< session />
Securing LLMs in Production: From OWASP Top-10 to Guardrails that Work
Large Language Models have expanded what’s possible, and what’s vulnerable. New risks like prompt injection, data exfiltration, insecure plugin calls, and model-driven denial-of-service are testing the limits of traditional security models. The OWASP LLM Top-10 (2024–2025) offers a shared vocabulary for these threats; this session turns that framework into a hands-on security playbook for engineers, architects, and security teams deploying LLMs in production.
You will learn how to threat-model LLM endpoints, implement guardrails that actually work, and sandbox plugins and tools using least privilege. The talk also shows how to align controls with the NIST AI Risk Management Framework and ISO/IEC 42001 for compliance-ready governance. Real-world attack examples and red-team simulations make this a practical session you can apply immediately.
What You Will Learn
-
How to identify and mitigate the top OWASP LLM risks: prompt injection, data leaks, insecure plugins, and model DoS
-
Designing input/output guardrails, content moderation, and schema validation that hold up under pressure
-
Sandbox design and least-privilege principles for tools and plugin execution
-
Techniques for securing RAG pipelines, tenant isolation, and sensitive data redaction
-
Mapping mitigations to NIST AI RMF and ISO/IEC 42001 for audit-ready assurance
Who Should Attend
Security engineers, AI platform leads, software architects, and DevSecOps professionals securing LLMs, agent frameworks, and retrieval-augmented systems in production environments.
< speaker_info />
About the speaker
Rohit Bhardwaj
Director of Architecture, Expert in Cloud-native Solutions
Rohit Bhardwaj is a Director of Architecture working at Salesforce. Rohit has extensive experience architecting multi-tenant cloud-native solutions in Resilient Microservices Service-Oriented architectures using AWS Stack. In addition, Rohit has a proven ability in designing solutions and executing and delivering transformational programs that reduce costs and increase efficiencies.
As a trusted advisor, leader, and collaborator, Rohit applies problem resolution, analytical, and operational skills to all initiatives and develops strategic requirements and solution analysis through all stages of the project life cycle and product readiness to execution.
Rohit excels in designing scalable cloud microservice architectures using Spring Boot and Netflix OSS technologies using AWS and Google clouds. As a Security Ninja, Rohit looks for ways to resolve application security vulnerabilities using ethical hacking and threat modeling. Rohit is excited about architecting cloud technologies using Dockers, REDIS, NGINX, RightScale, RabbitMQ, Apigee, Azul Zing, Actuate BIRT reporting, Chef, Splunk, Rest-Assured, SoapUI, Dynatrace, and EnterpriseDB. In addition, Rohit has developed lambda architecture solutions using Apache Spark, Cassandra, and Camel for real-time analytics and integration projects.
Rohit has done MBA from Babson College in Corporate Entrepreneurship, Masters in Computer Science from Boston University and Harvard University. Rohit is a regular speaker at No Fluff Just Stuff, UberConf, RichWeb, GIDS, and other international conferences.
