Know Your AI: Scanning the Hidden Layers of Open Source Models w/ Kasimir Schulz
Open source AI models are reshaping modern development pipelines but they also introduce new challenges to the AI supply chain. As these models become embedded in critical systems, understanding their origins, components, and potential vulnerabilities is essential.
This talk will explore the hidden risks that can emerge within AI model supply chains, from licensing conflicts, embedded unsafe code, and model tampering and backdoors. Through real-world examples, we'll reveal how organizations can unintentionally expose themselves to risk when integrating open source models without sufficient visibility. We'll also introduce AI Bills of Materials (AIBOMs) as a key tool for surfacing and managing these risks. Attendees will leave with a clearer picture of what it means to truly "know your AI" and why transparency is vital for building secure, trustworthy systems.
Bio: https://www.sans.org/profiles/kasimir-schulz/
Kasimir Schulz, Director of Security Research at HiddenLayer, is a leading expert in uncovering zero-day exploits and supply chain vulnerabilities in AI. His work has been featured in BleepingComputer, Dark Reading, and Forbes, and he has spoken at conferences such as FS-ISAC and Black Hat. Kasimir leads the development of advanced tools for automating vulnerability detection and implementing large-scale patches, fortifying systems against supply chain attacks. His dedication to proactive defense measures sets a new standard in cybersecurity resilience.
Operating with Adversary Supplied Components in Critical Infrastructure w/ Dr. Emma M. Stewart
Cybersecurity Threats and Policy Implications for Battery Energy Storage Systems
The integration of battery energy storage systems (BESS) across critical infrastructure is a cross-sector resilience issue with direct implications for national security, industrial stability, and public safety. BESS now supports communications towers, hospitals, military installations, data centers, making its security a strategic imperative. As these systems become deeply embedded in critical operations, cyber vulnerabilities in BESS can create cascading disruptions across multiple sectors, threatening infrastructure reliability and operational continuity.
China currently dominates the global BESS supply chain, controlling a significant share of battery manufacturing, power electronics, and critical raw materials. This market concentration creates supply chain dependencies and cybersecurity risks, particularly for U.S. infrastructure reliant on foreign-manufactured components. Traditional “rip and replace” strategies have proven economically and technically destabilizing, underscoring the need for a more pragmatic risk management approach.
This session will explore policy responses to supply chain dominance, including targeted risk mitigation strategies, diversification of suppliers, and the adoption of Cyber-Informed Engineering (CIE) principles. A key discussion point will be the need for independent “right to inspect” policies, ensuring asset owners and regulators can verify the security of foreign-manufactured components.
As BESS becomes a linchpin for industrial and national security, securing these systems requires proactive policies, regulatory enforcement, and industry-wide collaboration. This session provides a strategic roadmap for reducing foreign dependencies and strengthening BESS resilience across critical infrastructure sectors
Bio:
Dr. Emma M. Stewart is a leading expert in power systems and critical infrastructure security, specializing in electric distribution, grid resilience, modeling and simulation, and operational cybersecurity. She is the Chief Power Grid Scientist at Idaho National Laboratory (INL) and serves as the Director of the Center for Securing Digital Energy Technology. In these roles, Dr. Stewart leads cutting-edge initiatives to strengthen the security and resilience of the power grid, addressing the critical challenges facing modern energy systems.
With over two decades of experience, Dr. Stewart has worked with international utilities, U.S. national laboratories, and organizations across the globe. Before joining INL, she served as Chief Scientist at the National Rural Electric Cooperative Association (NRECA), where she oversaw a multimillion-dollar R&D portfolio and led programs focused on workforce education, information sharing, and incident response for electric cooperatives.
Dr. Stewart holds a Ph.D. in Electrical Engineering from the University of Strathclyde, Glasgow, and an M.Eng. in Electrical and Mechanical Engineering. She has contributed extensively to the field, with numerous articles and studies featured in peer-reviewed journals and conference proceedings. Her research spans power distribution systems, consequence analysis for cyber and physical events, and microgrid technologies.
Recognized for her expertise and leadership, Dr. Stewart’s work lies at the intersection of secure power grid development, critical infrastructure resilience, and cybersecurity. She continues to advance national and global energy priorities by driving innovation in microgrid technologies, power grid modernization, and digital assurance for energy systems
Beyond the SBOM: Advancing Transparency with the BOM Maturity Model w/ Steve Springett
In an era of increasing software supply chain complexity and regulatory scrutiny, the ability to generate, manage, and assess Software Bill of Materials (SBOMs) is no longer optional, it's essential. This talk delves into the OWASP Software Component Verification Standard (SCVS) and focuses on the recently introduced BOM Maturity Model, a practical framework for evaluating the depth and quality of BOM artifacts.
Attendees will gain an understanding of how the BOM Maturity Model complements SCVS and SBOM formats including CycloneDX and SPDX, offering a structured path from basic inventory tracking to rich, actionable metadata that supports risk analysis, vulnerability management, and compliance. Through real-world scenarios and guidance, this session will help teams assess their current SBOM practices and plan meaningful improvements.
Whether you're just starting your SBOM journey or looking to advance your capabilities, this session provides a roadmap to more trustworthy and transparent software supply chains.
Bio: Steve guides teams in both the strategy and execution of secure software development. He integrates security throughout the entire development lifecycle, leading efforts in threat modeling, secure architecture and design, static, dynamic, and component analysis, offensive research, and defensive programming.
Steve's passionate about helping organizations identify and reduce risk from the software supply chain. He is an open-source advocate and leads the OWASP Dependency-Track project, OWASP Software Component Verification Standard (SCVS), and Chairs the OWASP CycloneDX Core Working Group and Ecma International TC54.
Steve serves as Vice Chair on the Board of Directors of the OWASP Foundation where he helps drive the continued growth of the foundation and the pursuit of its mission to make secure software a reality through open collaboration, education, and innovation.
Unseen and Unsecured: Firmware Attacks Expanding the Enterprise Attack Surface w/ Paul Asadoorian
Firmware, the foundational code running beneath operating systems and applications, is a pervasive but often overlooked attack surface in modern enterprises. This presentation uncovers the silent yet significant threats posed by firmware vulnerabilities across a wide range of devices, including network appliances, medical equipment, and critical infrastructure. Through real-world case studies-such as persistent backdoors in patient monitors, authentication bypasses in server management controllers, and insecure firmware update mechanisms in consumer and industrial devices-it demonstrates how attackers exploit firmware to achieve stealth, persistence, and broad impact. The session also explores recent high-profile vulnerabilities affecting firewalls, routers, and microcontrollers, highlighting the challenges of detection and remediation. Practical guidance is provided on firmware validation, forensics, and supply chain risk management, empowering organizations to better secure this hidden layer and reduce their overall attack surface
Bio: https://www.sans.org/profiles/paul-asadoorian/
Paul Asadoorian is currently a Principal Security Researcher for Eclypsium, focused on firmware and supply chain security. Paul’s passion for firmware security extends back many years to the WRT54G hacking days and reverse engineering firmware on IoT devices for fun. Paul and his long-time podcast co-host Larry Pesce co-authored the book “WRTG54G Ultimate Hacking” in 2007, which fueled the firmware hacking fire even more. In 2005, Paul founded Security Weekly, a weekly podcast dedicated to hacking and information security. Paul grew Security Weekly into a network of security podcasts spanning multiple topics, such as application security and business. Paul is still the host of one of the longest-running security podcasts, Paul’s Security Weekly, and hosts Eclypsium’s Below The Surface podcast. He enjoys coding in Python, hacking around on ESP32, and telling everyone he uses Linux as his daily driver desktop OS. Agentic GRC in Practice w/ Cole Kennedy(Details coming soon)
