I’m excited to be speaking at KCDC 2026 in Kansas City. My session, Hack the Helper: Exploiting AI Agents, MCP, LLMs, and the new AppSec frontier, looks at AI systems the way attackers look at web applications: as stacks of trust boundaries, credentials, tools, and inputs that can be abused when we get the design wrong.

KCDC continues to be one of the strongest developer conferences in the Midwest, and it is a great place to have this conversation with people building real systems. If you’re working with copilots, agentic workflows, internal tooling, or enterprise AI, this session is for you.

Event Details

Dates: September 10-11, 2026
Location: Kansas City Convention Center, 301 W 13th St, Kansas City, MO 64105

KCDC also includes a pre-conference workshop day on September 9.

Presentation

Hack the Helper: Exploiting AI Agents, MCP, LLMs, and the new AppSec frontier

In the late 1990s, the web looked harmless until XSS, session hijacking, and SQL injection taught us that every input, identity, and dependency can become an attack surface. We are repeating that mistake with AI.

In this session, I’ll map classic application security concepts to the modern AI stack. We’ll walk through how prompt injection, vector poisoning, tool hijacking, MCP supply-chain attacks, agent identity abuse, and data exfiltration show up in systems that can read files, call APIs, invoke tools, and take action with enterprise-grade privileges.

Using the OWASP Top 10 for LLM Applications and the emerging MCP ecosystem as reference points, we’ll look at how untrusted prompts, untrusted embeddings, and untrusted tools combine into a perfect storm. A single malicious input can be enough to make an AI system misuse its credentials, leak sensitive data, or execute unintended actions without traditional malware or shell access.

This talk is for architects, security engineers, platform teams, and developers building AI-enabled products or internal AI workflows. If you already understand XSS, CSRF, dependency confusion, and token theft, you already understand the shape of these AI security problems. The goal is to make those parallels concrete so you can recognize and defend the new failure modes earlier.

Event Highlights

• Learn how classic web and cloud attack patterns map directly to AI agents and LLM-powered systems.
• See why prompt injection is only one part of the problem once tools, memory, and external context are in the loop.
• Understand how MCP and other tool ecosystems expand the supply-chain and trust-boundary surface area.
• Leave with a practical mental model for reviewing AI systems like security-critical applications instead of helpful assistants.
• Connect with developers, architects, and security practitioners across the Midwest at one of the region’s best software conferences.

Conference details: https://www.kcdc.info/
Tickets / registration: https://ti.to/kansas-city-developers-conference/kcdc-2026

If KCDC publishes the session schedule and room assignment later, I’ll update this page with those details.

About KCDC

KCDC is the Kansas City Developer Conference, an annual community-driven event that brings together developers, architects, designers, QA professionals, and technology leaders for two full days of sessions plus a pre-conference workshop day. It is consistently a high-signal event with a strong regional community and a wide range of practical technical content.