Sajeeb Lohani
Sajeeb Lohani is the Global TISO and Senior Director of Cybersecurity at Bugcrowd, and a Sessional Lecturer at the University of Melbourne. He holds OSCP and OSWE certifications, and is a core contributor to Interlace, an open-source tool for automating penetration testing workflows. Ranked in Bugcrowd’s global top 40 and #2 on DVuln, Sajeeb is an active bug bounty hunter with acknowledgments in the halls of fame of Amazon, Yahoo, GitHub, Atlassian, Okta, and many others.
He regularly contributes to the Melbourne security community as founder of the Monash Cyber Security Club, a mentor with AWSN workshops, and a frequent speaker at meetups and conferences, including DevSecCon Seattle, Bsides Perth, RuxCon, and OWASP New Zealand.
Session
Ever wondered how much of your team’s time is wasted on repetitive, low-value tasks instead of actual security work? Most internal security teams are stretched thin, juggling incident response, compliance demands, and endless manual processes. In this talk, I’ll walk through how we experimented with automation and AI to take the boring, repetitious stuff off our plates, while still keeping security tight. We’ll look at how prompt engineering can give workflows the right context so automations can safely make the first call on routine decisions, and where that approach breaks down. I’ll share the good, the bad, and the ugly of what we tried, including lessons learned about trust, oversight, and failure cases. The real goal isn’t AI hype. It’s making defence less exhausting so people have the bandwidth to tackle harder problems, like scaling automation across the business.