Securing the Future: Navigating AI Vulnerabilities and Evolving Security Practices
CVE/FIRST VulnCon 2025 · Main Stage
This talk, "Securing the Future: Navigating AI Vulnerabilities and Evolving Security Practices," delivered by Lisa Bradley and Sarah Evans of Dell Technologies at VulnCon 2025, addresses the burgeoning security challenges introduced by the rapid integration of Artificial Intelligence (AI) and Machine Learning (ML) into modern software products. As AI transitions from niche applications like personalized recommendations to core functionalities such as code generation, bug identification, and real-time decision-making, it fundamentally alters the cybersecurity landscape, presenting new attack surfaces and demanding a proactive evolution of existing security paradigms.
AI review
Two Dell product security practitioners lay out a framework-heavy overview of AI/ML security risks at VulnCon — a conference ostensibly for vulnerability research practitioners. The content is competent survey-level material: OWASP Top 10 for ML/LLM, data poisoning taxonomy, AI SBOM concepts, supply chain analogies, and a compliance use case built around the EU Cyber Resiliency Act. Nothing here is original research. The 'Universal Attestation Framework' and 'Secure X-Ops' are branded Dell frameworks with no published specification, no implementation detail, no tooling, and no empirical…