AI Development Challenges in View of EU Regulations – Mathias Conradt, Sonar
This session tackles the critical challenges of enterprise GenAI adoption, where development velocity often conflicts with organizational control, creating a „trust gap” and significant financial and reputational fallout. We will explore the „New Attack Surface” defined by the OWASP Top 10 for LLM Applications – from prompt injection to supply chain vulnerabilities – and demonstrate the real-world dangers of insecure AI-generated code. This new risk landscape is unfolding under a „Regulatory Imperative” from the EU’s DORA, NIS2, CRA and the EU AI Act, which mandate end-to-end security and accountability. We will outline a „Resilient Path” forward, positioning a „High Quality & Secure Code Policy” as a critical „AI Control Layer” that must be enforced directly within the CI/CD pipeline, ensuring that compliance and control are the foundations of, not barriers to, AI velocity.

About the Speaker
Mathias Conradt, Staff Solutions Engineer at Sonar
A highly experienced cybersecurity professional with a 27-year track record in software engineering, project management, and pre-sales; certified as an AWS Solutions Architect and in Scrum, PRINCE2, and ITIL. Passionate about leveraging open source, automation, and data privacy to build secure and efficient systems. His entrepreneurial spirit, honed by 15 years leading his own software development company in Germany and Hong Kong, fuels his drive for innovation.