Skip to content

Details

Join us for the July Bay Area OWASP Meetup, proudly sponsored by oligo security .
Spend the evening connecting with fellow security professionals, learning from insightful presentations, and engaging in meaningful discussions on the latest security topics. Enjoy great networking opportunities along with food and refreshments, generously provided by Oligo security.
Thank you very much Tekion corp for providing us the space.

5:00 PM : Doors open, Networking, food and drinks
5.30 PM :- Chapter introduction
5.45-6.30 PM :- Beyond the CVE Treadmill: Defending Applications in the Age of Dynamic Attacks
6.30-7.15 PM :- Small Models, Big Judgements: Can a Cheap Judge replace an Expensive One?
7.15-8.00 PM :- TBD

Talk 1 : Beyond the CVE Treadmill: Defending Applications in the Age of Dynamic Attacks
Description: Security databases (and practitioners) are drowning in vulnerability volume, but only a small fraction of vulns in your environment have real risk, and the average exploit now lands before a patch exists. Meanwhile AI is generating both application code and attack payloads at runtime - breaking every static assumption security programs are built on.
Targeting application attack techniques is the missing link. CVE tracking is an inventory rather than a defense, while attack techniques stay finite even as payloads become one-of-one. eBPF can give live, runtime visibility inside the application and how it interacts with the kernel, laying bare these attack techniques. Even without a CVE, you can detect and block attacks in real time, catching disputed, unpublished, and AI-generated attacks that no scanner will ever flag.

Speaker: Jeff Bayntun is a Senior Solutions Engineer at Oligo Security whose career started in the glamorous world of ODBC/JDBC and somehow evolved into runtime and supply chain security. Previously at Snyk and Chainguard, he's spent years turning "we think we're secure" into something more defensible. Based in Vancouver, BC, he can usually be found on a pickleball court when he's not dissecting your application's runtime behavior.

Talk 2: Small Models, Big Judgements: Can a Cheap Judge replace an Expensive One?
Description: Frontier models judge agentic threats well but cost too much to run on everything. We tested a <30B open-weight judge against Sonnet: within 0.03 AUC on a 6,682-task benchmark, 100% agreement on high and critical detections across 7,500 real production sessions, 63% fewer frontier calls. We cover where small judges go blind, why our worst result was a prompt problem not a model problem, and why agreeing with a big model is not the same as being right.
Speaker Background: Pranav Bhusari builds runtime guardrails and LLM-as-judge detection systems for agentic AI at Metano. He previously did vulnerability research across defense and national lab environments, including Lawrence Livermore, Peraton Labs, and Cromulence (Legitimate Business Syndicate).

Related topics

Events in Pleasanton, CA
Software Security
Web Application Security
Hacking
Information Security
Web Technology

You may also like