BSides Kerala 2025 Speakers

Aditi Bhatnagar

Founder of Offgrid Security




Talk: How to Threat Model Your LLM Before It Outsmarts You

Abstract:
Large Language Models (LLMs) are a game-changer. We’re seeing them reshape industries as we speak, from product design to user interactions and system architectures. The way we build and think about software is fundamentally changing. But with all this innovation comes new risks-and a whole new wave of cybersecurity threats is coming with it.
So, how do we, as security engineers, stay ahead? How do we defend our applications and organizations from the unique threats LLMs bring to the table?

In this talk, Aditi will walk you through the architecture of a typical LLM application. We’ll break down its components, data flows, and how everything fits together. Once we understand how these systems are built, we’ll dive into threat modeling-identifying potential attack vectors, rethinking traditional threats in the context of LLMs, and uncovering the new, creative attacks that could emerge if we don’t get ahead of securing them.
Expect a high-energy session, filled with fresh insights, never-before-seen research, and a bit of a security wake-up call. You’ll leave with a new perspective on how to approach securing LLM-based applications and be ready to tackle the challenges ahead. Let’s dive in!

Aditi Bhatnagar

Aditi Bhatnagar is an Independent Security Researcher who focuses on AI security, Android Privacy Posture, and Web Application security. She has previously worked as a Lead Security Engineer at Atlassian, building security into cloud, a Core Engineer at endpoint security products, and as a Data Scientist at Microsoft working on cutting-edge AI algorithms. Aditi has presented at several international conferences including RSAC, May Contains Hackers, Diana Initiative, Android Security Symposium, Nullcon, and more. Through her initiative, Infinite Hacks, she is spreading cyber awareness, conducting training, and initiating discussions on LLM security, digital rights, and techno-sociology. Aditi is also an avid blogger, sharing her insights on cybersecurity, ethical hacking, and the evolving relationship between humans and technology.