Adversarial machine learning has hit the spotlight as a topic relevant to practically-minded security teams, but noise and hype have diluted the discourse to gradient-based comparisons of blueberry muffins and chihuahuas. This fails to reflect the attack landscape, making it difficult to adequately assess the risks. More concerning still, recommendations for mitigations are similarly lacking in their calibration to real threats. This talk discusses research conducted over the past year on real-world attacks against machine learning systems which include recommendation engines, algorithmic trading platforms, email filtering – in addition to the classic examples of facial recognition and malware classification. We’ll begin by discussing the difference between academic and deployment attack environments before diving into real-world attack examples. Most importantly, the bulk of the session will detail practical defensive measures.