Indy OWASP November 2024 Meetup

Talk 1

Title: Prompt Injection with Damn Vulnerable LLM

Synopsis: Join us for an insightful OWASP event dedicated to exploring the OWASP Top 10 for Large Language Model Applications! Dive into the latest vulnerabilities impacting GenAI-driven systems, focusing on prompt injection attacks. We'll also showcase the Damn Vulnerable LLM, a hands-on tool designed to illustrate prompt injection in real-time specifically. This meetup is perfect for developers, security professionals, and anyone interested in safeguarding GenAI applications. Don't miss this opportunity to enhance your understanding of LLM security and network with fellow enthusiasts!

Speaker: Justin Baxtron

Bio: Bio: Justin Baxtron has worked in the information security field for over 10 years as a consultant and engineer. He holds a GIAC Web Application Penetration Tester (GWAPT) certification and focuses on application security assessments, as well as software engineering.

Talk 2

Title: I Hope No One Finds Out I'm a Fraud: Dealing with Imposter Syndrome

Synopsis:
Imposter syndrome is a real issue in professional life. It can seriously impact mental health and professional growth—especially in the security industry, surrounded by ever-changing technologies and other super-smart people. I will discuss the aspects of this issue, its impacts, and some strategies to overcome it, both for yourself and others.

Speaker: Damian (@integrisec) Profancik

Bio: Damian Profancik has worked as a server/network infrastructure and security consultant for more than 24 years with over the last 14+ years solely focused on information security as an Application Security Manager at Match Group, Technical Director at Optiv Security, Inc. focused on Application Security, Global Security Associate Partner and North American Regional Lead at IBM X- Force Red, Director of Application Security at Lares Consulting, Director of Security Services at iLAB, and a Principal Security Consultant at both NCC Group (formerly iSEC Partners) and Trustwave SpiderLabs.

His main focus has been on application security and vulnerability research. He has worked in this capacity both independently and for numerous companies ranging from small businesses to Fortune 100 enterprises. His work has included application penetration testing, network penetration testing, design review, and code review in 28 different computer languages.

He is actively involved in the Information Security community through speaking engagements at events such as DerbyCon, ShmooCon, CircleCityCon, OWASP, and ISSA, and he is a co-leader for the local OWASP chapter, one of the organizers for CircleCityCon, and co-founder for BSides Bloomington.

Venue, food, and refreshments provided by Guidepoint.