Bug bounty talks

Large Language Models (LLMs) are transforming the way we build applications, automate workflows, and interact with technology, but they also introduce a new and rapidly evolving attack surface. In this talk, I'll dive into the real-world vulnerabilities that can arise when LLMs are integrated into applications without proper security considerations. Through a series of demos and case studies, I'll showcase how LLMs can be exploited through prompt injection, data leakage, privilege escalation, and model manipulation. These are not theoretical issues — they're vulnerabilities I've discovered in the wild, across real systems. But this isn't just about breaking things. I'll also cover practical strategies for securing LLM-powered applications, from input/output validation and sandboxing to context isolation and prompt hardening. Whether you're a red teamer, developer, or architect, you'll leave with a deeper understanding of how to identify, exploit, and defend against LLM-specific threats. AI may be the future, but security needs to catch up. It's time we start treating LLMs as critical components, not magic boxes.

An interactive show packed with digital spectacle and real ethical hacks, presented as mind-blowing magic tricks. Prepare to be amazed as we reveal hacks that seem impossible until we break them down and show you how they work. Each magical hack comes with practical tips to help you stay cyber-savvy and protect yourself online. With a perfect mix of entertainment, education, and humor, this show is designed for everyone no technical background needed. This isn't just another cybersecurity talk. Itís a thrilling, eye-opening experience where real hacks unfold before your eyes!

Learn basic skills on how to approach and start hacking on IoT and other electronic devices. Discover how to exploit basic vulnerabilities using low-cost equipment. No soldering skills required!

Hi there 👋 I'm Robbe Van Roey and for the past 8 years I've devoted my life to securing the world around me. I've found vulnerabilities in Amazon, NVIDIA, European banks, and many many more! I've always enjoyed giving talks and have spoken at various conferences and events.

Cybersecurity is celebrated as a booming field and fulfilling career choice – but what are the stories that no one tells you? Join John Hammond for an open session with behind-the-scenes banter in a choose-your-own-adventure style chat on cybersecurity training, certificates and industry accolades, current events, resources and more. From there, we'll dive into anything that interests YOU as the group: whether it is malware, cybercrime, hot topics of career mistakes and ethical dilemmas, or anything you want to chat about in an audience-driven discussion.

Through organic growth, organisations often end up with an API architecture that allows an attacker to bypass the WAF. This talk explains how from an attacker's point of view.

I’m a hacker and I love APIs. Perhaps for obvious reasons: they are really vulnerable! But to my shame I actually don’t find really technical amazing vulnerabilities. Instead, I find the silly mistakes that are left over, the things developers forgot. I'll share four of my "best" bug bounty finds, how I found them, how I taught my mum to find them and how you can find them, too.