Uday
While cloud-native AI dominates security discussions, desktop apps—still vital in engineering, design, and finance—are quietly evolving. No longer just “legacy,” they now embed local LLMs, predictive UIs, automation, and offline inference.
This talk reframes AI security for desktop environments. We’ll explore new risks: prompt injection in on-device models, adversarial inputs, inference abuse, and insecure plugins. These threats don’t replace traditional flaws like memory corruption or unsafe parsing—they amplify them.
We’ll demo prompt injection on a local LLM and file-format fuzzing causing legacy crashes. Then we’ll cover AI-aware threat modeling, including tampered models and insecure automation. If you think desktop app security is solved, this talk will challenge that—and offer tools to secure hybrid software at the AI + legacy intersection.
Uday
Principal Application Security Engineer, Autodesk
Uday is a principal security engineer at Autodesk, where he focuses on securing applications at the intersection of traditional software and emerging AI features. His work spans offensive research, fuzzing, threat modeling, building guardrails and integrating security into the SDLC at scale. He is especially passionate about securing desktop applications in a world rapidly shifting toward AI-first development.
Outside of work, Uday enjoys playing CTF challenges, running fuzz farms, and snowboarding to unwind. He is committed to mentoring others in the security community and is excited to share lessons from the field.