Talk
This talk is about agentic security from both sides. (1) How attackers are hacking LLM powered agents, things like front injections tool exploitations and data expectation, (2) and how the same models are weaponized to automate exploit generation, reconnaissance and other hacking tasks.
Will journey through basic understanding of LM security, a fast tour of OWASP top 10 for LLMs and then from there will cover some of the agentic world and it's security. Things like MCP and A2A will be covered from security perspective. Will have interesting vulnerabilities like tool poisoning, rug-pulls that are becoming a nuisance in agentic workflows.
In the second half, we'll cover how three taxes actually use agents how they do multi-stage attacks built on open source agent frameworks. Will cover defense for Python centric development principles of least privilege for tool access. For example, principle of least privilege for tool access, human-in-the-loop approval gates, output sanitization
Expected background:
Working python and basic familiarity with LLMs. No prior security background is required
Takeaways:
A mental model of a genetic attack surface. A concrete list of things to fix in your stack
About the Speaker
Vaagn (Vahagn) Toukharian is a software engineer and cybersecurity professional currently serving as a Principal Engineer at Qualys, where he focuses on security research and the development of AI security testing frameworks. He also shares his industry expertise as a lecturer in cybersecurity at the American University of Armenia. A frequent speaker at premier global conferences including Black Hat, DEF CON, OWASP AppSec, ToorCon, and BruCon, he has spent years contributing to the advancement of web application security. Beyond his professional and academic work, he is a dedicated Ironman triathlete and a co-founder of TriClub Yerevan, where he helps organize community-driven events such as the Yerevan Marathon and the Savage of Sevan to promote a healthy, active lifestyle.