State of the Offensive ML Union
Adrian Wood, aka threlfall, currently works for Dropbox on their red team. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive security research team at a US bank. His research recently has been in supply chain attacks on CI/CD and ML systems, he maintains the offsec ml playbook and has presented on these topics at DEFCON 30, 31, the DEFCON AI village, Cackalackycon and more.
One of the most interesting challenges in Machine Learning(ML) right now is the application of ML to offensive security operations. ML is the background of everything you do, and you're already equipped to reason about the risks, yet many hesitate to dive in. I often get questions like; "I am not very good at math, so is it possible for me to get involved?" The answer is a resounding "*yes*, and we need you!" In this closing keynote, I want to build upon talks like Jan Nunez', and prior work by folks like Will Pearce and show all the opportunities that exist for hackers to get involved with offensive ML in both an offensive and defensive capacity. I will share my experience with entering this space, the things I've found, the people I've met, the projects I love and the engineering opportunities that excite me. I hope to show you the 'state of the art' in offensive ML and where people like yourself can have the most impact.