October 2025: AI Security Starts (and Ends) with API Security

When
Wednesday, October 01, 2025 11:00 AM EST

Who
Dan Barahona (APISec University)

What
AI Security Starts (and Ends) with API Security

Description
Artificial Intelligence is rapidly reshaping the automotive landscape, powering everything from driver-assist features and predictive analytics to intelligent in-vehicle experiences. But just like web and mobile applications, AI is accessed and exposed through APIs — the gateways between models, data, and potential attackers. This session makes the case that AI security is inseparable from API security. We’ll examine how adversaries exploit the APIs that deliver model inferences, training data, and system integrations. Attack scenarios include:

      • Prompt injection and adversarial inputs delivered via API calls

      • Data exfiltration through insecure model endpoints

      • Model tampering and manipulation through exposed interfaces

We’ll also cover best practices for defending this attack surface, including continuous API discovery, dynamic testing, and runtime protection. By reframing AI security as an API security challenge, automotive cybersecurity leaders can concentrate on practical controls that truly reduce risk in this new era.  Attendees will leave with a clear understanding of why the future of AI security — in vehicles and beyond — rests on strong API security foundations.

Download Slides
Next
Next

September 2025: Auto-ISAC at 10: A Decade of Driving Cyber Resilience