OWASP San Antonio Chapter Quarterly Meeting-Threat Modeling for LLM

Threat Modeling for Large Language Models

Large language models represent a historic opportunity to further accelerate the pace of software development. A GitLab survey reported that 67% of organizations planned to use AI in software development in the immediate future. Unfortunately, many organizations are moving quickly to adopt AI in development with little thought of security consequences. Threat modeling enable security analysts to understand the additional risks that development with LLMs represents. This session will provide an overview of AI and LLM security challenges and demonstrate how threat modeling can identify potential security weaknesses. Inspired by the OWASP Top 10 list for LLMs, the session will provide a threat modeling approach for LLMs that is straightforward to adopt in production.

NOTE: there will be door prize drawings for those that attend in person

AGENDA

• Lunch: 11 to 11:30
• Meeting Kick-off (JoeG: 15 min)
• Presentation: (30 min)
• John Dickson: CEO Bytewhisper Security
• Threat Modeling for Large Language Models
• AI Survey Results and Panel Discussion (15 min)
• John Dickson: CEO Bytewhisper Security
• Edward Contreras: CISO Frost Bank
• Topics for Future Meetings (Priya Parthasarathy) (10 min)
• Membership and Door Prizes (Brent Daugherty) (10 min)
• Close Meeting (JoeG) (5 min)