Prompt Injection Archives

RVAsec 15 Speaker Feature: Jon Waldman

May 8, 2026 cfp user

Speaker

Everything Everywhere All At Once: Untangling Security & Privacy Risks Across Today’s AI Tools (<– add to your schedule)

AI adoption is exploding—but the security promises behind these tools often don’t match the fine print buried in their terms, models, or data flows. This talk cuts through the hype with a no‑B.S. look at the real privacy and security risks across today’s major AI platforms, and gives business leaders and security professionals a clear roadmap for deciding what’s safe, what’s risky, and what’s simply not ready for prime time.

Jon Waldman:
Jon Waldman is the Co-Founder and President of SBS CyberSecurity, where he oversees the SBS service teams and the SBS Institute. For more than 20 years, Jon has helped hundreds of organizations identify and understand cybersecurity risks to allow them to make better and more informed business decisions. Jon’s passion for cybersecurity training and education led him to be a driving force in the development of the SBS Institute. Designed for the banking industry, the Institute provides specialized cybersecurity education and now offers more than 10 certification courses, with State Association partnerships in 30+ states.

Jon maintains his CISA, CRISC, and CDPSE certifications. He received his Bachelor of Science in Computer Information Systems and his Master of Science in Information Assurance with an emphasis in Banking and Finance Security from Dakota State University, a Center of Academic Excellence in Information Assurance Education designated by the NSA.

Along with being an instructor for SBS Institute courses, Jon frequently speaks on cybersecurity topics at a variety of events and trainings across the country. Additionally, he is a blog author, has had multiple articles published, has participated in numerous podcasts, and regularly hosts educational webinars. Jon strongly believes the more knowledgeable and educated we all are — directors, executives, employees, and customers alike — when it comes to cybersecurity, the more risk we reduce as a whole.

Come see Jon Waldman at RVAsec 15!

RVAsec 15 Speaker Feature: Paul Brownridge

May 7, 2026 cfp user

Speaker

AI Security Chatbot Exploitation conference Data Disclosure Guard Rails Hallucination LLM Security pentesting presentation Prompt Injection RVAsec speaker

Flirting with AI: Pwning web sites through their AI chatbot agents and politely breaking guard rails (<– add to your schedule)

Find out how to penetration test an AI chatbot.

Paul Brownridge:
Paul Brownridge is Head of Technical Delivery at Pen Test Partners, the ethical hacking firm. Originally from an engineering background, Paul swapped his hard hat for a white hat and has been working in cyber security for the last 10 years. His practical experience of industrial environments and cyber security make for a capable and highly competent OT cyber engineer. Paul is a regular speaker at national and international technology and security events such as Defcon and the (ISC)2 Security Conference, highlighting key risks with the internet of things, automotive and maritime.

Come see Paul Brownridge at RVAsec 15!

RVAsec 15 Speaker Feature: Jason Ross

May 6, 2026 cfp user

Speaker

Adversarial AI conference Guardrails Jailbreak LLM Security Prompt Injection RAG Poisoning Red Teaming RVAsec Social Engineering speaker

Social Engineering The Machine: When Your Target Runs On Attention Instead Of Anxiety (<– add to your schedule)

Every AI talk this year will tell you prompt injection is a problem. This one gives you the methodology to actually exploit it. Borrowing from decades of adversarial human testing, we’ll move past “vibes” and “jailbreak screenshots” to build a working, repeatable framework for social engineering the machine.

Jason Ross:
With 20+ years in cyber security, Jason Ross now performs adversarial testing and defense of deployed generative AI applications, agentic systems, and the LLMs powering them at Salesforce. Jason’s work focuses on prompt injection attacks and defense, model governance and security, and agent exploitation on high-stakes, high-visibility production deployments. He is also a core contributor to the adversarial AI tooling and datasets used by engineering, AI research, and ethics teams across the company.

Outside Salesforce, Jason co-leads the OWASP GenAI Security Project Red Team Initiative and helped author the OWASP GenAI Red Teaming Guide. He speaks regularly at industry conferences, including NDC Security, the SANS AI Security Summit, the OWASP GenAI Summit at RSA, Skytalks, RVASec, and more.

When he’s not breaking AI, Jason gives back to the security community as a staff member at BSidesLV and a volunteer at DEF CON.

Come see Jason Ross at RVAsec 15!

RVAsec 15 Speaker Feature: Brian Cardinale

May 5, 2026 cfp user

Speaker

Authentication Bypass conference DTMF Injection LLM Security Prompt Injection Red Teaming RVAsec Social Engineering speaker Tool Abuse Voice AI

I Called Your AI Agent and It Told Me Everything: Live Voice AI Red Teaming (<– add to your schedule)

You’ll leave this talk understanding:
– How voice AI agents are architecturally different from text chatbots
– The specific attack vectors unique to voice: transcription manipulation, DTMF injection, audio-layer prompt injection, and social engineering through vocal tone
– A repeatable methodology for testing voice AI systems in your own organization
– Concrete remediation strategies for the most common findings

Brian Cardinale:
Brian Cardinale is the Principal Security Researcher at SecureCoders and creator of the TEAPOT methodology for voice AI red teaming. He holds a CISSP and has spent his career breaking things that aren’t supposed to break. Brian built VoiceGoat, the first open-source vulnerable voice AI agent, and leads RedCaller’s research into adversarial testing of phone-based AI systems. He previously discovered CVE-2015-4670 and has conducted security assessments across financial services, healthcare, and critical infrastructure. When he’s not social engineering robots over the phone, he’s probably social engineering robots over the phone.

Come see Brian Cardinale at RVAsec 15!

RVAsec 15 Speaker Feature: Ryan Bird

May 1, 2026 cfp user

Speaker

Adversarial ML Agentic AI AI Security conference Detection Engineering MDR Model Poisoning presentation Prompt Injection RVAsec SOC Automation speaker

AI SOC and Securing your Environment (<– add to your schedule)

This discussion is designed to help teams figure out where AI fits in their environment from an analysis perspective, it is vendor agnostic and includes agentic deployments, as well as AI SOC services, novel attack vectors from independent research, and the overarching philosophy of how the threat landscape has just massively changed and how to adapt to it.

Ryan Bird:
Ryan Bird moved to the MVA area in 2017 with his wife. He helped train the United States Army in their ASOT level one program as well as MCTOG in 29 Palms through 2019 with Obsidian Solutions Group before working at Annapolis Defense in a Maritime Security role. After Covid hit he went on to start school at University of Maryland Global Campus and began work in his first cyber security role at RSM Defense when it was being stood up with Unit 26, He then went on to support the Department of States’ Personal Security Device program, and on to FEMA at Mount Weather supporting their internal SOC with One Zero Solutions. He has since been hired at GuidePoint as a Security and Delivery Engineer supporting Elastic and CrowdStrike.

In 2019 he was also part of the Storm the Hill event at IAVA – assisting the IAVA team by talking to congressman and women about veteran suicide in order to get the Commander Scott Hannon bill passed, which changed the VA healthcare system to auto enroll service members upon discharge. He additionally did Disaster relief work during Hurricane Florence, and supported his Uncle running for Commonwealth’s Attorney in 2025 in the City of Fredericksburg.

He has brought common security knowledge from the physical security philosophy to the cyber side of things and holds a unique mindset and experience working his way from an Analyst position to a key member at GuidePoint’s Mid Atlantic SECOPS team.

Come see Ryan Bird at RVAsec 15!

RVAsec 15 Speaker Feature: David Reign

April 30, 2026 cfp user

Speaker

AI conference Embeddings Enterprise Security Hallucination LLM presentation Prompt Injection RAG RVAsec speaker Transformers

A Peek Behind the Curtain: How A.I. Works (<– add to your schedule)

“A Peek Behind the Curtain: How A.I. Works” offers a clear, non-technical tour of how modern AI systems learn from data and generate predictions or content. The talk demystifies key concepts like training, inference, and model limitations so attendees can better understand what AI can—and can’t—do.

David Reign:
David Reign is a Security Analyst at Oracle with seven years of experience in information security, including three years supporting enterprise environments at scale. His work focuses on cloud security, virtualization, and strengthening security posture through practical risk management and control implementation. David holds a B.S. in Mathematics from Hampton University and an M.Eng. in Cybersecurity from the University of Maryland. He also maintains industry certifications including CompTIA Security+, CompTIA PenTest+, and GIAC Cloud Security Essentials (GCLD).

Come see David Reign at RVAsec 15!

RVAsec

Tag: Prompt Injection

RVAsec 15 Speaker Feature: Jon Waldman

RVAsec 15 Speaker Feature: Paul Brownridge

RVAsec 15 Speaker Feature: Ryan Bird

RVAsec 15 Speaker Feature: David Reign

about rvasec

Recent Posts