📌 July OWASP Bay Area Meetup @ EndorLabs | July 15, 2025 Link to heading

At my second OWASP Meetup in July, sponsored by Endor Labs, I participated in several insightful discussions on the evolving landscape of application security in the age of artificial intelligence. Andrew Stiefel’s session, “Evolving Your AppSec Program in the Era of AI”, provided practical strategies for adapting AppSec programs to handle the challenges of AI-generated code, while also exploring how AI can improve security workflows. Sultan’s presentation on “Role Mining for AppSec with AI and Open Policy Agent” gave valuable insights into using AI to create and enforce RBAC roles in large-scale microservices environments. Finally, Ankita’s session on “MCP Security: Securing the Newest API Standard Behind ChatGPT, Claude & Copilot” focused on the emerging risks associated with the MCP API standard and how to secure this new layer of application security.

📌 AI Engineer World’s Fair 2025 | June 3-5,2025 Link to heading

At the AI Engineer World’s Fair 2025, I attended several key sessions that significantly deepened my understanding of AI. One of the highlights was “How LLMs Work for Web Devs: GPT in 600 Lines of Vanilla JS”, where I learned how to build and understand large language models (LLMs) in a simple and practical way using vanilla JavaScript. Another standout was “Automating Escrow with USDC and AI”, where I explored the potential of AI and smart contracts to automate secure and trust-minimized escrow systems, offering a fresh perspective on blockchain’s role in financial transactions. Additionally, the “Prompt Engineering & AI Red Teaming” session provided me with invaluable insights into optimizing AI interactions and testing AI models for vulnerabilities, equipping me with essential skills for working in AI security and development.

📌 OWASP® Foundation Bay Area Meetup @ Adobe | May 28, 2025 Link to heading

I had the opportunity to attend the OWASP® Foundation Bay Area Meetup hosted by Adobe on May 28, 2025. The event provided insightful discussions on proactive security strategies. One highlight was the talk on Proactive Defense: Preventing Account Takeover Before It Begins, where speakers Barath Subramaniam and Alessio Iacovone explored AI-driven tools and layered defense measures to prevent account takeovers before they happen. Another key session, Implementing Secure Guardrails by Srajan Gupta, focused on seamlessly integrating security into developer workflows, making secure coding intuitive and reducing friction for development teams. Key takeaways included the importance of proactive security, early integration of security into development processes, and the critical role of training and culture in maintaining a strong security posture.