2025 OWASP & Gen AI Application Security & Risk

Building agentic applications means orchestrating models, APIs, data pipelines and external tools — often with autonomous decision-making in the loop. This panel brings together developers and DevSecOps leaders to discuss the architectural and operational challenges of securing these complex systems.

Panelists will explore secure-by-design patterns, least-privilege tool invocation, runtime guardrails, AI supply chain transparency, monitoring and drift detection. The discussion will focus on real implementation trade-offs — how to maintain velocity while embedding meaningful security controls into CI/CD and production environments.

As generative and agentic AI systems transition from experimentation to enterprise-scale deployment, executive leaders are redefining how security, governance and innovation intersect. This panel brings together leaders and senior practitioners for a candid discussion on adopting AI security best practices across complex organizations.

Panelists will share how they are aligning to emerging frameworks, integrating AI risk into enterprise risk management, evaluating AI vendors and balancing oversight with speed. The conversation will explore board-level accountability, regulatory pressures, cross-functional coordination and how to measure AI security maturity in a rapidly evolving landscape.

Agentic and generative AI systems introduce dynamic behaviors that challenge traditional security testing approaches. This practitioner-led panel explores how red teaming methodologies are evolving to address prompt injection, tool misuse, data leakage, memory manipulation and emergent agent behavior.

Panelists will debate structured vs. exploratory testing models, discuss how to define adversarial objectives and measurable outcomes, and examine how continuous validation differs from one-time assessments. The session will also address collaboration between red teams, developers and AI engineers to ensure findings translate into durable mitigations.