Attacking AI
Jason Haddix
BSides Seattle 2026 · Day 2 · Keynote
Jason Haddix, founder of Arcanum and a veteran offensive security researcher, delivers a practitioner's guide to hacking enterprise AI systems. Drawing from three years of real-world AI penetration tests against production systems -- not CTFs -- Haddix walks through Arcanum's methodology for attacking LLM-backed applications, presents four detailed case studies from actual client engagements, and releases multiple free community resources including the **Prompt Injection Taxonomy**, **Parcel Tongue** evasion tool, and the **SEC Hub** lab collection.
AI review
Jason Haddix delivers the most practical, methodology-driven AI pen testing talk I've seen. Four real-world case studies from production engagements, a Metasploit-inspired prompt injection taxonomy with primitives you can immediately use, and free open-source tooling. This is what offensive security talks should be: original work from the field, not repackaged vendor slides.