BSides London 2025

Many security folk are excellent at breaking things — fewer understand how to fix them. This two-hour, no-nonsense workshop teaches both sides of the coin for LLM chatbots: how prompt-injection and context-abuse attacks work in practice, and defensive controls you can implement today. Through an interactive attack-and-defence wargame we’ll exploit each others vulnerable chatbots, then harden them using layered mitigations. Expect practical demos, group exercises and takeaways you can apply to production systems. You’ll walk out with a better bullshit detector for when vendors tell you “our chatbot is secure by design.”.