Join us at RSAC 2026 in SF – Annual Gen AI Security Summit and Open Workshop – March 25th

|

Register Now!

OWASP GenAI Security Summit at RSAC 2026 Conference

Community research, best practices, and real-world guidance for secure AI adoption

About

Join us Again This Year at the RSAC 2026 Conference, in San Francisco
March 23rd – 26th

4 Opportunities to Learn and Connect !!

Once again we are back at RSAC 2026, with a number of RSAC Attendee and Community education and networking events. Hear  the latest research published by the OWASP Gen AI Security Project to help organizations develop and deploy Gen AI and Agentic apps and systems.

Learn about applying AI and agentic security best practices and tools to target threats from bad actors. Learn how to use FinBot the Agentic AI Capture the Flag application to improve your security and threat hunting skills, our new AI SBOM Tooling initiative and so much more.

Activities Planned During RSAC Week: (Monday & Wednesday)

  • OWASP GenAI Security Summit 2026 @ RSAC 2026 – Safeguarding GenAI Agents & Anonymous Risk in 2026

      • When: Wednesday March 25th, 8:30am – 12:30pm
      • What: The OWASP AI Security Summit 2026 brings together practitioners and CISOs to share community-driven research, best practices, and real-world insights on securing LLMs, GenAI, and AI-assisted development, covering Top 10 risks, incident response, and governance for secure AI adoption.
      • View Full Agenda
      • Where:  Moscone Conference Center – Moscone South – Room 303
      • Open to All RSA Attendees with ExpoPlus Pass or better.
      • RSA Session Link – Favorite and Join us  – Scroll down for a full agenda and list of speakers!

      • Register for RSAC Now!

        OWASP Members: Save on RSAC 2026 Conference

        $150 Discount code off All Access: 16UOWASPAD
        $250 Discount code off Expo Plus: 16UOWASPXPD

  • OWASP GenAI Security Open Workshop & Agentic Hackathon at RSAC’26

  • OWASP GenAI Security RSAC’26 Jungle Party of The Century

      • What: Welcome to the Jungle! wrap up your RSAC day Join us just a short block and half walk from RSA for drinks and light bites Wednesday evening with community members, project leaders and fellow conference attendees.
      • When: Monday March 23rd, 6:30pm – 9:00pm
      • Where: DigitalJungleSF972 Mission St, San Francisco, CA 94103, USA
      • Open to All RSA and Community Members – no pass required, Space is limited

      • Register Now, Join the Fun!


Full Agenda: OWASP GenAI Security Summit 2026 @ RSAC 2026

TIME SESSION SPEAKERS
8:30a -8:35a Summit Welcome Scott Clinton; Co-chair, Co-founder and COO
OWASP GenAI Security ProjectSteve Wilson; Founder Top 10 for LLMs, Co-chair
Chief AI and Product Officer, Exabeam
8:40a -8:55a GenAI Security Project Update & Outlook for 2026 Scott Clinton; Co-chair, Co-founder and COO
OWASP GenAI Security Project
9:00a – 9:20a Latest – Top 10 Security Risks for LLM and Gen AI for 2026/27 Steve Wilson: Co-chair, CPO and AI Officer Exabeam, Founder Top 10 for LLM Security

Ads Dawson; Top 10 for LLM Co-lead
9:25a – 10:05a Expert Panel: Evolving GenAI and Agentic Security Risks, Realities, and What’s Next

– Autonomous agents, expanding attack surfaces, the panel dives into the new reality of GenAI security.

 Steve Wilson; Co-chair, CPO and AI Officer Exabeam, Founder Top 10 for LLM Security

Chris Hughes; CEO and Co-Founder, Aquia

Apostol Vassilev; Adversarial AI Lead, NIST

Karen Katz; Initiative Lead Top 10 for Agentic Security

Moderator: Ron Del Rosario; VP, Head of AI Security, SAP
10:10a – 10:40a Top 10 Security Risks For Agentic AI For 2026 Karen Katz; Lead, OWASP Top 10 for Agentic AI, Senior Group Manager, AI Security

Ron Del Rosario; Co-lead the GenAI ASI, VP, Head of AI Security, SAP
10:45a – 11:10a Operationalizing the OWASP Agentic Top 10: A Real-World Case Study

An in-depth case study on how an organization successfully implemented the OWASP Agentic Top 10 as part of the Agentic Top 10 Adoption Challenge.

 Karen Katz; Lead, OWASP Top 10 for Agentic AI, Senior Group Manager, AI Security

Rock Lambrose; Agentic Security Initiative Core Team,

TBA – Winner #1 OWASP Agentic Adoption Challenge
11:15a – 11:45a Navigating AI Threat with OWASP Red Team COMPASS Sandy Dunn; CISO, Knowtion Health

Kyriakos “Rock” Lambros; ASI – Core team, CEO and Founder, RockCyber
11:50a – 12:15p Evaluating AI Red Teaming Solutions/Vendors: New OWASP Criteria Guide Jason Ross; Co-lead, AI Red Teaming Initiative, Product Security Principal, Salesforce
12:20p – 12:35p New AI-SBOM Initiative in Action: Demo and Initiative Update Helen Oakley; Co-lead AISBOM Initiative, Senior Director, Software & AI Security, SAP

Full Agenda: OWASP GenAI Security Open Workshop at RSAC’26

TIME SESSION SPEAKERS
2:00p -2:15p Open Workshop Welcome Scott Clinton; Co-chair, Co-founder and COO, OWASP GenAI Security Project
Karen Katz; Lead, OWASP Top 10 for Agentic AISenior Group Manager, AI Security
2:15p – 2:35p Securing MCP: OWASP Best Practices – A Practical Guide Idan Habler, PhD; AI Security Researcher, CISCO
Joshua Beck; Application Security Architect, SAS
Tomer Elias; Sr Dir, Prod Management Agentic Security, HUMAN
2:35p – 3:05p Putting the OWASP Agentic Top 10 into Practice: A Real-World Case Study

An in-depth case study on how an organization successfully implemented the OWASP Agentic Top 10 as part of the Agentic Top 10 Adoption Challenge.

 Karen Katz; Lead, OWASP Top 10 for Agentic AI Senior Group Manager, AI Security

Rock Lambrose; Agentic Security Initiative Core Team,

TBA – Winner #1 OWASP Agentic Adoption Challenge
3:10p – 3:55p Building the Future of Agentic AI Security,  With the ASI Core Team

Hear directly from the OWASP GenAI Security Project core team on the future of agentic AI security. Get insights on upcoming initiatives, roadmap priorities, and ask your q’s live.

 Karen Katz; Initiative Lead Top 10 for Agentic Security
Kyriakos “Rock” Lambros; ASI – Core team, CEO and Founder, RockCyber
Idan Habler, PhD; AI Security Researcher, CISCO
Kayla Underkoffler; 
4:00p – 4:25p FinBot: An Agentic AI Capture-The-Flag Deep Dive
– Dive into FinBot, OWASP’s agentic AI Capture-the-Flag application designed to expose real-world agent vulnerabilities. Explore hands-on attack scenarios and defensive lessons.		 Helen Oakley; Co-lead AISBOM Initiative Senior Director, Software & AI Security, SAP
Venkata Sai Kishore Modalavalasa; Chief Architect at Straiker
4:30p – 5:45p Top 10 for Agentic Security Hackathon Allie Howe; Co-lead AISBOM Initiative Founder, Growth Cyber
SPEAKERS (in order of presentation)
BIOS
Scott Clinton
Co-Chair, Co-founder
OWASP Gen AI Security Project,
President SCVentures, Ltd		 Scott Clinton is Co-Chair and Co-Founder of the OWASP GenAI Security Project, leading strategy, operations, and growth. A 25+ year industry executive and 20-year open source leader, he has built and scaled open source businesses and industry consortiums across security, DevOps, AI/ML, and data markets. Scott is a published author and research lead, including the Gen AI Security Landscape and AI Security Center of Excellence Guide. Scott also holds multiple board and advisory roles with technology companies helping guide organization scale and growth.
Steve Wilson,
Founder Top 10 for LLMs
Chief AI and Product Officer, Exabeam		 Steve Wilson is the Chief AI and Product Officer at Exabeam, a global cybersecurity innovator, where his team applies cutting-edge AI technologies to tackle real-world challenges. Steve, founder of the OWASP Top 10 for LLM and co-chair of the OWASP Gen AI Security Project, His award-winning book, “The Developer’s Playbook for Large Language Model Security” (O’Reilly Media), delivers a practical and detailed framework for creating secure, responsible AI applications, earning recognition as the best Cutting Edge Cybersecurity Book by Cyber Defense Magazine. He was named the 2023 Cybersecurity Innovation Leader by Enterprise Security Tech.
Ads Dawson,
Staff AI Security Researcher, Dreadnode		 Ads is a self-described “meticulous dude” who lives by the philosophy: “Harness code to conjure creative chaos—think evil; do good”. He is a recognized expert in offensive AI security, specializing in adversarial machine learning exploitation and autonomous red teaming. As Staff AI Security Researcher at Dreadnode and Technical Lead for the OWASP LLM Applications Project, he architects next-gen evaluation harnesses for cyber operations and AI red teaming. A pioneer in AI red teaming, his work focuses on multi-modal AI exploitation, LLM reasoning subversion, and large-scale adversarial evaluation frameworks that redefine what’s possible in autonomous security testing.
Chris Hughes
Agentic Security Inititive – Expert Review Board
CEO and Co-Founder, Aquia		 Chris Hughes is the CEO and Co-Founder of Aquia, a cybersecurity consulting firm focused on secure digital transformation. Chris brings nearly 20 years of IT and cybersecurity experience to his role as co-founder and President at Aquia as well as a Cyber Innovation Fellow (CIF) at the Cybersecurity Infrastructure and Security Agency (CISA). Chris also advises various technology startups. Chris has co-authored multiple books, including Software Transparency, Effective Vulnerability Management and Securing AI Agents. Chris hosts the Resilient Cyber Show and Substack and is a frequent contributor to industry efforts with groups such as OWASP.
Keren Katz
Lead, OWASP Top 10 for Agentic AI
Senior Group Manager, AI Security		 Keren Katz is a leader in AI and cybersecurity. She is currently a Senior Group Manager of AI Security at Tenable, following Tenable’s acquisition of Apex, where she previously led security detection. Keren also led the product at Sygnia, an IR and MXDR security company. She has a background in special-operations deep tech, software engineering and architecture, and founding an ML-based startup. Keren is the co-lead of the OWASP Top 10 for Agentic AI, a Forbes contributor, and a global speaker on AI, security, and product management.
Apostol Vassilev
Agentic Security Inititive – Expert Review Board
Adversarial AI Lead, NIST		 Apostol Vassilev is a renowned expert in Trustworthy and Responsible AI and Cybersecurity, leading research efforts at the National Institute of Standards and Technology (NIST). With a focus on Adversarial Machine Learning (AML) and Robust AI for Autonomous Vehicles, Apostol drives innovation in these critical areas. He collaborates with industry, government agencies, and academia to develop and adopt standards in artificial intelligence and cybersecurity, contributing to national and international standards groups. Apostol has authored over 50 scientific papers and holds five U.S. patents. Apostol is a respected voice in his field.
Kyriakos “Rock” Lambros
CEO and Founder, RockCyber		 Kyriakos “Rock” Lambros, MBA, is a leader in AI governance and cybersecurity innovation, specializing in merging AI and Cybersecurity with governance to transform organizations. As CEO and founder of RockCyber, Rock applies over two decades of expertise to develop cutting-edge solutions that bolster security across sectors like energy, eCommerce, and banking. His leadership has been instrumental in enhancing operational efficiency and minimizing risks at major corporations such as MPLX, eBay, and General Dynamics through advanced security program development and strategic mergers and acquisitions. He is also the author of “The CISO Evolution,”
Jason Ross
Co-lead, AI Red Teaming Inititive
Product Security Principal, Salesforce		 Jason Ross is a passionate cybersecurity expert with a diverse skill set in generative AI, Penetration Testing, Cloud Security, and OSINT. As a product security principal at Salesforce, Jason performs security testing and exploit development with a specific focus on generative AI, Large Language Models, and Agentic systems. Jason is a frequent speaker at industry conferences, and is active in the security community: participating as a core member of the OWASP Generative AI Security Project.
Sandy Dunn
AI Security COMPASS Lead
CISO, Knowtion Health		 Sandy Dunn is a cybersecurity executive with over 20 years of experience across manufacturing, healthcare, and startup enterprises. She is a core member of the OWASP GenAI Security Project and serves as creator and project leader of the OWASP Top 10 for LLM Applications Cybersecurity and Governance Checklist and OWASP GenAI COMPASS. She also contributes to the cybersecurity field as an Adjunct Professor at Boise State University, where she teaches cybersecurity courses, where she also serves on the board.
Ron F. Del Rosario
Co-Lead GenAI Security – Agentic Security Inititive
VP Head of AI Security, SAP		 Ron F. Del Rosario is a widely recognized expert practitioner in securing modern artificial intelligence and machine learning (AI/ML) systems with nearly twenty years of experience in the Software as a Service (SaaS) industry. He is a popular speaker at top international security conferences such as RSA, DefCon, and Black Hat. Ron has appeared on numerous podcasts and live events globally, sharing his insights on securing AI, Language Models, and Agents. Since 2018, he has been a pioneer in AI/ML security, developing internal frameworks for AI/ML security governance and AI Security Posture Management (AI-SPM), supported by a patent on using AI/ML for secure software development.
Helen Oakley
Co-lead AISBOM Inititive
Senior Director, Software & AI Security, SAP		 Helen Oakley, CISSP, GPCS, GSTRT, works at the intersection of AI, cybersecurity, and software supply chains—where the rules are still being written. She leads industry efforts on AI SBOM/AIBOM, co-leads workstreams within the OWASP GenAI Security Project, and contributes to the Agentic AI Threats & Mitigations Guide. Helen created the first open-source AI SBOM Generator for Hugging Face models and, at SAP, leads a global team securing development and pipelines. She is also a Founding Partner of AISUF.org and co-founder of LeadingCyberLadies.com.
  • Featured, In-Person
  • Mar
  • 25
  • 8:00 AM PDT
  • Mar
  • 25
  • 1:15 PM PDT
Add to Google
Download .ICS Invite
Visit Event Site
Location:
Moscone Center
747 Howard St
  • San Francisco,
  • California,
OWASP and the OWASP logo are trademarks of the OWASP Foundation, Inc. Unless otherwise specified, all content on the site is Creative Commons Attribution-ShareAlike v4.0 and provided without

warranty of service or accuracy. For more information, please refer to our General Disclaimer.  – Copyright © 2025 OWASP Foundation, Inc.

Scroll to Top