2025-10-30 –, Main Stage
The rapid adoption of embedded AI in products and infrastructure has created powerful new capabilities—alongside a dramatically expanded attack surface for cyber adversaries. Recent incidents have shown how vulnerabilities such as adversarial inputs, data poisoning, and insecure APIs can be exploited to compromise AI-driven systems.
This talk will break down the unique risks introduced by embedded AI, illustrated with real-world breach examples and attacker techniques. Attendees will learn a practical, actionable defense framework, including AI-specific threat modeling, secure development practices, and continuous monitoring. The session will equip security professionals with the insights and strategies needed to proactively defend against the next generation of AI-powered threats.
The rapid integration of embedded AI into products and critical infrastructure is transforming digital capabilities—but it is also dramatically expanding the attack surface for adversaries. In 2025, organisations are facing a surge in sophisticated threats that specifically target AI-powered components, from adversarial inputs and data poisoning to prompt injection and insecure APIs. Recent high-profile incidents, such as critical remote code execution vulnerabilities in AI developer tools and authentication bypasses in AI platforms, have demonstrated how attackers can exploit these new vectors to gain unauthorised access, steal data, or deploy botnets at scale.
This talk will:
• Deconstruct the unique vulnerabilities introduced by embedded AI, including adversarial attacks, data poisoning, model inversion, and exploitation of non-human identities and insecure endpoints.
• Analyze recent real-world breaches—such as the exploitation of Anthropic’s MCP Inspector and Langflow AI servers—to illustrate how attackers are leveraging these weaknesses for remote code execution, lateral movement, and DDoS attacks.
• Outline a practical defense framework for organizations, covering:
• AI-specific threat modeling and red teaming
• Secure development and deployment practices
• Continuous monitoring for behavioral anomalies and data integrity
• Robust authentication and segmentation controls for AI APIs and endpoints
• Highlight actionable strategies for defenders, such as adopting behavioral biometrics, implementing anomaly detection for embedded AI, and developing incident response playbooks tailored to AI-driven threats.
Key Takeaways:
Recognize the evolving risks of embedded AI,
understand the latest attacker techniques,
explore preventive controls to secure their organizations against this new generation of threats.
Prithvi is a Senior Manager at PwC Netherlands with over 13 years of experience in cybersecurity consulting. She has developed deep, hands-on expertise in cybersecurity services, particularly within security operations centers (SOC). In past few years she has also supported organizations in defining and building broader long-term security strategies and achieving optimization across their environments. Currently, she leads Security Operations (SecOps) for PwC NL, driving innovative solutions and resilient security practices for clients in diverse industries. An avid reader and traveler, she is passionate about public speaking and sharing her knowledge with the cybersecurity community. Outside of work, she is embracing adventures as a new mother.