Hacking AI Agents with Python

FORMAT: TalkLEVEL: Intermediate LANGUAGE: Spanish

Artificial intelligence is evolving from static models to autonomous systems capable of reasoning, making decisions, and executing actions through tools and APIs. These systems, known as AI agents, are primarily built in Python. But with this evolution comes a new attack surface. In this talk we'll explore how AI agents can be exploited from an offensive perspective, using Python to demonstrate real attacks such as: prompt injection in agent pipelines, information exfiltration through RAG, decision manipulation through adversarial inputs, and abuse of connected tools and APIs. From these scenarios, we'll show how to design security testing (pentesting) specific to AI systems, including black-box, gray-box, and white-box approaches. The talk won't focus only on attacks but also on how to mitigate them, presenting a practical roadmap to evaluate and strengthen AI systems in production. This session is aimed at Python developers, data scientists, and engineers building or integrating AI systems who want to understand how to secure what they're creating.

Speaker

Christian Urcuqui

Senior Data Scientist @ TryHackMe

I'm Christian Urcuqui, Cybersecurity Data Scientist with over 11 years of experience in artificial intelligence, cybersecurity, and production machine learning systems. I've worked on designing and evaluating AI systems for threat detection, behavior analysis, and agent-based architectures. I currently collaborate with international organizations on AI Security content and solutions, including agent pentesting and threat modeling. I've been a speaker at events like DEF CON, Ekoparty, BSides, and PyCon, and I'm the author of books on artificial intelligence applied to cybersecurity. My approach combines research, offensive practice (adversarial ML), and secure system design.

View speaker

Want to know more?

Join PyCon Colombia newsletter and get a complete overview of our events, speakers and community participation.