Tejas DefendAI : Global AI Security Hackathon (Sept 1st - Sept 8th)
Tejas Global AI Security Hackathon 2026
Build the defenses for the agentic era. One week. One global community.
Hosted by Tejas Cyber Network : September 1 to September 8, 2026 (8 days) Virtual-first and global, with optional in-person jam sites
The AI security landscape changed faster in the first half of 2026 than most teams could keep up with. Agentic systems moved from demos into production. The Model Context Protocol became the connective tissue for AI tooling, and with it came more than 40 disclosed CVEs in the first four months of the year alone. Red teams discovered new classes of failure: tool abuse, excessive agency, supply-chain compromise, feedback-loop poisoning, and autonomy escalation. Defenders are now playing catch-up against a moving target.
Tejas Cyber Network is bringing the global security community together to do something about it.
The Tejas Global AI Security Hackathon is a one-week, vendor-agnostic, build-and-break sprint focused entirely on the security and safety of AI systems. We are inviting practitioners, researchers, students, founders, and security leaders from every region and every experience level to form teams, pick a track, and ship something real: a tool, an attack technique with a defense, a benchmark, a detection, or a framework that moves the field forward.
This is not a vendor pitch competition. It is a working community of defenders building in the open. Whether you are a first-time participant looking to break into AI security or a seasoned CISO who wants to get hands-on again, there is a place for you here.
Focus domains (tracks)
Pick one track. Each comes with example project ideas to get you started, but you are free to propose your own within the track.
Track 1: Agentic AI Red Teaming and Defense
The attack surface of autonomous agents that plan, use tools, and act on their own.
Reproduce and document a novel failure mode (tool abuse, excessive agency, goal misalignment, autonomy escalation, reasoning-based information leakage).
Build a guardrail or interceptor that catches harmful agent actions mid-flight before they execute.
Design shutdown and containment protocols that hold even when an agent resists.
Create an evaluation harness that scores an agent's resistance to multi-step adversarial pressure.
Track 2: MCP and Agent Supply-Chain Security
The fastest-growing and least-secured layer of the AI stack.
Build a scanner that detects tool poisoning, prompt injection, or unverified task propagation in MCP servers.
Create a vetting and signing workflow for MCP packages and skills marketplaces.
Design runtime detection and response for compromised MCP-based agents.
Map a real MCP deployment against the NSA/CISA MCP security guidance and ship the missing controls.
Track 3: AI for Cyber Defense (Blue Team and SecOps)
Turn AI into a force multiplier for defenders, not just a new risk.
Build an AI-assisted detection or triage pipeline that reduces alert noise into validated, prioritized incidents.
Ship a telemetry connector that streams AI agent activity into a SIEM for monitoring and forensics.
Create an autonomous investigation agent with safe, auditable, human-in-the-loop guardrails.
Track 4: AI Safety and Security Evaluations and Benchmarks
You cannot defend what you cannot measure.
Contribute a new, reproducible benchmark for a specific risk class (jailbreak resistance, data exfiltration, cross-tenant leakage).
Build a leaderboard or scoring tool that compares models or agents against an existing benchmark.
Extend or stress-test an established evaluation framework and publish the results.
Track 5: AI Infrastructure and Model Supply-Chain Integrity
Security from the training pipeline through model weights to deployment.
Build provenance and integrity verification for model weights and artifacts.
Detect data poisoning or backdoors in training and fine-tuning pipelines.
Harden the path from compute cluster to served model against tampering and exfiltration.
Track 6: Frontier and Dual-Use Safeguards
The hard problems where AI security meets critical and emerging domains.
AI biodefense: build defensive tooling such as researcher and request vetting, screening, or misuse detection. (Defensive and safeguard-oriented work only. See the responsible-use rules below.)
Cyber-physical and critical infrastructure: secure AI agents that touch OT, robotics, or industrial control.
Post-quantum and cryptographic resilience: prepare AI systems and their data for the post-quantum transition.
Track 7: Open and Wildcard
Have an AI security idea that does not fit a box? Pitch it. The best work often comes from the edges.
Details for participants
Who should join
Everyone. The hackathon is open to all, consistent with the Tejas community ethos: global, vendor-agnostic, and open. Students, early-career engineers, researchers, founders, and senior security leaders are all welcome. No prior AI security experience is required to participate. Curated starter resources are provided per track.
Format
Virtual-first and asynchronous-friendly, so anyone in any time zone can take part.
Optional in-person jam sites. If you want to host a local meetup for your city or company, we will provide an organizer kit.
Teams of 1 to 5. Solo builders are welcome. We will run a team-matching channel for those who want to find collaborators.
What to submit
A public code repository (or a documented artifact if code is not the deliverable).
A short demo video, around 3 to 5 minutes.
A written summary covering the problem, your approach, what you built, and what you found.
For any offensive or red-team work: a responsible-disclosure note and a corresponding defense, mitigation, or detection.
Run of the Show (Day/Date/What happens)
Day 1 - Tue, Sep 1 : Kickoff, keynote, track briefings, team formation opens
Day 2 - Wed, Sep 2: Team finalization, mentor office hours begin
Days 3 to 5 - Thu Sep 3 to Sat Sep 5: Core build period, daily office hours, track deep-dive sessions
Day 6 - Sun, Sep 6 : Build continues, midpoint check-ins
Day 7 - Mon, Sep 7: Final build day, submission deadline at end of day
Day 8 - Tue, Sep 8: Judging, live demos, awards, and showcase
Judging criteria
Impact and relevance to real AI security or safety risks (30%)
Technical depth and execution (25%)
Originality and creativity (20%)
Clarity of writeup and demo (15%)
Responsible and ethical approach, including safety guardrails (10%)
Recognition and prizes
Track winners and an overall best-in-show.
Community spotlight: winning projects featured across Tejas channels and at upcoming Tejas events.
Mentorship and visibility: connections to the Tejas network of CISOs, founders, and investors.
Career and skills pathways through Tejas Project J (Jobs) and Project S (Skills) for participants looking to grow into AI security roles.
(Sponsor-backed cash prizes, credits, and tooling to be confirmed as sponsors are announced.)
Responsible-use rules
This is a defenders' community. To keep it that way:
All work must follow responsible-disclosure principles. No live attacks against systems you do not own or have permission to test.
Offensive or red-team findings must be paired with a defense, detection, or mitigation.
No content that provides uplift toward real-world biological, chemical, or other mass-harm capability. The Frontier and Dual-Use track is strictly for defensive tooling and safeguards.
All participants agree to the Tejas Community Professional Standards and code of conduct.
Starter resources
OWASP Top 10 for Agentic Applications 2026 and the GenAI Red Teaming guidance.
NSA/CISA Model Context Protocol security guidance.
Microsoft's updated taxonomy of agentic AI failure modes.
Tejas-curated reading lists and starter templates per track, shared at kickoff.
Mentorship and office hours
Daily mentor office hours run throughout the build period, drawing. Track leads will host deep-dive sessions to help teams scope, build, and ship.
Tejas means friend and ally, and it means strength from within. Bring both. We will build the defenses for the agentic era together.
Convenor - Anshu Gupta, Founder Tejas Cyber Network
Co-Chairs