Joshua Saxe
Machine-learning-for-security researcher. For roughly four years he tech-led AI security work at Meta, including prompt-injection defense and defending AI systems from AI-native attacks; he is the corresponding author of the LlamaFirewall paper (arXiv:2505.03574), the framework that productizes that prompt-injection and agent-alignment defense work. The week before Unprompted March 2026 he co-founded a security-agent startup.
At the conference he presented “The Hard Part Isn’t Building the Agent”, arguing that classical precision/recall evaluation rests on a transparent-ground-truth oracle that does not exist in cybersecurity, and that security agents should be evaluated on multi-dimensional reasoning rubrics calibrated with an LLM-as-a-judge. The talk is the practitioner-methodology layer of the wiki’s evaluation argument.