About us
Steel City Information Security, LLC was established on October 1st, 2014, but has been meeting as a users’ group since October 30th, 2012. This group has a heavy focus on socialization and informal discussion at every event, and is open to anyone, regardless of their age, abilities, gender, or occupation.
This group hosts three different types of events - presentations, informal networking events, and hands-on labs. All of our events are driven by specific technologies or novel ideas, and you can find details regarding our events, discussion boards, and additional information on our website. This group is listed on the DEFCON Groups website as DC412 and is the only netsec CitySec Meetup in Pittsburgh. Steel City Information Security, LLC does not and will never accept funds in exchange for presentation slots or vendor booths. All presentations are screened to ensure that they are vendor-agnostic and absent of language that could be construed as an attempt to sell any service or product.
Please feel free to give me your thoughts and input about this group and I look forward to meeting all of you at an upcoming event.
- Jon Zeolla
Steel City Information Security, LLC
Upcoming events
1
Pittsburgh ISSA April Meeting
Hackers Guild PGH, 2247 Babcock Blvd, Pittsburgh, PA, USJoin us on April 21st, 2026!
Featured Speaker: Devan RajendranTopic: Authorized but Misaligned: How Agents Manipulate Meaning in Commerce
AI shopping agents are moving into production as Visa, Mastercard, and Google build infrastructure for autonomous purchases projected to reach trillions by 2030. Protocols like AP2, MCP, A2A, and ACP ensure authentication and payment integrity, but correct authorization doesn’t guarantee correct decisions.
Research shows that indirect prompt injection—the top OWASP risk for LLMs and agents in 2025—can steer autonomous shopping agents into unintended purchases even when cryptographic mandates and constraints are fully enforced. Agents act incorrectly while believing they are compliant.
This session reviews the threat landscape, the protocols, residual risks under perfect enforcement, and experimental results from a sandbox isolating this failure mode. As organizations delegate purchasing to agents, the challenge shifts from verifying identity to trusting decision‑quality, with major implications for fraud, liability, consumer trust, and regulation.About the Speaker: Devan Rajendran
Devan Rajendran is a graduate student at Carnegie Mellon University’s Heinz College, specializing in Information Security Policy and Management. His work focuses on cybersecurity, threat analysis, and security governance, with hands‑on experience in threat modeling, intelligence gathering, and application security testing. He is active in CMU’s AI Safety and graduate leadership committees and has academic grounding in network security, cyber intelligence, and software security. Devan also brings research experience, including a distinguished paper award for work in robotics and advanced manufacturing.Date: Tuesday, April 21, 2026
Time: 5:30 PM – 7:00 PM (Presentation starts at 6:00 PM)
Location: Hackers Guild PGH - 2247 Babcock Blvd - Pittsburgh, PA 15237Who Should Attend
Security engineers, vulnerability analysts, CISOs, SOC teams, researchers, and anyone responsible for assessing or prioritizing security risk will find this session especially valuable.18 attendees
Past events
109
