​Description

​This session, hosted in collaboration with the Japan Institute for Cyberspace Studies (JICSS), explores the technical intersection of AI and cybersecurity. Featuring a dedicated panel on the evolving zero-trust environment and emerging mandates, the session bridges institutional frameworks with rigorous engineering practices.

​After the panel, we'll move on to three expert talks looking into the critical challenges of securing AI deployments, focusing on unified security infrastructures for LLMs, runtime observation and inline enforcement for agentic AI in production, and automated vulnerability remediation across large-scale open-source ecosystems.

​Note: This time the format is different from the regular TAI events: we start earlier, then have 1 hour networking, and then continue with three talks. You can come to either or both of the parts (panel and/or talks).

​​Agenda

​The panel will establish the macro-context (zero-trust and compliance mandates) to align both institutional and technical attendees before transitioning to the technical talks. Ramy will outline the broad threat landscape for LLMs and the architectural need for unified, end-to-end security infrastructures. Yury will narrow the focus to the immediate engineering challenges of Agentic AI, moving from framework-level concepts to concrete runtime production environments (APIs, observability, inline enforcement). Arpit will close with an expanded scope, looking at how AI agents can be proactively utilized to secure the foundational open-source repositories upon which the broader software ecosystem relies.

​16:00 Doors open

​16:30 - 17:30 Panel "AI and the Evolving Zero-Trust Environment"

​17:30 - 18:30 Networking JICSS x TAI

​18:30 - 19:00 Cybersecurity in the era of LLMs and agents (Ramy Aouinet, Co-founder @ Antitech)

​19:00 - 19:30 Securing Agentic AI in Production: Discover, Observe, Enforce, Govern (Yury Leonychev, VP of Technology @ Wallarm Inc.)

​19:30 - 20:00 Open Source Security at Scale (Arpit Jain, Independent, ex-KPMG Japan)

​20:00 Doors close

​Panel

​As enterprises rapidly deploy autonomous agentic AI, protocols for identity, authentication, and verification lag behind production reality. This joint panel by JICSS and Tokyo AI brings together senior policy practitioners and frontline engineers to bridge the gap between AI governance, international compliance, and secure software architecture.

​Key Themes

• ​Agent Identity: Driving adoption and verification standards within Japanese enterprises.

• ​Policy vs. Practice: Bridging the gap between high-level compliance and practical developer tools.

• ​Global Alignment: Navigating US zero-trust mandates, EU identity frameworks, and Japan's Active Cyber Defense.

• ​Self-Regulation: Assessing the ecosystem’s ability to establish voluntary standards ahead of regulation.

​Panelists

​Ilya Kulyatin: CEO, Foundry Labs & Founder, Tokyo AI Ilya is an AI entrepreneur and the founder of Tokyo AI (TAI), Japan's largest international AI community. With an interdisciplinary background spanning machine learning, finance, and economics, he has led quantitative research and AI initiatives across the US, Europe, and Asia. His work bridges global startup ecosystems and shapes cross-border discussions on democratic AI governance and enterprise deployment.

​Yury Leonychev: VP of Technology, Wallarm Inc. Yury leads the engineering organization at Wallarm, a global platform specializing in discovering, testing, and securing APIs and agentic AI systems for enterprises like Samsung and Panasonic. He brings over a decade of scale architecture and security experience from Rakuten, alongside deep expertise in penetration testing, fraud prevention, and identity management from his previous tenure at Yandex.

​James Miller: CEO, Miller Enterprises K.K. James develops digital solutions and investments aligned with Japan’s economic and national security missions. He is the former Head of Public Policy for Amazon Web Services (AWS) Japan and previously served as an Associate CIO and senior attorney advisor at the U.S. Federal Communications Commission (FCC). A former Mansfield Fellow, he is bilingual and a frequent writer on Japanese tech regulation and spectrum policy.

​Dr. Anand R. Prasad: Partner, Deloitte Anand is a global cybersecurity executive who leads telecom and multinational cybersecurity services at Deloitte. He previously served as the CISO for the world’s first cloud-native mobile network operator and has acted as an interim CISO for major Japanese financial institutions. A prolific innovator, Anand holds over 50 essential technology patents and has authored 8 books on holistic system security.

​Talks

​Talk 1 - Cybersecurity in the era of LLMs and agents

​Speakers: Ramy Aouinet (Co-founder, Antitech)

​Abstract: Modern threats such as jailbreaks, prompt injection, model poisoning, and data exfiltration are already actively targeting every AI deployment, while traditional security tools remain reactive and outdated. The core problem is that there is no unified, end-to-end security infrastructure designed specifically for AI agents from the framework layer (how agents are built and orchestrated), to continuous testing (red teaming), to real-time protection (defensive layers against injections and leaks).

​Bio: I’m Ramy Aouinet, co-founder of Antitech, an AI engineer. Recognized among the top 8 in Africa in AI, I focus on building robust and scalable intelligent systems, with expertise in reinforcement learning (RL), LLM infrastructure, and product architecture. I’ve worked on designing end-to-end AI pipelines, from research to production. I also served as an NVIDIA DLI instructor, where I taught topics ranging from deep learning to AI agents and anomaly detection. My work further extends into applying AI to neuroimaging, particularly for Autism Spectrum Disorder (ASD) and stroke research.

​Talk 2 - Securing Agentic AI in Production: Discover, Observe, Enforce, Govern

​Speakers: Yury Leonychev (VP of Technology, Wallarm Inc.)

​Abstract: Agentic AI is reaching production faster than security teams can see it, let alone control it. Agents, MCP servers, and model integrations ship without centralized inventory; alerts arrive with no idea which agent acted, what data it touched, or which user triggered it; and most controls can only flag dangerous behavior after it has already executed. Meanwhile, compliance teams are asked to govern systems they can't observe.

​Drawing on a decade of securing APIs at scale — and the data showing that the agentic AI attack surface is, at runtime, an API problem — I'll walk through four practical questions every team now faces: What AI is actually deployed? What is it doing right now? Can I block a bad action mid-flight? And can I prove any of it to an auditor? I'll cover runtime discovery of shadow AI, session- and user-level attribution across service hops, inline enforcement at the connection and kernel level without application code changes, and continuously generated evidence for frameworks like the EU AI Act and SOC 2. You will leave with a concrete model for treating AI agents as a first-class runtime security surface rather than a forecasting problem.

​Bio: I'm VP of Technology at Wallarm, where I lead the engineering organization building the platform that discovers, protects, tests, and governs APIs and agentic AI systems for enterprises worldwide — trusted by companies like Samsung, Miro, and Panasonic to protect billions of API requests daily. Before Wallarm, I spent over a decade at Rakuten, progressing from Lead Architect to Senior Manager across security, SRE, and cloud architecture at scale. Earlier in my career, I ran penetration testing engagements for banks and industrial systems, then led security for Yandex.Passport covering fraud prevention and mobile authentication.

​Talk 3 - Open Source Security at Scale: Automating Vulnerability Detection and Hardening in Top GitHub Repositories

​Speakers: Arpit Jain (Independent, ex-KPMG Japan)

​Abstract: Many of the most popular projects on GitHub ship with unresolved security gaps in their CI/CD workflows and dependency configurations, often hiding in plain sight under inadequate code scanning practices. Drawing on five years of open source contributions, including merged pull requests in Kubernetes and Mermaid, I built an intelligent agent that systematically scans top repositories, detects security workflows that need hardening, and opens targeted pull requests to fix them. The focus is on small but high-impact changes: enforcing least-privilege permissions on GitHub Actions workflows and flagging vulnerable dependencies.

​The results challenge the assumption that automated contributions are noise. Roughly ninety percent of the reviewed pull requests have been merged, with over 150 accepted across:

• ​Organizations like Google, Microsoft, and AWS

• ​Projects like NumPy, Vue.js, Node.js, Rust, LLVM, and the Kubernetes ecosystem

• ​Major Apache Software Foundation projects like Kafka, Airflow, and Tomcat.

​This talk will walk through how the agent works, what patterns it detects, how it generates pull requests that pass human review, and what the high merge rate reveals about the current state of open source security. Attendees will leave with a practical model for using automation to close security gaps across the ecosystem at scale.

​Bio: Arpit is a freelance developer improving the security posture of major projects on GitHub. Alongside his open source contributions, he is exploring indie hacking, with a particular focus on data engineering and connecting disparate data sources. Arpit has presented on open source security at the Open Source Security Foundation (OpenSSF) conference organized by the Linux Foundation in 2025.

​​Organizers

​Ilya Kulyatin is an entrepreneur with work and academic experience in the US, Netherlands, Singapore, UK, and Japan. He holds a BA in Economics, an MA in Finance, and an MSc in Machine Learning. He's a 3x founder, now helping Japan grow the local AI ecosystem through a not-for-profit community, Tokyo AI (TAI), while building an AI-native system integrator and solutions provider, Foundry Labs株式会社.

​Nate Snyder is a national security and public policy expert who served in senior leadership roles across the Obama and Biden Administrations, including at the U.S. Department of Homeland Security. His work has focused on counterterrorism, cybersecurity, artificial intelligence, and public-private partnerships. He currently teaches threat risk management at the University of Chicago and advises organizations on security and emerging technology.

​​Supporters

​Foundry Labs K.K. is a Tokyo-based AI systems integrator and solutions provider, delivering end-to-end support for enterprises: from strategy design through implementation, deployment, and operations. They tailor AI to each client's operational, regulatory, and security requirements, with hands-on experience across finance, government, and industry, and a track record of shipping production systems in secure and regulated environments.

​JICSS is the Japan Institute for CyberSpace Studies, an organization focused on cybersecurity governance, strategic discussion, and the sharing of knowledge and information across sectors. Through its research, events, advisory bodies, and membership network, JICSS brings together academia, industry, and experts to advance practical cybersecurity collaboration and policy dialogue in Japan.

​CIC Japan is one of Japan’s largest innovation centers, operating a global startup and innovation hub in Tokyo that connects entrepreneurs, investors, corporations, and researchers in a high-density community. Founded in Cambridge, Massachusetts in 1999, CIC Japan supports startup growth and ecosystem building through workspace, events, and programs, with a focus on helping innovators scale in Japan and globally.

​About TAI

​Tokyo AI (TAI) is the largest international AI community in Japan, with 5,000+ members mainly based in Tokyo: engineers, researchers, investors, product managers, and corporate innovation leaders. Through 80+ events a year and 300+ speakers spanning startups, enterprises, and academia, TAI connects the people building AI in Japan with the global ecosystem, working to transform Tokyo into a global AI hub.

​​​Privacy Policy

​We will process your email address for the purposes of event-related communications and ongoing newsletter communications. You may unsubscribe from the newsletter at any time. Further details on how we process personal data are available in our Privacy Policy.