Member-only story
Key Insights from devSec 2024: AI Security, Supply Chain Protection, and Building Secure Teams
Report from the devSec Conference 2024 in Cologne Germany
I attended the devSec Conference 2024 in Cologne, Germany with my colleague. Three key topics stood out as particularly relevant for me.
Artificial Intelligence (AI) and Security
AI as an Attack Vector: It was fascinating to explore the numerous ways in which AI-powered chats and chatbots can be exploited to perform tasks they weren’t originally designed for. This highlights the potential security risks posed by integrating AI systems, especially Large Language Models (LLMs). Best practices for the secure integration of LLMs were also discussed.
More info (in German language): AI as an Attack Vector — Security Risks and Best Practices for Integrating LLMs
Software Supply Chain Security — SBOM
Software supply chain security is becoming increasingly important. While it was once common to use commercial off-the-shelf (COTS) components, many components are now open source. In the past, we trusted the vendors of these components, but today we are expected not only to trust but also to verify.
