AI Security & Governance — Secure MCP Development, Prompt Injection, and OWASP for LLMs

You have Cowork deployed and now you're staring at the question: who's going to approve this, how will we audit it, what if someone exploits it? WS3 gives you answers grounded in concrete demonstrations.

• Security architects — approve MCP connectors.
• CIO / CTO — the governance document will need support from leadership.
• Compliance or governance lead (banking, telco, public sector).
• Developers who will write custom MCP servers — for the afternoon Track 2.
• Internal auditor or DPO, if GDPR is in play.

• Concrete prompt injection demos in multiple forms — you'll set them up and try them yourself.
• An audit process design for your organization — who approves, what's logged, how you handle an incident.
• Your own secure MCP server (Track 2) — a working prototype with authentication, scope restriction, logging.
• A governance document template — 1–3 pages, the kind people will actually read.
• A risk map mapped to OWASP Top 10 for LLM and MCP specifics (tool poisoning, scope creep).

• Risk demos that show why this matters. Prompt injection via email, image, PDF, GitHub issue.
• OWASP Top 10 for LLM + MCP-specific risks.
• Practical exercise: attack an MCP server and see from the inside what you need to watch.
• Exercise: design an audit process for your company.

• Track 1 (governance): how to structure agentic infrastructure, draft the governance document, and define the incident process.
• Track 2 (development): MCP anatomy, writing your own secure MCP server with authentication, scope restriction, logging, and rate limiting.

• Format: on-demand, delivered for one company at a time. Public dates announced ad hoc.
• Max participants: 15
• Location: Applifting Meetup Space, Prague — Karlín. Private on-site runs possible.
• Price: from 90,000 CZK ex-VAT for the whole group.
• Trainers: Jakub Vacek (security lead), Matyáš Křeček (MCP architecture), Karel Smutný (governance).