The Anatomy of an AI Breach: From Attack to Defense

As AI adoption accelerates, security is becoming one of the most overlooked yet critical challenges. John Iwasz explores common vulnerabilities in AI-powered systems through a live demonstration of a misconfigured MCP (Model Context Protocol) server. Attendees will see how attackers can exploit weaknesses in authentication and access control to compromise AI infrastructure. The session then transitions into practical defense strategies, showcasing how OAuth can be implemented to secure MCP endpoints. By the end, participants will gain a deeper understanding of AI system vulnerabilities, the risks of insecure deployments, and concrete steps to harden their environments against real-world threats.

⚠️ Microsoft requires everyone to check-in when entering their facility. You must provide your first and last name when signing up for this in-person event to be on the attendees list we submit to Microsoft.

Hoagies, chips, cookies, and water will be provided.

⭐⭐⭐⭐⭐⭐

John Iwasz is a seasoned professional with a wealth of knowledge and expertise backed by over two decades of experience in software development and architecture. During his 12-year tenure at Microsoft, he worked with clients in the healthcare, fintech, and pharmaceutical industries, utilizing his skills to deliver innovative solutions.

In addition to his work at Microsoft, John co-founded Whetstone Technologies, a startup that specializes in creating innovative solutions for smart speakers such as Alexa and Google Home, as well as OEM devices. The company was accepted into the PlayLabs incubator at MIT, showcasing John's entrepreneurial spirit and ability to bring new ideas to fruition.

Currently, John works as a partner technologist at AVEVA, where he focuses on industrial IoT and cybersecurity.