Tickets
Agenda
Workshops
Speakers

Wednesday 

Room 3 

13:20 - 14:20 

(UTC+02

Talk (60 min)

HitchHacker's Guide to Building Secure Agents

Multiple layers of guardrails. Humans in the loop. Zero-trust intent validation. We’ve all heard of these being essential to implement when designing an agentic system, but they add a lot of latency, worsen user experience, and are often too complex to efficiently maintain. In a world full of frameworks, policies, and AI security suites, how does one decide which are worth implementing?

AI Agents

This talk will cover designing secure agents, how the various failure points are exposed in the real world, and how these failure points can be remediated. We’ll look into common misconceptions about security systems, and how key elements of secure agent design that are often overlooked. We’ll use the perspective of an AI attacker to understand where agentic systems are vulnerable, how to minimze the impact of these attacks, and how to make sure these impacts don’t make your agent utterly useless to its users.

Kenneth Yeung

Kenneth Yeung is a Senior Security Researcher at HiddenLayer, specializing in adversarial machine learning and AI security. He is known for identifying LLM vulnerabilities in AI systems like Google Gemini, has been featured in publications like Forbes and DarkReading, and has spoken at conferences such as OWASP Global AppSec. Kenneth is a top finisher in global AI security competitions such as HackAPrompt 2023 and Dreadnode's Man vs Machine CTF, and is actively researching the defense of generative AI models.

Kasimir Schulz

Kasimir Schulz, Director of Security Research at HiddenLayer, is a leading expert in uncovering zero-day exploits and supply chain vulnerabilities in AI. His work has been featured in Forbes, BleepingComputer, and Dark Reading, and he has spoken at conferences such as FS-ISAC and Black Hat. Kasimir leads the development of advanced tools for automating vulnerability detection and implementing large-scale patches, fortifying systems against supply chain attacks. His dedication to proactive defense measures sets a new standard in cybersecurity resilience.