Hacker days:- Threat Modeling bootcamp

Join Bay Area OWASP for an interactive bootcamp focusing on our favorite topic "Threat modeling". Event is sponsored by Seezo an Automated security design and threat modeling platform.
Session will have sub topics:
1. Threat modeling MCPs by Swarup Natukula and Sai vernekar
2. Automate Security Design Reviews using LLMs :- Sandesh Anand
3. Pentesting MCPs from threat models :- Riyaz walikar

Doors open :- 4.30 PM
Session duration: 5 PM to 8 PM

Session #1
LLMs are no longer just chatbots—they are becoming autonomous agents that can browse files, execute commands, call APIs, and orchestrate workflows. The emerging Model Context Protocol (MCP) is rapidly becoming the standard interface between LLMs and external tools, making it the “syscall layer” of AI systems. This power introduces a radically new attack surface far beyond prompt injection.
In this talk, we will deconstruct how LLM agents integrate with MCP, reveal the true end-to-end architecture (LLM → agent logic → MCP client → MCP server → external systems), and perform a complete threat model of the stack. We’ll explore real attack scenarios.
Finally, we’ll propose defense strategies and security patterns to build safer MCP-enabled AI systems. If LLM agents are the future, securing MCP is not optional—it’s foundational.

Session #2 Automate Security Design Reviews using LLMs
Description: Security design reviews is a high-impact activity that has always been hard to scale ( Most companies have <10% coverage). LLMs change that. In this talk, we will walk through how we can leverage LLMs in 3 different ways to scale security design reviews
Speaker: Sandesh is the co-founder & CEO of Seezo (seezo.io), a company that helps customers automate Security Design Reviews. Before starting Seezo, Sandesh spent 12 years in various AppSec roles in companies like Cigital and Razorpay. Sandesh is also the author of The Boring AppSec newsletter (https://boringappsec.substack.com/) and co-host of The Boring AppSec Podcast.

Session#3: Pentesting MCPs from Threat Models
"MCP Servers and their integration into everyday workflows is an eventuality that all security teams will have to deal with sooner than later. Understanding new and novel attack surfaces that MCP servers create via AI integrations, client tools and Agents is important if we want to defend against whole new categories of attacks. This fast paced talk will cover examples and demos of vulnerabilities within MCP servers that can be detected from Threat Model flows. We will also look at what constitutes an attacker's flow within an environment that uses one or multiple MCP servers as part of its workflows.

Speaker: Riyaz Walikar is the Co-Founder and Chief Hacker at Kloudle and Appsecco, specializing in offensive security with expertise across AI Agents and MCP security deployments across SaaS products, mobile apps and cloud environments. With over 15 years of technical hands-on experience, he has led advanced security assessments, penetration tests, and vulnerability research across diverse platforms, including multiple cloud providers and Kubernetes. Riyaz has conducted in-depth security training at conferences like BlackHat, DefCon, and nullcon. He is the author of multiple tools, blogs and books and continuous to work with security communities to mentor the younger generation.