About us
Welcome to AI Sec Eng Poland!
We are a chapter of the global AI Security Engineers Community, bringing together developers, security practitioners, and AI builders who care about creating secure, trustworthy AI-powered applications.
Join us for in-person meetups in Krakow, live streams, and an active community chat, where we share practical insights, real-world experiences, and hands-on knowledge on securing AI systems—from development to production.
Whether you’re just getting started or already building AI at scale, this is the place to learn, connect, and build more secure AI together.
Upcoming events
1
Underground Hacks
Radocha, Świętego Sebastiana 6, 31-049, Kraków, PLHey everyone,
Join us for an Offensive Night focused on how attackers actually think, move, and break things—and how we respond.This evening brings together creative red teaming tactics and a hands-on vulnerability demo, designed for security engineers, developers, and anyone curious about the offensive side of security.
Agenda
- 17:00 Doors open
- 17:30 Live virtual speaker: Steve Borosh
Continuous Offensive Recon: Tightening the OODA Loop with AI-Driven Data Enrichment for Red Team Operations
Traditional penetration tests, assumed-compromise assessments, and red team engagements still treat reconnaissance as a discrete, time-boxed phase at the beginning of the assessment. In reality, modern environments change hourly, files change, credentials rotate, people join and leave, and defensive controls evolve. Static recon snapshots quickly go stale, forcing operators to restart the intelligence cycle under pressure. This talk presents Continuous Offensive Recon as the solution: a persistent, closed-loop intelligence capability that provides offensive operators with actionable intelligence at every phase of the assessment.
Raw data from passive recon, active scanning, file share searching, C2 exfiltration, user behavior, and open-source intelligence is abundant. What separates elite operators is the ability to continuously enrich that data, surface hidden relationships between obscure technical and human data points, and convert noise into prioritized, high-fidelity attack paths in near real time.
We will walk through exactly how to build and operate this capability using a practical, open-source-heavy stack that the audience can start implementing immediately:
With the industry moving towards more “Continuous Penetration Testing” as BHIS has adopted, offensive operators are moving from periodic assessments to a living, intelligence-gathering assessment that paired with the OODA loop decision cycle, and continuous reconnaissance, keeps operators ahead of their target networks. - 18:30 intermission
- 19:00 in-person speaker: Julian B. Let Him Cook! Hacking the Meatmeet BBQ Probe
With grilling season upon us, each and every grillmaster is eagerly preparing their tools… but little do some know, their “smart” meat probes may have some glaring vulnerabilities that could leave them cooked. In this presentation we will disassemble, dump the flash, and decompile the mobile application of the Meatmeet BBQ probes to find countless vulnerabilities. From an open S3 bucket with the profile photo of every grill master, poorly salted passwords, to never-before-seen devices, and even remote code execution, Julian will walk you through the platter of vulnerabilities he found. This will illustrate the importance of IoT security, because the last thing you want is for your beautiful BBQ to be burnt to a crisp! As a Senior Penetration Tester at Software Secured, Julian hunts for vulnerabilities across a range of clients and products. Off hours, he spends his time performing vulnerability research against IoT devices and FOSS, amassing over 50 CVEs in the past several years. Previous work includes exploiting the Furbo devices, to find 20+ vulnerabilities, discovering more than 130,000 Claude, Grok, ChatGPT, and Other LLM Chats Readable on Archive.org (https://www.404media.co/more-than-130-000-claude-grok-chatgpt-and-other-llm-chats-readable-on-archive-org/), as well as being featured by 404Media in the article: Grok Exposes Underlying Prompts for Its AI Personas: ‘EVEN PUTTING THINGS IN YOUR ***’ (https://www.404media.co/grok-exposes-underlying-prompts-for-its-ai-personas-even-putting-things-in-your-ass/)
Come curious, leave sharper - RSVP Now
7 attendees
Past events
28
