Breaking the Black Box
About This Session
Traditional security testing is neat and binary: find the bug, exploit the system, check the box. But when your target is a generative AI model that improvises, adapts (and sometimes lies with confidence) things get weird, fast.
This talk dives into the messy, fascinating world of AI red teaming, where success isn’t just about getting in, it’s about provoking behavior, exposing hidden biases, slipping past safety guardrails, and seeing what breaks when the rules bend.
We'll unpack why AI security demands more than traditional exploits, why your tools now need to think, and how testing has evolved from black-and-white checks to full-spectrum investigation.
If you’ve ever wondered how to secure a system that won’t stop changing (or how to test something that can talk back) this talk's for you!
This talk dives into the messy, fascinating world of AI red teaming, where success isn’t just about getting in, it’s about provoking behavior, exposing hidden biases, slipping past safety guardrails, and seeing what breaks when the rules bend.
We'll unpack why AI security demands more than traditional exploits, why your tools now need to think, and how testing has evolved from black-and-white checks to full-spectrum investigation.
If you’ve ever wondered how to secure a system that won’t stop changing (or how to test something that can talk back) this talk's for you!
Speaker
Jason Ross
Product Security Principal - Salesforce
Jason Ross is a passionate cybersecurity expert with a diverse skill set in generative AI, Penetration Testing, Cloud Security, and OSINT. As a product security principal at Salesforce, Jason performs security testing and exploit development with a specific focus on generative AI, Large Language Models, and Agentic systems.
Jason is a frequent speaker at industry conferences, and is active in the security community participating as a core member of the OWASP GenAI Project and serving as a DEF CON NFO goon.
Jason is a frequent speaker at industry conferences, and is active in the security community participating as a core member of the OWASP GenAI Project and serving as a DEF CON NFO goon.