Speaker
Description
The Problem (Why This Talk Exists)
Security teams are under pressure to "add AI", to code review, SCA, incident response,
infrastructure analysis, mobile security. The tooling market has responded with a flood of
products that promise intelligent, automated security coverage. Most of them work beautifully
in demos. Most of them fail quietly in production.
The failure isn't a bug. It's architectural. Almost every AI security tool on the market
operates without the one thing that makes security decisions meaningful: context.
Not generic context. Not "we trained on a lot of code." Org-specific context. Codebase-specific
context. Infrastructure topology context. Incident history context. The kind of context that
only exists inside your environment, and that no off-the-shelf model has.
This talk is about that gap, why it's being systematically ignored, and what it costs when
real threats slip through because an AI reviewed your code without knowing how your code works.
Why This Talk Should Be at BSides
BSides audiences are practitioners pentesters, security engineers, AppSec leads, blue teamers.
They are the people being handed AI tools by leadership and expected to trust them. They are
also the people who will be blamed when those tools miss something critical.
This isn't a talk about AI being bad. It's a talk about AI being incomplete and about
giving practitioners the vocabulary and mental models to push back intelligently, evaluate
tools honestly, and build workflows that don't treat AI output as ground truth.
The examples in this talk are drawn from real-world deployment scenarios across product
security, infrastructure security, and mobile security. The audience will recognize them
immediately because they've lived them.
What This Talk Covers
1. The Context Problem Defined
A precise framing of what "context" means in security AI, why it's different from training
data quality, and why even well-trained models fail without it. This section establishes the
central thesis with a concrete failure taxonomy.
2. Product Security
The talk will walk through how AI breaks down at the product security layer not because
the tools are poorly built, but because they have no knowledge of your codebase's internal
patterns, patch history, or compensating controls. From SAST tools that can't distinguish a
sandboxed dangerous function from an exploitable one, to SCA that flags unreachable
vulnerability paths as critical, to API security tooling that misses authorization flaws
because it doesn't understand your data model the same blind spot shows up everywhere.
The core problem: AI reviews code in isolation. Real security decisions never are.
3. Infrastructure Security
At the infrastructure layer, the context gap becomes a topology problem. The talk covers
how AI misconfiguration tooling routinely misreads intentional architecture decisions as
vulnerabilities flagging IAM roles that have compensating controls at the org level,
recommending changes to Kubernetes workloads it doesn't understand the purpose of, and
missing real CI/CD attack surfaces while fixating on low-signal misconfigurations. Incident
response is where this compounds most dangerously: an AI that triages by CVSS score without
knowing your environment's lateral movement paths isn't accelerating your response it's
redirecting attention away from actual risk. Covered here too is the longer-term cost: teams
that stop building contextual judgment because they've outsourced it to a model that doesn't
have it either.
4. Mobile Security
Mobile is the domain where AI security tooling is most confidently wrong. The talk examines
how static analysis tools fire on patterns that are safe in context, miss vulnerabilities that
only surface when the mobile client and backend are reviewed together, and consistently
underperform on third-party SDK supply chain risk, where the most impactful findings live in
runtime behavior no static model can observe. The cross-repo trust boundary problem is
particularly underappreciated: auth flaws in mobile applications rarely exist in one file,
one service, or one codebase. AI that reviews them in isolation will miss the ones that matter.
5. The Pattern: A Unified Failure Model
Across every domain, the same failure repeats:
| Domain | What AI Sees | What AI Misses |
|---|---|---|
| Code Review | Syntax, known patterns | Org libraries, dead code, compensating controls |
| SCA | CVE matches | Reachability, stripped layers, execution context |
| Cloud IAM | Policy documents | Architecture intent, migration state, org SCPs |
| Kubernetes | Manifest fields | Build graphs, network policy, workload purpose |
| Incident Response | Alert + CVSS score | Lateral movement paths, env risk, team history |
| Mobile | File-level analysis | Cross-repo flows, client-server boundaries, SDK behavior |
6. What Good Looks Like: Context-Aware Security AI
Not a vendor pitch. A framework for evaluating what "context readiness" looks like before
deploying any AI security tool, and the hard questions to ask when a vendor claims their
model "understands your codebase."
What the Audience Leaves With
- A precise mental model for the context problem and why it's distinct from model quality
- A practical evaluation framework for auditing their current AI security integrations
- Domain-specific red flags across AppSec, InfraSec, and Mobile to watch for in AI output
- An honest conversation about skill atrophy the long-term cost of over-delegating
to AI without building the judgment to validate it
Optional: Speaker / convener biography
Akshansh is a Senior Security Engineer at Atlan and an active bug bounty hunter ranked as the top hacker in India on HackerOne. He is a member of the Cobalt, Synack Red Team and YesWeHack, and regularly participates in HackerOne and Cobalt pentest engagements across web, mobile, and cloud security. He has spoken at Black Hat Asia, Black Hat Europe, Black Hat USA, and ThreatCon, and serves as a HackerOne Brand Ambassador organizing bug bounty community events across South India and contributing to the growth of the security research community in the region. His current work spans offensive security research, AI-driven vulnerability detection, cloud security architecture, and building tooling at the intersection of automation and security engineering. He has a particular focus on how AI integrates — and often fails to integrate into real-world security workflows, a theme that runs through both his day-to-day engineering work and his independent research. When he isn't breaking things professionally, he's probably planning his next weekend trip or at a poker table making calculated bets which, as it turns out, is surprisingly good preparation for threat modeling.
| Length | 30 minutes |
|---|