Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters.

What matters is whether they can prove their defenses actually work.

In this talk, Snehal Antani, CEO of Horizon3.ai, shares how leading organizations are using autonomous pentesting to see their environment through the attacker’s eyes — continuously, safely, and at scale. By shifting from assumptions to proof, they’ve learned to:

• Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk that are known to be abused by threat actors.

• Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.

• Reduce attacker dwell time. Use pentest results to precisely deploy honeyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.
   

Cyber resilience isn’t about being perfect — it’s about getting better over time. And the only perspective that truly matters is the attacker’s.

Despite billions spent annually on IAM, PAM, and IGA tools, more than 40% of enterprise applications remain outside the identity perimeter. Critical platforms—social media apps, vendor portals, legacy tools, and other disconnected apps—lack SAML, SCIM, or API support. These “last mile” gaps create dangerous patterns: weak or reused passwords, unmanaged privileged accounts, incomplete deprovisioning, and widespread credential sharing. The result? Elevated breach risk and compliance exposure.    

In this session, Donovan Blaylock will expose why disconnected apps are one of today’s biggest blind spots in identity security. He’ll share how leading enterprises are closing these gaps with automation—eliminating manual credential management, streamlining provisioning and deprovisioning, enforcing MFA without added friction, and securing high-risk shared accounts like corporate social media.    

Attendees will leave with practical strategies to extend their identity perimeter to every app—without custom connectors or hidden license costs—and learn how to reduce risk, save time, and strengthen compliance across their organization’s most vulnerable access points.

How attackers use AI swarms to run parallel reconnaissance, exploitation, and adaptation at machine speed and why traditional, linear security models collapse under swarm-scale pressure. See how Deep Hat and Kindo work together to deliver attacker-grade reasoning with governed execution inside an AI-native terminal.

AI has fundamentally changed what regulators, customers, and boards expect organizations to know — and prove — about the software they ship. In 2026, transparency is no longer a differentiator; it’s the baseline. From the EU Cyber Resilience Act to evolving U.S. guidance, organizations are under growing pressure to demonstrate how AI-enabled software is built, governed, and secured across the supply chain.  

This session takes a candid look at the emerging reality of AI governance and software trust. Drawing on patterns Sonatype observes across thousands of development teams, we’ll explore how organizations are responding to new compliance expectations, where governance efforts break down, and what “good” looks like in practice. We’ll examine how transparency artifacts (including SBOMs) fit into broader governance programs — and why many fail to translate into real risk reduction or audit readiness.  

Attendees will learn:

- How AI governance and software transparency expectations are evolving in 2026

- What regulators and customers increasingly expect organizations to prove

- Common gaps that undermine AI and software trust initiatives

- Practical approaches to operationalizing transparency for compliance, risk reduction, and long-term trust

What would a fire-fighter say about fire prevention if they only had 20 minutes? That’s this session, but about Ransomware. No sales pitches, no detailed explanations of risks or technologies. Just an Incident Response specialist giving you the Top 5 things to bring back and ask “Do we have these things? If not, how do we get them?”. Because we’ve seen what happens when ransomware finds the unprepared!

Abstract
AI and new digital technologies will continue to shift the cybersecurity landscape in 2026. This session explores how modern tools can enhance detection, response, and decision making while introducing new risks tied to generative systems, data integrity, and fast moving threat innovation. Leaders will gain a clear view of how to adopt emerging technology in a responsible and strategic way that supports resilience and aligns with enterprise risk goals.

Key Takeaways
• How AI and emerging tech are reshaping core security functions
• The new risks created by generative models and evolving attack techniques
• Practical governance steps that support responsible AI use
• Examples of organizations pairing innovation with disciplined risk management

Don't Let Ransomware Run If ransomware or a virus cannot execute, it cannot harm your computer. The computer's operating system can restrict program execution, ensuring that only authorized programs are allowed to run.

News headlines show you the breaches at massive corporations, but it’s everyday organizations that face the most threats. Adversaries prey on the human psyche and use AI to advance their tactics and target the companies that keep our communities running.

For these companies, a ransomware or BEC attack isn’t just a stressful event—it’s the reason they can’t make payroll. This session explores how hackers plan to win, and why you don’t need a massive budget to fight back.

We’ll get into how Huntress brings cyber resilience through a powerful combo of purpose-built technology and human SOC expertise to stop threats before they cause damage—because organizations of ALL sizes deserve a fighting chance against attackers.

First introduced by Gartner in 2022, Continuous Threat Exposure Management (CTEM) has quickly moved beyond buzzword status to become a cornerstone of modern cybersecurity programs. Beyond traditional vulnerability management programs, CTEM focuses on continuously identifying, validating, and prioritizing exposures so security teams can act with precision. But the stakes are rising. Adversaries are weaponizing AI to discover and exploit vulnerabilities faster than ever, leaving organizations little margin for error. For CISOs, the challenge isn’t just finding exposures—it’s keeping pace with an accelerating threat landscape while making smarter use of existing resources.

Security and IT teams are drowning in endless alerts and chasing signals that rarely translate into actionable defense. Meanwhile, attackers have their sights set on the one asset most organizations overlook – backups. In this session, see how Druva, a simplified next-gen Cyber Resilience solution, leverages DruAI and AI Agents to turn backups from passive insurance into an active layer of cyber defense, providing real-time threat intel and guaranteeing recovery when the need arises. You’ll leave with: How to use conversational AI with natural language to query backup intelligence and jump-start investigations Practical ways DruAI Agents automate hardening and recovery readiness Using Druva MetaGraph to add rich context to alerts across SecOps tools Detecting ransomware behaviors via ML anomalies (not static rules) Pushing backup telemetry into SIEM/XDR for faster correlation and response.

As attackers increasingly focus on identity-based attacks, traditional defenses are no longer enough. This session helps attendees gain insight into how adversaries exploit misconfigurations, legacy protocols, and operational gaps to move laterally and establish persistence. The discussion then shifts to practical defense strategies, covering prevention, detection, and recovery techniques that security and IT teams can apply in real-world environments. Attendees will leave with a clear understanding of what is needed to protect their IdPs in today’s threat landscape, along with actionable steps to strengthen identity resilience within their organization.

AI is the “new workforce.” Agents are “workers.” IT is the “HR department” for machines. Stop! When we use human language for AI, we weaken our focus on leading real people. That’s a real problem when we already struggle to turn technologists and analysts into managers.

As machines automate more work, we need more from humans, not less. We need adaptive performance, with our people operating from their thrive brain, generating ideas and solving higher-order problems. Fear only pushes people into survival mode: thinking narrows, risk-taking drops, and work becomes tactical. Leading through change means clarifying vision, shaping language, reducing fear, and building leaders who can motivate, adapt, and help people do their best work.

Attackers are leveraging LLMs to level-up their Phishing abilities; defenders need to do the same. In this brief talk, we will present an approach to implementing extremely effective email security using modern tools, without sacrificing control and transparency to a black box approach.

Organizations continue to invest heavily in cybersecurity tools—yet breaches, burnout, and missed priorities persist. Why? Because cyber capabilities are increasingly constrained not by technology, but by how talent is deployed, supported, and aligned to risk.

In this session, we’ll explore how security leaders can assess and optimize cybersecurity talent utilization to reduce workforce risk and strengthen outcomes. Attendees will learn practical approaches to document, visualize, and measure where cyber talent is over- or under-leveraged—revealing hidden bottlenecks, single points of failure, and unused capacity.

We’ll walk through how to map and benchmark cyber capabilities against business objectives and threat exposure, enabling leaders to identify critical gaps and prioritize investment where it matters most. Finally, the talk connects workforce strategy to security performance by showing how aligning career aspirations, workload balance, and succession planning improves retention, reduces burnout, and measurably strengthens organizational security posture.

This session is designed for CISOs, CIOs, and cyber leaders seeking clear, data-driven visibility into their cyber capabilities—and a repeatable way to ensure their most critical asset, their people, are not the weakest link

Abstract:
Cybersecurity challenges are complex, and solving them requires teams with diverse perspectives, skills, and experiences. This panel explores how diversity drives better problem-solving, innovation, and threat detection in security organizations.

Panelists will share strategies for attracting and retaining talent from varied backgrounds, leveraging unique thinking styles, and applying different experiences to uncover blind spots in risk management. Attendees will gain actionable insights for building teams that are not only technically skilled but more adaptive, creative, and resilient in the face of evolving cyber threats.

Key Takeaways:

• Understand how diversity strengthens problem-solving, innovation, and threat response.
• Learn approaches to recruit and retain talent from non-traditional backgrounds.
• Explore how different perspectives and thinking styles reveal hidden risks.
• Gain strategies to create teams that are adaptable, collaborative, and resilient.
• Walk away with practical ideas for integrating diversity into cybersecurity team design and strategy.

Attackers are no longer triggering alerts; they’re hiding in plain sight. This session shows how deception technology transforms attacker behavior into high-confidence detection signals. Learn how integrating deception into an Open Active XDR platform improves visibility, reduces noise, and enables faster, smarter response to real threats across modern enterprise environments