OWASP London Chapter Meetup [IN-PERSON]

This event is kindly hosted by Amazon.
Raffle prize is sponsored by Semgrep. There is limited seating available for in-person attendees. Registration required (bring PhotoID!)
This event will also be live-streamed on YouTube.
Recordings will be available on the OWASP London YouTube channel.

Venue Location: Amazon London HQ, 1 Principal Place, London EC2A 2FA
Nearest Tubes: Liverpool Street (6 minute walk), Shoreditch High Street (3 minute walk)
Doors Open at 6pm for registration, pizza, drinks and networking. The talks start at 6:30pm (we start on time!).

TALKS:

OWASP Introduction, Welcome and News - Sam Stepanyan, Andra Lezza, Sherif Mansour - OWASP London Chapter Leaders

"AI Agents Gone Rogue? Building, Defending and Attacking AI Agents" - Katie Paxton Fear

Welcome to the AI era: LLMs are dead, long live agentic AI! But uhh what is agentic AI anyway? Well for a lot of the sci fi loving nerds out there it's basically everything we want from AI and more. Instead of being limited to a chatbox, agentic AI promises true autonomous AI working together in a swarm to achieve their goals. Want to book a flight tomorrow at 9am? Simply ask AI and it will deploy a flight booking agent finding the perfect flight options for you. Perhaps you want to generate some code? It enlists a team of agents from planning architecture to writing code and checking for security issues, all working together to deploy your idea into production, just come back in a few minutes. This dream can quickly become a nightmare, from agents inadvertently becoming insider threats, to threat actors building autonomous hackbots to find and exploit vulnerabilities, to malware deployed as an agent. Thankfully though, this is all brand new and we have time, right? Well maybe not as much as we'd like...

"Deep Dive into the OWASP Top 10 for Agentic Applications" - John Sotiropoulos

Join John Sotiropoulos from the OWASP GenAI Security Project's Agentic Security Initiative (ASI) for an in-depth look at the upcoming OWASP Top 10 for Agentic Applications. This session will explore the key risks and mitigations shaping the security of agentic and autonomous AI systems, how they connect with the OWASP Top 10 for LLM Applications, and the Agentic Risk Exposure Spectrum — a model that maps risk and control relevance across different levels of agentic adoption.

RAFFLE - win a prize kindly donated by our sponsors!

SPEAKERS:

Dr Katie Paxton-Fear (@InsiderPhd)

Katie is Staff Security Advocate at Semgrep and a Lecturer in Cyber Security at Manchester Metropolitan University, however, in her free time, she’s a bug bounty hunter and an educational YouTuber. She started out hacking in June 2019 during a HackerOne mentorship program and now hopes to be a mentor to others, creating educational cyber security videos on YouTube. In her videos, she attempts to bridge the gap between “I know what bug bounties are” and “bug bounty hunter” giving advice specifically tailored to bug hunting. She’s now produced over 50 videos on bug bounty hunting for an audience of over 95,000 YouTube subscribers. Aimed at a beginner audience these go from finding your first bug, to how to use specific tools, to how to find specific bug classes. Katie has discovered and responsibly reported security vulnerabilities to several large organisations such as Verizon Media and the US Department of Defense

John Sotiropoulos

John Sotiropoulos is the Head of AI Security at Kainos, where he helps safeguard national-scale AI projects. He serves on the OWASP GenAI Security and Top 10 for LLM Applications Project Board, overseeing the project, contributing to LLM Top 10 entries - including leading the supply chain category - and actively liaising with standards bodies, cyber agencies, and industry communities. John also co-leads the OWASP Agentic Security Initiative, driving the development of agentic security guidelines and the forthcoming OWASP Top 10 for Agentic Applications. He is the author of the UK Government’s official Implementation Guide for the AI Cyber Security Code of Practice, now adopted internationally as an ETSI standard, and the author of the Amazon bestselling book Adversarial AI – Attacks, Mitigations, and Defense Strategies

TICKETS:

OWASP meetups are free and open to anyone interested in application security. Please note that you MUST book your place to be admitted to the event by the building security. Your name will be checked against the guest list and a PhotoID is required!

CODE OF CONDUCT:

We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. OWASP Code Of Conduct: https://owasp.org/www-policy/operational/code-of-conduct