LLMs are brilliant, useful, and now baked into everything. They are also surprisingly easy to trick. In this session, Niall will show you what it really means to attack an LLM-powered system. From prompt injection and XPIA to confused agents and data poisoning, we’ll look at the ways modern AI applications can be manipulated, misled, and made to do things they absolutely should not do. At the end of this talk, you will have a stronger understanding of how to attack an LLM but also what you should be doing to defend against such attacks. You will see real world examples of the various techniques as well as the defense strategies you should employ.