Watch the stream
LLMs are the hot new thing, and are exciting enough to even have their own OWASP Top 10 as of 2023! But are these vulnerabilities really any different from what we already see in more traditional web applications?
In this talk, Logan will explore the different vulnerability families from the new OWASP Top 10 for LLM Applications, discuss the different scenarios represented therein with a focus on real-world exploitation scenarios, and outline how they parallel the vulnerabilities that we've all grown to love and pwn over the years.
Attendees should leave this talk with a more complete understanding of the vulnerabilities manifesting in LLM applications, how these vulnerabilities can directly affect end users, and scenarios to be conscious of when developing for, or around, LLM applications.
Logan MacLaren Staff Offensive Security Engineer, Huntress
Logan is the lead Offensive Security engineer at Huntress where he is responsible for planning and executing red team operations as well as bolstering incident response capability through purple team exercises. He has been a long time enthusiast in the security space, building a career spanning big data analytics, bug bounty, and offensive security.
Outside of his day job, Logan can often be found building and participating in CTF challenges, bug hunting in open source software, or learning new skills at conferences across the continent. He has had the honour of speaking at several DEFCON villages, NorthSec conferences, as well as multiple BSides and OWASP Ottawa events.