Event details
Schedule
6:00 PM EST
Arrival, setup, mingle, PIZZA!
6:30 PM EST
Technical Talks
- Introduction to OWASP Ottawa, Public Announcements.
- OWASP Top 10 for LLM Applications: A Detailed Review
Abstract:
As the adoption of Large Language Models (LLMs) in corporate and governmental organizations becomes increasingly common, it introduces unique security challenges that need immediate and effective management. This presentation provides a detailed overview of the OWASP Top 10 for LLM applications, which in less than eight months has already become a trusted resource on how to secure LLMs within and outside of the global cybersecurity community. The goal of the publication is to equip organizations with the knowledge to successfully navigate LLM security challenges. Beginning with a technical primer on AI, Machine Learning, and LLMs, the presentation will ensure a foundational understanding of the technology and its potential security risks. We will then review critical vulnerabilities such as Prompt Injection, Insecure Output Handling, Training Data Poisoning, Model Denial of Service, and Supply Chain Vulnerabilities, among others, and highlight the importance of recognizing and mitigating these risks as well as provide actionable advice for secure LLM implementation. Through this presentation, the audience will learn how to safeguard their LLM deployments against emerging threats, ensuring both the security and efficacy of these powerful AI tools in their organizational context.
About the OWASP® Foundation
The Open Worldwide Application Security Project® (OWASP) is a nonprofit foundation that works to improve the security of software. Through community-led open-source software projects, hundreds of local chapters worldwide, tens of thousands of members, and leading educational and training conferences, the OWASP Foundation is the source for developers and technologists to secure the web.
Simon Sulyma
Expert in cybersecurity and information risk
Simon is an expert in the fields of cybersecurity and information risk, with close to 20 years of experience designing, building, securing, and auditing complex IT systems at large financial institutions across Canada. Simon currently leads the Governance, Risk, and Compliance (GRC) function at the Global Wealth and Asset Management segment at Manulife. He frequently speaks at conferences, trainings, and meetups, organizes and participates in community events, and mentors people entering the cybersecurity field. Simon holds a Master's degree in Information Security and several certifications including CISA, CISSP, CISM, CRISC, CCSP, and AZ-500.
Diana Rogachova
Data science and machine learning professional
Diana is a Data Science and Machine Learning professional. In 2023, she graduated from a bootcamp where she subsequently worked as a Teaching Assistant for Data Science students. Her areas of interest are the intersection of Generative AI, cybersecurity, and privacy as well as the ethical use of AI. Diana holds the Machine Learning certification from Amazon Web Services (AWS) and is currently pursuing the Cybersecurity Certificate from ISC2. She also has a Bachelor’s Degree in Criminology and Criminal Justice from Carleton University and three years of experience in the criminal justice field.
Event will be indoors. Based on the Ottawa Public Health Guidelines we strongly recommend that attendees wear a mask while not presenting. This will reduce the risk of transmission and protect members who may have compromised immune systems.