Events

Join David Bianco, cybersecurity researcher with Cisco’s SURGe team, as together we re-examine the role of the human in threat hunting.

Join Faan Rossouw, creator of aionsec.ai, as he walks you through how agentic AI frameworks can automate the grind, expand your investigative reach, and help you operate at a scale no individual threat hunter can match.

Join Jamie Levy, Senior Director of Adversary Tactics at Huntress and Core Developer of the Volatility project, for a technical session outlining how to analyze memory samples of infected machines quickly and efficiently.

Join Sydney Marrone, Head of Threat Hunting at Nebulock, as she introduces the LOCK pattern (Learn, Observe, Check, Keep), a lightweight framework for turning every investigation into a persistent, markdown‑based record your AI can actually use.

Join Hermon Kidane, Network Threat Hunter at Active Countermeasures, as he walks you through a practical approach to finding covert command and control channels using RITA and Zeek telemetry.

Join Shane Hartman, Principal IR Consultant at TrustedSec, as he turns threat hunting from guesswork into a disciplined, hypothesis‑driven process.

Join Patterson Cake (Director of IR, BHIS), Troy Wojewoda (Incident Responder, Threat Hunter, and SOC Principal Analyst, BHIS), John Danyluk (Partner, Gentry Locke), and David Vanalek (Chief Legal and Compliance Officer, Richmond National Insurance) for a fast‑paced, candid panel discussion that demystifies the legal and insurance decisions every defender eventually faces.

In this talk, Lauren Proehl, Global Head of Detection and Response at Marsh and co‑founder of THOR Collective, walks through a practical, repeatable workflow for using large language models to convert published threat reports into structured, testable hunt hypotheses.

Join Jason Haddix, CEO and “Hacker in Charge” at Arcanum Information Security, as he lays out a practical architecture for defending AI agents based on real-world assessments and organizing controls across the full ecosystem: application design and tool boundaries, system prompt hardening, and intermediate guardrails and classifier-based protections.