Javier Garza

Javier Garza

Developer Advocate at Snyk

San Carlos, California, United States

Actions

TL;DR Developer Advocate @ Snyk, co-author of O’Reilly’s "Learning HTTP/2” book, blogger & speaker.

Javier Garza is a Technology evangelist that has written many articles on HTTP/2, security and web performance, and is the co-author of the O’Reilly Book “Learning HTTP/2” (https://amzn.to/2TJbpUU). Javier has spoken at more than 30 events around the world, including well-known conferences like Velocity, AWS Re:Invent, and PerfMatters and is the host of the "AI Security Engineers San Francisco Bay Area Chapter" (https://snyk.io/community/). His life’s motto is: share what you learn, and learn what you don’t. In his free time he enjoys challenging workouts and volunteering with different non-profits.

Area of Expertise

  • Information & Communications Technology

Topics

  • AI and Cybersecurity
  • AI Security
  • Application Security
  • DevSecOps
  • Web Performance
  • api security
  • CTF

Leveraging OWASP Projects for DevSecOps

Mixed session of slides and demo showing how you can leverage a couple of OWASP open source projects to be able to supercharge a DevSecOps strategy in your enterprise

Event: OWASP Bay Area Meetup
Duration: 45min
Category: DevSecOps
Technical Level: Intermediate

CTF 101

Running a Capture the Flag event and explaining how to solve some of the challenges

Session run at the Pacific Hackers End of Year celebration Meetup at Hacker Dojo, Mountain View, CA, USA on 27-FEB-2025

Leveraging OWASP Projects for DevSecOps

Showing how you can use a couple of OWASP projects to benchmark security tools and also establish a DevSecOps culture

Talk at the OWASP San Francisco Bay Area Meetup, at Hacker Dojo, Mountain View, CA, USA on 23-OCT-2024

The Secure Autopilot: Hardening AI Agents and MCP ecosystems

AI agentic coding tools are redefining how developers build software — and how attackers exploit it. In this hands-on workshop, you’ll learn how to securely use tools like Cursor, Claude, and GitHub Copilot while identifying and mitigating AI-specific security risks. We’ll cover detection of tool poisoning, prompt injection, and toxic flow vulnerabilities in MCP servers, followed by AI-focused red teaming of LLM endpoints and AI-powered APIs to uncover jailbreaks, data leakage, and unsafe behaviors. Attendees will leave with practical skills, tooling, and security patterns for building safer AI-driven development workflows.

The presentation includes QR codes pointing to the technical resources needed to follow the demos. The presentation duration is ~45min

The Hacker's Guide to Life: Research, Optimize, and Achieve the Extraordinary

Javier has spent over a decade optimizing and securing the web, and applying a 'Hacker Mentality' to every challenge he comes across. In this fun and inspiring talk, Javier will share how this quest to 'hack' his own life expanded beyond his professional work, leading to extraordinary achievements in various areas.
Discover the methodology he used to go from a self-taught programmer hacking games to beating all computer games high scores, drastically optimizing a 27+ mile bike commute from 3 hours to just 54 minutes, and successfully getting waves in highly competitive Hawaii while surfing with people way better than him. Learn how to apply these same principles of optimization, lateral thinking, and strategic attack/defense to 'hack' your own life and reach your full potential in anything you pursue, including your professional challenges like Cybersecurity.

Duration: 45min

Keeping Your Agents on a Leash: Agentic guardrails, MCP Security, AI BOMs and Chatbot red-teaming

In this hands-on AI focused workshop you will learn how to: a) securely vibe coding using AI agentic coding tools like Cursor, Claude, Copilot, etc; b) how to detect Tool poisoning, Prompt injection risks, Toxic flow vulnerabilities in MCP servers using CLI tools; and c) how to do AI-focused red teaming against AI systems, LLM endpoints, and AI-powered APIs to uncover risks like jailbreaks, prompt injections, data leakage, and unsafe behaviors

AI Security Engineer Foundations

2-hour workshop on AI Security Engineer Foundations covering the following modules:
- OWASP Top 10 for LLM
- Addressing Shadow AI
- AI Threat Modeling
- Securing Agent Skills & MCP
- Securing Vibe Coding
- AI Red Teaming

See: https://aisecurity.engineer/ for more details, and to do the certification online for free

AI Engineer World's Fair

A 2h workshop, where we will dive deep into actionable security frameworks and modern challenges, covering:
- OWASP Top 10 for LLM Applications
- Addressing Shadow AI
- AI Threat Modeling
- Securing Agents & MCP (Model Context Protocol)
- Securing "Vibe Coding"
- AI Red Teaming
Whether you're looking to formalize your AI security knowledge or pivot into this rapidly evolving domain, this workshop will give you the practical foundations you need.

June 2026 San Francisco, California, United States

Pacific Hackers: AI Agentic Coding Tools Workshop

AI Agentic Coding Tools Workshop

January 2026 San Francisco, California, United States

Javier Garza

Developer Advocate at Snyk

San Carlos, California, United States

Actions

Please note that Sessionize is not responsible for the accuracy or validity of the data provided by speakers. If you suspect this profile to be fake or spam, please let us know.

Jump to top