Speaking & Training
Practitioner-grounded talks on AI security
For engineering and security teams. Anchored in real lab work, not theoretical surveys.
OWASP Agentic Top 10 contributor · CISSP · PhD · 15+ years enterprise security
Submit a speaking request →Talk topics
Each topic is a 30 to 45 minute talk that can be delivered as a conference session or expanded into a half-day workshop.
Securing Agentic AI Systems: A Field Engineer's Guide
Walkthrough of the OWASP Agentic Top 10 with live demonstrations of prompt injection, tool poisoning, and confused deputy attacks against representative agent architectures.
Best for: technical conferences, OWASP chapters, security engineering teams.
The MCP Security Disaster: What Goes Wrong When Agents Get Tools
Specific deep dive on Model Context Protocol attack patterns. Tool poisoning, meta-context injection, cross-server attacks. Practical mitigations.
Best for: AI engineering audiences, infrastructure security teams.
AI Act Article 15 in Practice: Cybersecurity Requirements for High-Risk AI
The technical control mapping behind the EU AI Act's cybersecurity requirements. What the article actually requires of engineering teams.
Best for: compliance and governance audiences, IAPP chapters, regulated-industry security teams.
Threat Modeling for Agent Architectures
Hands-on workshop format. Extends STRIDE for agentic systems. Participants threat-model a representative system live.
Best for: engineering teams, internal training.
Past speaking
OWASP Stockholm: MCP Security, One Year In
OWASP Stockholm Chapter · May 2026
A debrief from a year of Model Context Protocol security in production: where servers trust callers by default, the attack patterns that show up most often, and the mitigations that actually hold.
Read the debrief →Upcoming: submissions in progress for OWASP Global AppSec USA (November 2026) and IAPP Global Privacy Summit (April 2027).
What audiences get
- Slides and supporting material delivered before the event so AV and accessibility checks can happen properly
- A demo environment available for hands-on segments (no production data, runs in a sandbox)
- Time set aside for Q&A. The most valuable part of a talk is usually the questions.
- Follow-up handouts for participants who want to go deeper
Corporate training
For private engagements (your own engineering org, security team, or partner audience), training is delivered as half-day or full-day formats. Same offer covered in detail at Team Workshop →.
Booking
| Type | Format | Booking lead time |
|---|---|---|
| Conference talk | 30 to 60 minutes, on stage | 6 months ahead is best |
| Private corporate training | Half or full day, on-site or remote | 8 to 12 weeks |
| Online workshop or webinar | 60 to 120 minutes | 4 to 6 weeks |
Based in Gothenburg, Sweden. Comfortable traveling within Europe. One to two long-haul trips per year for major events. Honoraria expectations standard for senior practitioner speakers; exact terms depend on event size and format.
Submit a speaking request →