Registration Required: August 13, 2026 – 7:00 pm – 9:00 pm Pacific Time | 2 CPEs
Session One: Keeping Your Agents on a Leash: Agentic guardrails, MCP Security, AI BOMs and Chatbot Red-Teaming, Developer Security, SCA, and Supply Chain Risk, Snyk
Javier Garza, Developer Advocate at snyk, will present a hands-on AI focused workshop with free tools you can use to secure agentic code development. This is an encore performance of the workshop he presented at the chapter’s Winter Conference for those that may have missed his session. We will be using Cursor as the agentic code tool but you can apply the same principles to any other tools (e.g. Cline, Copilot, Gemini, etc.) in which you’ll learn how to:
- Securely vibe code using AI agentic coding tools like Cursor, Claude, Copilot, etc.
- Detect tool poisoning, prompt injection risks, and toxic flow vulnerabilities in MCP servers using CLI tools
- Conduct AI-focused red teaming against AI systems, LLM endpoints, and AI-powered APIs to uncover risks like jailbreaks, prompt injections, data leakage, and unsafe behaviors
The session will focus on OWASP’s [LLM01-03]: Prompt Injection, Sensitive Information Disclosure, Supply Chain and Agentic Security Initiative [ASI-01-05]: Agent Goal Hijack, Tool Misuse and Exploitation, Identity and Privilege Abuse, Agentic Supply Chain, Unexpected Code Execution security risks.
Participants will master the ability to install an MCP server, and generate MCP rules to put guardrails on AI-generated code; generate a Software Bill of Materials (SBOM) for agentic development; scan MCP servers for toxic flows and other vulnerabilities; and red-team Agents at runtime for prompt injections and other AI-related vulnerabilities.
The session will be structured as follows:
- 00-15 min: Intros and Lab setup
- 15-30 min: Establishing security guardrails on agentic coding
- 30-40 min: Generating an AI Bill of Materials in JSON and generating a component Org chart
- 40-50 min: Scanning MCP Servers
- 50-60 min: Red-teaming a chatbot
About Javier Garza, Developer Advocate at snyk
Javier Garza is a technology evangelist who has written many articles on HTTP/2, security, and web performance, and is the co-author of the O’Reilly Book “Learning HTTP/2” (https://amzn.to/2TJbpUU). Javier has spoken at more than 30 events around the world, including well-known conferences like Velocity, AWS Re: Invent, and PerfMatters, and is the co-host of the San Francisco Bay Area DevSecOps Meetup group. His life’s motto is: share what you learn, and learn what you don’t. In his free time, he enjoys challenging workouts and volunteering with different non-profits.
About snyk
Snyk is the leader in developer security, providing an enterprise-grade, multi-layered platform powered by the DeepCode AI orchestration engine to secure every component of the modern software supply chain. By combining symbolic AI with machine learning, Snyk delivers real-time vulnerability scanning and automated fix suggestions across source code (SAST), open-source dependencies (SCA), container images, and infrastructure as code (IaC). Snyk’s technical edge lies in its curated vulnerability database and its ability to integrate directly into the developer workflow, enabling security leaders to implement global risk policies while empowering engineering teams to remediate security debt without sacrificing deployment velocity. By bridging the gap between security and development, Snyk provides the scalability, visibility, and auditability required for large-scale digital transformations and secure AI adoption.
Session Two: Decoding Cyber Risk Governance: A Blueprint for Sustainable Business Resilience, Alchemy Cyber, Inc.
Cyber risk is no longer confined to IT departments; it has emerged as a core strategic issue demanding board-level attention. This presentation, delivered by Anand Thangaraju, Founder/Fractional CISO at Alchemy Cyber, explores the evolving landscape of cyber risk governance and the pivotal role boards play in safeguarding organizational resilience.
Key Highlights:
- Cyber Threat Landscape: A detailed overview of global trends, including the $8 trillion annual cost of cybercrime and rising ransomware attacks, illustrates the escalating risks.
- The Board’s Role in Cybersecurity: Essential responsibilities include aligning cybersecurity with enterprise strategy, ensuring compliance with evolving regulations, and fostering a culture of accountability.
About Anand Thangaraju
Anand Thangaraju is a seasoned technology evangelist, servant leader and a Founder/Fractional CISO at Alchemy Cyber Inc. . He served as a Head of GRC at SVB, Product Security Leader at Zelle and CISO of Lumeus.ai.
The way he has architected his transition into a Field CISO and finding his niche within the Cybersecurity ecosystem is very impressive. He is currently serving as a Field CISO and Cybersecurity Advocate/Evangelist at ePlus Inc., a NASDAQ listed Value Added Reseller carrying $3B+ in revenues. He gets to collaborate effectively with Buyer CISOs, OEM Vendors, Service/Advisory Providers ad a Channel partner and influences lead generation, thought leadership and buying decisions maintaining a vendor agnostic approach and maintaining an authoritative voice in the community.
His impactful presence as an industry thought leader is underscored by his active presence in LinkedIn as an Influencer (10K+ followers) and contributions as a speaker and panelist at leading industry events. Anand’s engagement with key security bodies like NIST, SANS, CSA, ISACA, ISC2, OWASP AI Exchange, Cyber Future Foundation significantly shapes security policies and promotes better cybersecurity practices.
About Alchemy Cyber, Inc.
About Alchemy Cyber Inc: Alchemy Cyber Inc is a Go to Market Advisory and Investment firm that focuses on Pre-Seed to Series B startups and acts as GTM Co-Founder, Fractional CMO, Fractional CISO, Accelerator and everything in-between with an Operator lead team backed by a network of 500+ CXOs.
