RVAsec 15

Customized IDE distributions pose a lucrative attack surface due to the interconnected systems they interact with, usually highly privileged. This talk covers high level technical ecosystem architectures, IDE threat modeling, common attack vectors, and takes a stab at defining an IDE exploitation kill chain. While specific bug bounty targets and findings remain undisclosed, the methodology developed while producing them will be covered.

You'll leave this talk understanding:

1. How voice AI agents are architecturally different from text chatbots
2. The specific attack vectors unique to voice: transcription manipulation, DTMF injection, audio-layer prompt injection, and social engineering through vocal tone
3. A repeatable methodology for testing voice AI systems in your own organization
4. Concrete remediation strategies for the most common findings

Every AI talk this year will tell you prompt injection is a problem. This one gives you the methodology to actually exploit it. Borrowing from decades of adversarial human testing, we’ll move past "vibes" and "jailbreak screenshots" to build a working, repeatable framework for social engineering the machine.

As AI systems, copilots, and autonomous workflows proliferate, defenders must secure not only the data that fuels them, but the AI behaviors, access paths, and automation they introduce. Robots vs. Robots explores how organizations can protect AI systems end‑to‑end by controlling data exposure, governing AI access, and using automation to stay ahead of adversaries.

As applications embrace OAuth, OIDC, and JWTs for federated authentication, attackers are shifting focus to token abuse and logic flaws rather than password theft.
This talk explores how modern auth systems can be compromised through token replay, session fixation, and insecure implementation of identity protocols.

We’ll walk through real-world examples — including intercepted tokens, replayed sessions, and privilege escalations through misconfigured scopes and claims.
We’ll also demonstrate a purpose-built lab environment and open-source tooling to analyze and detect these flaws, helping teams validate their own auth integrations.

Finally, we’ll discuss secure patterns for token handling, revocation, and identity proofing that can prevent these modern attacks before they reach production.