GenAI Application Security: Not Just Prompt Injection
Ahmed Abugharbia
BSidesSF 2025 — Here Be Dragons · Day 2 · Main
GenAI application security is not a completely new field — it is classical security applied to a new architecture. Ahmed Abugharbia, a security researcher and SANS instructor, argues that the key to securing AI systems is first understanding how they actually work, then mapping existing security controls onto the components that are genuinely novel: LLMs, embeddings, vector databases, agents, and their interaction boundaries. ---
AI review
A competent survey of GenAI application security for practitioners who haven't already done this reading. The pickle deserialization / model-as-executable framing is the most underappreciated point in the talk. The MLSecOps CI/CD pipeline integration demo is practical. Everything else is well-organized fundamentals.