LLMs are integral to AI app development, but they introduce a new kind of supply chain risk that starts with data and stretches through deployment and feedback loops. In this talk, we’ll explore 12 overlooked vulnerabilities in the LLM lifecycle, from poisoned datasets and back-doored models to insecure feedback fine-tuning. You’ll learn how to apply secure-by-design principles across AI pipelines and extend security to this new development frontier. If your app uses LLMs, you’re already in the AI supply chain. It’s time we treat it like critical infrastructure.

Target audience:
- AppSec engineers and DevSecOps practitioners
- Developers integrating LLM APIs or open-source models
- Security architects
- Technical product teams working on AI features
- AI/ML engineers deploying LLMs