Cover Image for Finding Broken Logic and Auth with AI-Powered Multimodal Detection
Cover Image for Finding Broken Logic and Auth with AI-Powered Multimodal Detection
Avatar for OWASP Los Angeles
Presented by
OWASP Los Angeles
Hosted By
OWASP LA
Martin E
Edmond Momartin
Maryam Tehrani
IA

Finding Broken Logic and Auth with AI-Powered Multimodal Detection

OWASP Los Angeles
Villas at Playa Vista, Malibue12665 Village Lane · Playa Vista, CA
Registration
Welcome! To join the event, please register below.
You will be asked to verify token ownership with your wallet.
About Event

TOPIC:Finding Broken Logic and Auth with AI-Powered Multimodal Detection

ABSTRACT:Traditional static analysis is effective at finding common issues like SQL injection and cross-site scripting, but some of the most impactful vulnerabilities come from business logic flaws such as IDOR, broken authorization, and workflow abuse. These issues are often harder to detect because they depend on application context, developer intent, and how different parts of a system interact.

In this session, we’ll explore how AI-powered multimodal analysis can complement traditional application security techniques to uncover complex logic vulnerabilities that are not caught by conventional tooling.

Erik will cover:

  • Where LLM-powered analysis shines, and where it falls short

  • How AI agents can be combined with efficient, consistent program analysis tools

  • Why a multimodal approach that combines the best of both strategies can outperform AI agents alone


Speaker Bio:
Erik is the Head of AI Engineering at Semgrep. Previously, he led AI engineering for LinkedIn’s hiring products and built an education program called AI Academy to help drive LinkedIn’s shift to AI. He also led engineering for the tech startups Connectifier and CloseFactor. Earlier in his career, Erik contributed to early versions of Microsoft Azure and Bing Search, and built internet-scale data systems at Google. His graduate research at UC San Diego pioneered Return-Oriented Programming, an exploit technique.

Thanks to our SPONSOR:Semgrep


CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously. You can find out more about our policies here:
https://owasp.org/www-policy/operational/conferences-events.html#conference-and-event-anti-harassment-policy

SPONSORSHIP Opportunities Available
*Vendors interested in sponsoring please send an email to [email protected]*

Location
Villas at Playa Vista, Malibue12665 Village Lane · Playa Vista, CA
Avatar for OWASP Los Angeles
Presented by
OWASP Los Angeles
Hosted By
OWASP LA
Martin E
Edmond Momartin
Maryam Tehrani
IA