝗣𝗥𝗢𝗠𝗣𝗧: 𝗔 𝗙𝗥𝗔𝗠𝗘𝗪𝗢𝗥𝗞 𝗙𝗢𝗥 𝗔𝗚𝗘𝗡𝗧𝗜𝗖 𝗔𝗜 𝗔𝗧𝗧𝗔𝗖𝗞 𝗔𝗡𝗗 𝗗𝗘𝗙𝗘𝗡𝗦𝗘 𝗦𝗧𝗥𝗔𝗧𝗘𝗚𝗜𝗘𝗦” – 𝗝𝗘𝗥𝗘𝗠𝗬 𝗦𝗡𝗬𝗗𝗘𝗥

As AI systems evolve into autonomous agents capable of executing code, calling APIs, and managing long-term memory, the attack surface extends far beyond prompt injection and jailbreaks. This AI Security Village session explores a full-stack approach to securing agentic AI systems.

Jeremy Snyder will break down how attackers target not just the LLM itself, but the broader agent architecture — including tools, memory, workflows, and cross-system integrations. The session introduces a practical framework for assessing agent attack surfaces, validating outputs, enforcing constraints during system handoffs, and building more resilient AI-driven applications.

Jeremy Snyder is the founder and CEO of FireTail, an AI security platform focused on securing modern AI applications and autonomous systems.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #AgenticAI #LLMSecurity #CyberSecurity #AppSec #OWASP

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

“𝗘𝗩𝗘𝗥𝗬 𝗚𝗨𝗔𝗥𝗗𝗥𝗔𝗜𝗟 𝗘𝗩𝗘𝗥𝗬𝗪𝗛𝗘𝗥𝗘 𝗔𝗟𝗟 𝗔𝗧 𝗢𝗡𝗖𝗘: 𝗗𝗘𝗦𝗜𝗚𝗡𝗜𝗡𝗚 𝗔𝗡𝗗 𝗧𝗘𝗦𝗧𝗜𝗡𝗚 𝗚𝗨𝗔𝗥𝗗𝗥𝗔𝗜𝗟𝗦 𝗙𝗢𝗥 𝗟𝗟𝗠 𝗔𝗣𝗣𝗟𝗜𝗖𝗔𝗧𝗜𝗢𝗡𝗦” – 𝗗𝗢𝗡𝗔𝗧𝗢 𝗖𝗔𝗣𝗜𝗧𝗘𝗟𝗟𝗔

Modern GenAI applications are no longer simple chatbots — they involve complex chains of LLM calls, tools, and autonomous workflows. In this AI Security Village session, Donato Capitella explores why prompt-based guardrails alone are not enough and how security controls must be designed around the entire application workflow.

The talk focuses on practical strategies for designing and testing guardrails across multi-step LLM systems, including how data flows between chains, how permissions are enforced, and how applications can detect and respond to prompt attacks. Attendees will also see how these concepts can be tested in practice using spikee, an open-source tool built for testing LLM applications against prompt-based attacks.

Donato Capitella is a Principal Security Consultant at Reversec with extensive experience in offensive security and AI application testing. He is also the lead developer of the open-source project spikee.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLMSecurity #PromptInjection #CyberSecurity #OWASP #OpenSource #AppSec

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

“𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗙𝗢𝗥 𝗔𝗜: 𝗔𝗜𝗗𝗥 𝗕𝗔𝗦𝗧𝗜𝗢𝗡 𝗔𝗦 𝗢𝗣𝗘𝗡 𝗦𝗢𝗨𝗥𝗖𝗘 𝗟𝗟𝗠 𝗙𝗜𝗥𝗘𝗪𝗔𝗟𝗟 / 𝗔𝗜 𝗣𝗥𝗢𝗠𝗣𝗧𝗦 𝗥𝗘𝗩𝗘𝗥𝗦𝗘 𝗣𝗥𝗢𝗫𝗬” – Andrii Bezverkhyi

As AI adoption accelerates, so do the risks — from prompt injections to malicious AI agents and adversarial abuse. This AI Security Village session explores AIDR Bastion, an open-source GenAI protection system designed to secure AI workloads through layered detection and prompt filtering.

The talk covers how AIDR Bastion acts as an LLM firewall and reverse proxy for AI prompts, using Sigma and Roota rules to detect malicious behavior, harmful content, prompt injection attacks, and AI-assisted malware generation. Attendees will also see how the system integrates with MITRE ATLAS, OWASP LLM Top 10 guidance, and existing detection engineering workflows.

Andrii Bezverkhyi is the founder of SOC Prime and a long-time contributor to the threat detection and cybersecurity community, known for projects such as Uncoder and DetectFlow.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLMSecurity #PromptInjection #OWASP #CyberSecurity #DetectionEngineering #OpenSource

⚡ Fresh Village Alert for BSides Luxembourg 2026!

𝗔𝗜 𝗦𝗘𝗖𝗨𝗥𝗜𝗧𝗬 𝗩𝗜𝗟𝗟𝗔𝗚𝗘 – 𝗢𝗣𝗘𝗡 𝗩𝗜𝗟𝗟𝗔𝗚𝗘 / 𝗤&𝗔
🧠 Interactive AI Security Playground • Live Demos • Hands-on Attacks • Real-Time Defense

Step into a live, open-floor AI Security Village dedicated to exploring the real-world security risks of Agentic AI, MCP architectures, LLM workflows, and autonomous systems. Unlike a traditional workshop or talk, this village is designed as a continuously running interactive environment where attendees can freely drop in, attack systems, observe defenses, and shape the direction of the sessions in real time.

Across two days, participants will interact with intentionally vulnerable AI systems, RAG pipelines, MCP servers, and autonomous agents while exploring attack paths such as prompt injection, goal hijacking, instruction manipulation, tool abuse, and trust boundary failures — all aligned with the OWASP LLM Top 10 and AI Security Exchange guidance.

The village includes:
🔹 Live exploitation of LLM and Agentic AI systems
🔹 Interactive walkthroughs from organizers
🔹 Real-time defensive patching and mitigation demos
🔹 Hands-on labs with Dreadnode Crucible, Lakera Gandalf, and Agent Breaker
🔹 Beginner-to-advanced learning paths running in parallel
🔹 Community-driven Q&A and collaborative defense discussions

Parth Shukla is a Senior Security Researcher specializing in AI Security and Adversarial Machine Learning, focusing on the security architecture of Agentic Systems and LLMs. Joining him is Nagarjun Rallapalli, who focuses on automating security and building — and breaking — AI agents to test their limits.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLMSecurity #AgenticAI #OWASP #RedTeam #CyberSecurity #PromptInjection #MCP #AIVillage

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

𝗕𝗨𝗜𝗟𝗗𝗜𝗡𝗚 𝗧𝗛𝗘 𝗨𝗟𝗧𝗜𝗠𝗔𝗧𝗘 𝗔𝗜 𝗙𝗜𝗥𝗘𝗪𝗔𝗟𝗟: 𝗜𝗡𝗦𝗜𝗗𝗘 𝗦𝗢𝗩𝗘𝗥𝗘𝗜𝗚𝗡𝗦𝗛𝗜𝗘𝗟𝗗, 𝗜𝗡𝗧𝗘𝗡𝗧𝗦𝗛𝗜𝗘𝗟𝗗, 𝗔𝗡𝗗 𝗟𝗢𝗚𝗜𝗖𝗦𝗛𝗜𝗘𝗟𝗗 – Mattijs Moens

As AI agents evolve into autonomous systems capable of executing code and interacting with APIs, traditional security controls are struggling to keep up. This AI Security Village session dives into the architecture behind the SovereignShield ecosystem — a multi-layered framework built to secure modern AI applications against prompt injection, malicious actions, and data exfiltration.

The talk explores how LogicShield enforces semantic boundaries to stop jailbreaks and prompt attacks, how IntentShield audits outbound AI actions before execution, and how the unified SovereignShield Firewall combines both layers into a deterministic defense model for production AI systems.

Mattijs Moens is an AI security researcher and founder of SovereignShield, focused on building semantic firewalls for AI systems. He also contributes to the OWASP AI Security and Privacy Guide (AISVS).

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLMSecurity #PromptInjection #OWASP #CyberSecurity #AIAgents

Releasing AgentGuard: architectural safety layer for AI agents.

Not prompt engineering. Code.

@protect
def delete_db(): ...

The LLM cannot call this. Ever. No prompt bypasses a raise.

Blocks: irreversible tool calls, prompt injection, context dilution, cross-agent contamination.

Rust core + pure Python fallback. 31/31 e2e tests with real Ollama.

https://github.com/psychomad/AgentGuard

"Don't blame the knife. Fix the architecture."

#InfoSec #LLMSecurity #AIAgents #PromptInjection #OpenSource #Rust

🔴 NEW: LLM Data Leaks: How AI Models Expose Your Secrets

LLMs are leaking secrets right now. Learn how training data extraction, prompt injection, and plugin flaws expose your data - and exactly how to stop it. Real CVEs, real incidents.

0:00 Intro
0:04 Cr

https://www.youtube.com/watch?v=oarkusORrQ4

#cybersecurity #LLMsecurity #AIdataleak #promptinjection #ChatGPTrisks #LLMdataleak #promptinjectionattack #AIsecurityrisks

🧠 Another Deep Dive into AI Security at BSides Luxembourg

𝗧𝗛𝗘 𝗖𝗛𝗔𝗟𝗟𝗘𝗡𝗚𝗘𝗦 𝗢𝗙 𝗔𝗜-𝗔𝗦-𝗔-𝗦𝗘𝗥𝗩𝗜𝗖𝗘 𝗟𝗢𝗚𝗚𝗜𝗡𝗚 – Jeremy Snyder

Dive into a critical 40-minute session uncovering one of the biggest blind spots in modern AI adoption. As organizations rapidly embrace AI-as-a-Service, most usage remains unmanaged—creating “Shadow AI” environments where traditional logging and security controls fall short.

This talk breaks down why existing logging approaches fail for LLM-driven systems, highlighting the disconnect between client-side and server-side visibility. Learn how to rethink logging strategies for AI, close detection gaps, and build centralized visibility that actually supports effective security monitoring and response in AI-driven environments.

Jeremy Snyder is the founder and CEO of FireTail, an AI security platform, with a background spanning cloud security, M&A at Rapid7, and over a decade in cyber and IT operations. His work focuses on securing modern API and AI ecosystems at scale.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #CloudSecurity #LLMSecurity #CyberSecurity #ThreatDetection

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

𝗧𝗛𝗘 𝗔𝗚𝗘𝗡𝗧 𝗛𝗔𝗗 𝗔 𝗣𝗟𝗔𝗡—𝗦𝗢 𝗗𝗜𝗗 𝗜: 𝗧𝗢𝗣 𝗔𝗧𝗧𝗔𝗖𝗞𝗦 𝗢𝗡 𝗢𝗪𝗔𝗦𝗣 𝗔𝗚𝗘𝗡𝗧𝗜𝗖 𝗔𝗜 𝗦𝗬𝗦𝗧𝗘𝗠𝗦 – Parth Shukla, Nagarjun Rallapalli

Dive into the evolving threat landscape of agentic AI in this hands-on 40-minute talk from the AI Security Village. Unlike traditional LLMs, AI agents operate across multiple steps, tools, and goals—introducing entirely new attack surfaces that defenders are only beginning to understand.

Through practical demos, this session exposes real vulnerabilities including goal hijacking, alignment faking, orchestration abuse, and covert data exfiltration. Learn how attackers manipulate agent behavior over time and how these risks impact modern AI systems, along with key takeaways to better secure agentic architectures.

Parth Shukla is a Senior Security Researcher specializing in AI Security and Adversarial Machine Learning, with a strong offensive security background. His work focuses on securing agentic systems and LLM architectures, bridging the gap between traditional AppSec and emerging AI risks.

Nagarjun Rallapalli is involved in advancing AI security initiatives and contributes to building and testing secure AI systems.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #AgenticAI #LLMSecurity #CyberSecurity #RedTeam

⚙️ Technical Spotlight: New Session at BSides Luxembourg 2026

𝗛𝗢𝗪 𝗦𝗘𝗖𝗨𝗥𝗘 𝗜𝗦 𝗦𝗘𝗖𝗨𝗥𝗘 𝗖𝗢𝗗𝗘 𝗚𝗘𝗡𝗘𝗥𝗔𝗧𝗜𝗢𝗡? 𝗣𝗨𝗧𝗧𝗜𝗡𝗚 𝗧𝗛𝗘 𝗟𝗟𝗠𝗦 𝗧𝗢 𝗧𝗛𝗘 𝗧𝗘𝗦𝗧 – Melissa TESSA

A sharp 5-minute lightning talk challenging the assumptions behind AI-assisted coding. As developers increasingly rely on LLMs, this session exposes how “secure-by-design” claims often break under realistic conditions.

Through adversarial testing and real research insights, discover how LLMs can introduce hidden risks—from fragile evaluation methods to slopsquatting attacks via hallucinated package names. A must-see for anyone building or securing modern software with AI in the loop.

Melissa TESSA is a doctoral researcher at the University of Luxembourg’s SnT, working at the intersection of AI, software engineering, and cybersecurity. Her research focuses on enabling large language models to generate secure code—and uncovering where they fail.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #LLMSecurity #SecureCoding #CyberSecurity #AI