Javan Rasokat and Andra Lezza -- When Chatbots Go Rogue - Lessons Learned from Building and Defending LLM Applications

Update: 2025-03-18

Description

Andra Lezza and Javan Rasokat discuss the complexities of securing AI and LLM applications. With years of experience in Application Security (AppSec), Andra and Javan share their journey and lessons from their DEF CON talk on building and defending LLMs. They explore critical vulnerabilities, prompt injection, hallucinations, and the importance of data security. This discussion sheds light on the evolving landscape of AI and LLM security, offering practical advice for developers and security professionals alike.

Javan’s blog article: Adversarial Misuse of Generative AI

Javan’s recommendation for the TLDR newsletter

Andra's book recommendation: The Cuckoo’s Egg by Cliff Stoll

FOLLOW OUR SOCIAL MEDIA:

➜Twitter: @AppSecPodcast
➜LinkedIn: The Application Security Podcast
➜YouTube: https://www.youtube.com/@ApplicationSecurityPodcast

Thanks for Listening!

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Comments

In Channel

Francesco Cipollone - Agentic AI Manifesto

2025-09-2333:19

Simon Gibbs & Devika Gibbs -- Building Bridges with Games

2025-09-1636:03

Akansha Shukla - Modern AppSec: Securing APIs with Threat Modeling and DevSecOps

2025-09-0235:35

Getting Ready for the EU CRA

2025-08-2040:46

Marisa Fagan - Measuring Security Culture

2025-08-0550:05

Aram Hovsepyan -- Your Security Dashboard is Lying to You: The Science of Metrics

2025-07-2240:52

Sean Varga -- OWASP Top 10 for AppSec Sales

2025-07-1547:13

Sarah-Jane Madden -- What AI means for AppSec

2025-07-0937:59

Dag Flachet -- Kaizen for your Appsec Program

2025-06-1735:54

Javan Rasokat and Andra Lezza -- When Chatbots Go Rogue - Lessons Learned from Building and Defending LLM Applications

2025-03-1847:31

Jim Routh -- The CISO Transition to the rest of life

2025-03-1149:36

Henrik Plate -- OWASP Top 10 Open Source Risks

2025-03-0438:26

Tanya Janca -- A Secure SDLC from a Developer's Perspective

2025-02-2648:54

Mehran Koushkebaghi -- Security as a Systemic Concern: How to develop Anti-Requirements

2025-02-1145:08

Kalyani Pawar -- Shaping AppSec at Startups

2025-02-0439:52

Milan Williams -- AppSec Metrics

2025-01-1436:16

MO Sadek -- Building an AppSec Program from Scratch

2025-01-0848:50

Brett Crawley -- Threat Modeling Gameplay with EoP

2024-12-1045:28

Matin Mavaddat - Understanding Security as a Systemic Concern: The Role of Anti-Requirements

2024-11-1250:20

Kayra Otaner -- DevSecOps

2024-10-2932:46

00:00

Javan Rasokat and Andra Lezza -- When Chatbots Go Rogue - Lessons Learned from Building and Defending LLM Applications

Chris Romeo and Robert Hurlbut

#box-pro-ellipsis-175958126049569{-webkit-line-clamp:2;}Javan Rasokat and Andra Lezza -- When Chatbots Go Rogue - Lessons Learned from Building and Defending LLM Applications

Javan Rasokat and Andra Lezza -- When Chatbots Go Rogue - Lessons Learned from Building and Defending LLM Applications

Chris Romeo and Robert Hurlbut

Javan Rasokat and Andra Lezza -- When Chatbots Go Rogue - Lessons Learned from Building and Defending LLM Applications