“Once again Saltmarch has knocked it out of the park with interesting speakers, engaging content and challenging ideas. No jetlag fog at all, which counts for how interesting the whole thing was.”
Cybersecurity Lead, PwC
“Very much looking forward to next year. I will be keeping my eye out for the date so I can make sure I lock it in my calendar.”
Software Engineering Specialist, Intuit
“Best conference I have ever been to with lots of insights and information on next generation technologies and those that are the need of the hour.”
Software Architect, GroupOn
“Happy to meet everyone who came from near and far. Glad to know you've discovered some great lessons here, and glad you joined us for all the discoveries great and small.”
Web Architect & Principal Engineer, Scott Davis
“Wonderful set of conferences, well organized, fantastic speakers, and an amazingly interactive set of audience. Thanks for having me at the events!”
Founder of Agile Developer Inc., Dr. Venkat Subramaniam
“What a buzz! The events have been instrumental in bringing the whole software community together. There has been something for everyone from developers to architects to business to vendors. Thanks everyone!”
Voltaire Yap, Global Events Manager, Oracle Corp.
Large Language Models have expanded what’s possible, and what’s vulnerable. New risks like prompt injection, data exfiltration, insecure plugin calls, and model-driven denial-of-service are testing the limits of traditional security models. The OWASP LLM Top-10 (2024–2025) offers a shared vocabulary for these threats; this session turns that framework into a hands-on security playbook for engineers, architects, and security teams deploying LLMs in production.
You will learn how to threat-model LLM endpoints, implement guardrails that actually work, and sandbox plugins and tools using least privilege. The talk also shows how to align controls with the NIST AI Risk Management Framework and ISO/IEC 42001 for compliance-ready governance. Real-world attack examples and red-team simulations make this a practical session you can apply immediately.
What You Will Learn
How to identify and mitigate the top OWASP LLM risks: prompt injection, data leaks, insecure plugins, and model DoS
Designing input/output guardrails, content moderation, and schema validation that hold up under pressure
Sandbox design and least-privilege principles for tools and plugin execution
Techniques for securing RAG pipelines, tenant isolation, and sensitive data redaction
Mapping mitigations to NIST AI RMF and ISO/IEC 42001 for audit-ready assurance
Who Should Attend
Security engineers, AI platform leads, software architects, and DevSecOps professionals securing LLMs, agent frameworks, and retrieval-augmented systems in production environments.
