Threat Hunting Summit Keynote: Is It Time to Embrace Automated Threat Hunting?
Join David Bianco, cybersecurity researcher with Cisco’s SURGe team, as together we re-examine the role of the human in threat hunting.
Join David Bianco, cybersecurity researcher with Cisco’s SURGe team, as together we re-examine the role of the human in threat hunting.
Summit: June 17 @ 10:00 am – 4:30 pm EDT Live Training: June 18 - 26 Is your security posture proactive or reactive? Threat hunting is where defenders assume compromise, search beyond alerts, and uncover attackers hiding in plain sight. It’s how modern security teams ...
Join Faan Rossouw, creator of aionsec.ai, as he walks you through how agentic AI frameworks can automate the grind, expand your investigative reach, and help you operate at a scale no individual threat hunter can match.
Join Jamie Levy, Senior Director of Adversary Tactics at Huntress and Core Developer of the Volatility project, for a technical session outlining how to analyze memory samples of infected machines quickly and efficiently.
Join Sydney Marrone, Head of Threat Hunting at Nebulock, as she introduces the LOCK pattern (Learn, Observe, Check, Keep), a lightweight framework for turning every investigation into a persistent, markdown‑based record your AI can actually use.
Join Hermon Kidane, Network Threat Hunter at Active Countermeasures, as he walks you through a practical approach to finding covert command and control channels using RITA and Zeek telemetry.
Join Shane Hartman, Principal IR Consultant at TrustedSec, as he turns threat hunting from guesswork into a disciplined, hypothesis‑driven process.
Join Patterson Cake (Director of IR, BHIS), Troy Wojewoda (Incident Responder, Threat Hunter, and SOC Principal Analyst, BHIS), John Danyluk (Partner, Gentry Locke), and David Vanalek (Chief Legal and Compliance Officer, Richmond National Insurance) for a fast‑paced, candid panel discussion that demystifies the legal and insurance decisions every defender eventually faces.
In this talk, Lauren Proehl, Global Head of Detection and Response at Marsh and co‑founder of THOR Collective, walks through a practical, repeatable workflow for using large language models to convert published threat reports into structured, testable hunt hypotheses.
Join Jason Haddix, CEO and “Hacker in Charge” at Arcanum Information Security, as he lays out a practical architecture for defending AI agents based on real-world assessments and organizing controls across the full ecosystem: application design and tool boundaries, system prompt hardening, and intermediate guardrails and classifier-based protections.
In this Anti-Cast, Bronwen Aker, AI Researcher at BHIS, will take you beyond prompting fundamentals and move into more advanced prompt techniques designed for real-world use.
Join Evan Kirstein, Mesh Networking Practitioner & Amateur Radio Operator (KJ5MCN), and Luke Canfield, Tactical UAS Researcher & Defense Systems Analyst, for a free one‑hour Anti-Cast where they’ll walk you through a practical, field‑tested approach to re‑establishing connectivity using two accessible technologies: 3D‑printable FPV airframes and Meshtastic (LoRa) mesh radios.
Join Markus Schober, founder of Blue Cape Security and former enterprise incident responder, demonstrates why both AI and human analysts draw incorrect conclusions from Windows forensic artifacts, and how proper correlation leads to more defensible investigations.
Join Ashley Wolfe, OT/ICS security practitioner and researcher, as she breaks down why OT security proposals keep dying in conference rooms — and how to walk in with something that actually sticks. In one hour, you'll leave with a threat scenario that fits your industry, a number you can put on inaction, and a first step that doesn't need budget approval.
In this Anti-Cast, Bronwen Aker, AI Researcher at BHIS, will take you beyond prompting fundamentals and move into more advanced prompt techniques designed for real-world use.
Join Ads Dawson of Dreadnode and Mike Takahashi of Zenity — ranked among the top bug bounty hunters on HackerOne and Mozilla's AI programs — as they break down a year's worth of data exfiltration bugs found across production AI applications, showing how the same primitive behind XSS now lets attackers steal PII, business data, and private messages through AI agents.
Summit: August 14 @ 10:00 am – 4:30 pm EDT How do you secure a future that is already here? AI is changing how organizations operate, how defenders protect systems, and how attackers identify and exploit opportunities. New capabilities, new risks, and new questions are ...
Join Ethan Robish, Black Hills Infosec former pentester and current SOC architect, for a technical session on the scaffolding, guardrails, and processes that turn agentic coding from a novelty into a production-grade workflow.
In this session, Hayden Covington, Associate Director of Security Operations at the BHIS SOC, will walk through how to design custom agents for real security operations work: triage support, detection engineering, enrichment workflows, reporting, research, and review-heavy operational tasks. The focus is not magic prompts or over-engineered instructions; it is the engineering work behind useful agents. Powerful agents have clear roles, bounded authority, durable memory, tool access, handoff points, review gates, and failure modes that operators can actually relate to.
Do you dread writing incident response documentation? Gerard Johansen of IR Proactive shows how LLMs can quickly create, refine, and validate incident response policies, plans, workflows, and communications playbooks.
Join Faan Rossouw (aionsec.ai) for a 25-minute, demo-driven session on a blind spot in every security system that puts an LLM agent in the analysis loop: the data the agent reads is partly authored by the adversary, which turns your own telemetry into a potential prompt-injection channel.
