This talk was recorded at NDC Security in Oslo, Norway. #ndcsecurity  #ndcconferences  #security  #developer   #softwaredeveloper    

Attend the next NDC conference near you: 
https://ndcconferences.com
https://ndc-security.com/

Subscribe to our YouTube channel and learn every day:   @NDC 

Follow our Social Media!

https://www.facebook.com/ndcconferences
https://twitter.com/NDC_Conferences
https://www.instagram.com/ndc_conferences

#ai #machinelearning #applicationsecurity 

Attacking AI is a one of a kind session releasing case studies, tactics, and methodology from Arcanum’s AI assessments in 2024 and 2025. While most AI assessment material focuses on academic AI red team content, “Attacking AI” is focused on the task of assessing AI enabled systems.

Join Jason as he discusses his seven point methodology to assessing these systems and releases Arcanum’s prompt injection taxonomy and other resources for aspiring testers.

NDC Conferences

A conference talk by Jason Haddix covering offensive security methodology for AI systems. Drawing on 2+ years of AI pentesting experience, it walks through a custom LLM assessment methodology covering input identification, ecosystem attacks, prompt engineering leakage, RAG data exfiltration, and pivoting to internal systems. Real-world case studies include bypassing Amazon Rufus guardrails via ASCII encoding, exfiltrating system prompts and API keys from healthcare and automotive enterprise AI systems, and attacking a SIEM vendor's AI integration. The talk introduces a Metasploit-inspired taxonomy of prompt injection techniques (intents, techniques, evasions, utilities), demonstrates tools like Parcel Tongue for evasion generation, and provides resources including 23+ practice labs, bug bounty programs, and CTF competitions for learning AI red teaming.

Attacking AI - Jason Haddix - NDC Security 2026