Know Your AI: Scanning the Hidden Layers of Open Source Models w/ Kasimir Schulz
Open source AI models are reshaping modern development pipelines but they also introduce new challenges to the AI supply chain. As these models become embedded in critical systems, understanding their origins, components, and potential vulnerabilities is essential.
This talk will explore the hidden risks that can emerge within AI model supply chains, from licensing conflicts, embedded unsafe code, and model tampering and backdoors. Through real-world examples, we'll reveal how organizations can unintentionally expose themselves to risk when integrating open source models without sufficient visibility. We'll also introduce AI Bills of Materials (AIBOMs) as a key tool for surfacing and managing these risks. Attendees will leave with a clearer picture of what it means to truly "know your AI" and why transparency is vital for building secure, trustworthy systems.
Bio: https://www.sans.org/profiles/kasimir-schulz/
Kasimir Schulz, Director of Security Research at HiddenLayer, is a leading expert in uncovering zero-day exploits and supply chain vulnerabilities in AI. His work has been featured in BleepingComputer, Dark Reading, and Forbes, and he has spoken at conferences such as FS-ISAC and Black Hat. Kasimir leads the development of advanced tools for automating vulnerability detection and implementing large-scale patches, fortifying systems against supply chain attacks. His dedication to proactive defense measures sets a new standard in cybersecurity resilience.
Unseen and Unsecured: Firmware Attacks Expanding the Enterprise Attack Surface w/ Paul Asadoorian
Firmware, the foundational code running beneath operating systems and applications, is a pervasive but often overlooked attack surface in modern enterprises. This presentation uncovers the silent yet significant threats posed by firmware vulnerabilities across a wide range of devices, including network appliances, medical equipment, and critical infrastructure. Through real-world case studies-such as persistent backdoors in patient monitors, authentication bypasses in server management controllers, and insecure firmware update mechanisms in consumer and industrial devices-it demonstrates how attackers exploit firmware to achieve stealth, persistence, and broad impact. The session also explores recent high-profile vulnerabilities affecting firewalls, routers, and microcontrollers, highlighting the challenges of detection and remediation. Practical guidance is provided on firmware validation, forensics, and supply chain risk management, empowering organizations to better secure this hidden layer and reduce their overall attack surface
Bio: https://www.sans.org/profiles/paul-asadoorian/
Paul Asadoorian is currently a Principal Security Researcher for Eclypsium, focused on firmware and supply chain security. Paul’s passion for firmware security extends back many years to the WRT54G hacking days and reverse engineering firmware on IoT devices for fun. Paul and his long-time podcast co-host Larry Pesce co-authored the book “WRTG54G Ultimate Hacking” in 2007, which fueled the firmware hacking fire even more. In 2005, Paul founded Security Weekly, a weekly podcast dedicated to hacking and information security. Paul grew Security Weekly into a network of security podcasts spanning multiple topics, such as application security and business. Paul is still the host of one of the longest-running security podcasts, Paul’s Security Weekly, and hosts Eclypsium’s Below The Surface podcast. He enjoys coding in Python, hacking around on ESP32, and telling everyone he uses Linux as his daily driver desktop OS. Agentic GRC in Practice w/ Cole Kennedy(Details coming soon)