BEGIN:VCALENDAR
VERSION:2.0
PRODID:-//Antisyphon Training - ECPv6.15.20//NONSGML v1.0//EN
CALSCALE:GREGORIAN
METHOD:PUBLISH
X-ORIGINAL-URL:https://www.antisyphontraining.com
X-WR-CALDESC:Events for Antisyphon Training
REFRESH-INTERVAL;VALUE=DURATION:PT1H
X-Robots-Tag:noindex
X-PUBLISHED-TTL:PT1H
BEGIN:VTIMEZONE
TZID:America/New_York
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20250309T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20251102T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20260308T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20261101T060000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0500
TZOFFSETTO:-0400
TZNAME:EDT
DTSTART:20270314T070000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0400
TZOFFSETTO:-0500
TZNAME:EST
DTSTART:20271107T060000
END:STANDARD
END:VTIMEZONE
BEGIN:VTIMEZONE
TZID:America/Denver
BEGIN:DAYLIGHT
TZOFFSETFROM:-0700
TZOFFSETTO:-0600
TZNAME:MDT
DTSTART:20250309T090000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0600
TZOFFSETTO:-0700
TZNAME:MST
DTSTART:20251102T080000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0700
TZOFFSETTO:-0600
TZNAME:MDT
DTSTART:20260308T090000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0600
TZOFFSETTO:-0700
TZNAME:MST
DTSTART:20261101T080000
END:STANDARD
BEGIN:DAYLIGHT
TZOFFSETFROM:-0700
TZOFFSETTO:-0600
TZNAME:MDT
DTSTART:20270314T090000
END:DAYLIGHT
BEGIN:STANDARD
TZOFFSETFROM:-0600
TZOFFSETTO:-0700
TZNAME:MST
DTSTART:20271107T080000
END:STANDARD
END:VTIMEZONE
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260617T113000
DTEND;TZID=America/New_York:20260617T115500
DTSTAMP:20260418T061225
CREATED:20260415T193622Z
LAST-MODIFIED:20260415T205427Z
UID:10000946-1781695800-1781697300@www.antisyphontraining.com
SUMMARY:Threat Hunting Summit Talk: Memory Forensics for Everyone
DESCRIPTION:With Jamie Levy \n\n\n\n\n\n\n\nHave you ever wondered how to conduct an investigation using only RAM? \n\n\n\nJoin Jamie Levy\, Senior Director of Adversary Tactics at Huntress and Core Developer of the Volatility project\, for a technical session outlining how to analyze memory samples of infected machines quickly and efficiently. \n\n\n\nShe’ll show you how to efficiently conduct your own investigations using Volatility and confidently analyze malware running in memory. You’ll learn how to automate your workflow to work quickly through several memory samples at once. \n\n\n\nWalk away with the skills to pull truth out of RAM—even when nothing else remains. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n\n\n This talk is part of the Antisyphon Training Threat Hunting Summit\, a free\, six-hour\, live virtual event designed to give you a practical\, real-world look at how cyber threat hunters detect stealthy adversaries\, investigate suspicious behavior\, and turn discoveries into stronger defenses. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive\, effective defender. \n\n\n\n\nLearn more about the Threat Hunting Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nJamie Levy\n\n\n\n\nBio\n\n\n\nJamie Levy is the Senior Director of Adversary Tactics at Huntress. Jamie is also a researcher\, developer\, and board member of the Volatility Foundation. She has worked over 15 years in the digital forensics industry\, conducting investigations as well as building software solutions. Jamie is also a co-author of The Art of Memory Forensics\, the first book of its kind covering various facets of how to investigate RAM artifacts.  \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/threat-hunting-summit-talk-memory-forensics-for-everyone/
CATEGORIES:Threat Hunting
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/04/TH-Summit-Talk_Jamie-Levy_Memory-Forensics-For-Everyone.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260617T120000
DTEND;TZID=America/New_York:20260617T122500
DTSTAMP:20260418T061225
CREATED:20260415T195557Z
LAST-MODIFIED:20260415T205419Z
UID:10000941-1781697600-1781699100@www.antisyphontraining.com
SUMMARY:Threat Hunting Summit Talk: Avoiding Hunt Amnesia: Building a Memory Your AI Can Use
DESCRIPTION:With Sydney Marrone \n\n\n\n\n\n\n\nWhat if your next threat hunt could start with a simple question to your AI assistant: “What did we find last time we investigated lateral movement?” \n\n\n\nJoin Sydney Marrone\, Head of Threat Hunting at Nebulock\, as she introduces the LOCK pattern (Learn\, Observe\, Check\, Keep)\, a lightweight framework for turning every investigation into a persistent\, markdown‑based record your AI can actually use. \n\n\n\nYou’ll learn how to build a hunt repository that preserves institutional knowledge\, accelerates future investigations\, and gives both humans and AI assistants a shared memory to work from. \n\n\n\nGive your hunting program a durable memory and watch your mean time to hypothesis drop. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n\n\n This talk is part of the Antisyphon Training Threat Hunting Summit\, a free\, six-hour\, live virtual event designed to give you a practical\, real-world look at how cyber threat hunters detect stealthy adversaries\, investigate suspicious behavior\, and turn discoveries into stronger defenses. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive\, effective defender. \n\n\n\n\nLearn more about the Threat Hunting Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nSydney Marrone\n\n\n\n\nBio\n\n\n\nSydney Marrone is a threat hunter\, cybersecurity professional\, co-founder of THOR Collective\, author of the Agentic Threat Hunting Framework\, and co-author of the PEAK Threat Hunting Framework. She is passionate about making security knowledge accessible and actionable through hands-on research\, open-source collaboration\, and community-driven projects like HEARTH (Hunting Exchange And Research Threat Hub). Sydney creates resources\, leads workshops\, and shares insights that spark curiosity and empower defenders. Outside of work\, she writes for THOR Collective Dispatch\, lifts weights\, and makes cyber-themed music using AI to blend creativity and hacker culture.  \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/threat-hunting-summit-talk-avoiding-hunt-amnesia-building-a-memory-your-ai-can-use/
CATEGORIES:Threat Hunting
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/04/TH-Summit-Talk_Sydney-Marrone_Avoiding-Hunt-Amnesia.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260617T130000
DTEND;TZID=America/New_York:20260617T132500
DTSTAMP:20260418T061225
CREATED:20260415T200942Z
LAST-MODIFIED:20260415T205606Z
UID:10000942-1781701200-1781702700@www.antisyphontraining.com
SUMMARY:Threat Hunting Summit Talk: Threat Hunting with RITA: A Behavioral Analysis of C2 Traffic
DESCRIPTION:With Hermon Kidane \n\n\n\n\n\n\n\nHow do you catch an attacker when their malware is specifically designed to blend in with everyday network noise? \n\n\n\nJoin Hermon Kidane\, Network Threat Hunter at Active Countermeasures\, as he walks you through a practical approach to finding covert command and control channels using RITA and Zeek telemetry. \n\n\n\nYou’ll learn how to analyze connection durations\, beaconing cadences\, and key metrics like network prevalence and first-seen behavior to spot DNS tunnels and persistent threats\, cutting through the raw data to find the actual compromise. \n\n\n\nWalk away with a downloadable custom dataset and some bonus hunting scripts\, so you can immediately start practicing these techniques on your own. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n This talk is part of the Antisyphon Training Threat Hunting Summit\, a free\, six-hour\, live virtual event designed to give you a practical\, real-world look at how cyber threat hunters detect stealthy adversaries\, investigate suspicious behavior\, and turn discoveries into stronger defenses. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive\, effective defender. \n\n\n\n\nLearn more about the Threat Hunting Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nHermon Kidan\n\n\n\n\nBio\n\n\n\nHermon is a Network Threat Hunter at Active Countermeasures where he does behavioral analysis of network traffic to expose covert infrastructure. His daily work centers on translating raw Zeek telemetry into actionable threat intelligence to track down persistent\, low-and-slow threats. Prior to hunting\, he spent two years at a help desk and another two years as a systems administrator. In his spare time\, he likes to tinker with his homelab\, follow Formula 1\, and watch movies.  \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/threat-hunting-summit-talk-threat-hunting-with-rita-a-behavioral-analysis-of-c2-traffic/
CATEGORIES:Threat Hunting
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/04/TH-Summit-Talk_Hermon-Kidane_Threat-Hunting-With-RITA.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260617T133000
DTEND;TZID=America/New_York:20260617T135500
DTSTAMP:20260418T061225
CREATED:20260415T201301Z
LAST-MODIFIED:20260415T205821Z
UID:10000943-1781703000-1781704500@www.antisyphontraining.com
SUMMARY:Threat Hunting Summit Talk: Threat Hunting in the Dark: A Practical Approach
DESCRIPTION:With Shane Hartman \n\n\n\n\n\n\n\nYou know threats exist on your network—but where do you begin looking? Which direction should you go\, and do you even have the data you need to find them? \n\n\n\nJoin Shane Hartman\, Principal IR Consultant at TrustedSec\, as he turns threat hunting from guesswork into a disciplined\, hypothesis‑driven process. \n\n\n\nYou’ll learn how to cast a wide net\, refine your hypotheses\, validate suspicious behavior with real telemetry\, and convert findings into actionable detections. \n\n\n\nBy the end of this session\, you’ll have a repeatable method for creating\, assessing\, and executing hunts—so the next time you’re hunting in the dark\, you won’t be going in blind. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n\n\n This talk is part of the Antisyphon Training Threat Hunting Summit\, a free\, six-hour\, live virtual event designed to give you a practical\, real-world look at how cyber threat hunters detect stealthy adversaries\, investigate suspicious behavior\, and turn discoveries into stronger defenses. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive\, effective defender. \n\n\n\n\nLearn more about the Threat Hunting Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nShane Hartman\n\n\n\n\nBio\n\n\n\nShane Hartman is a Principal Incident Response Consultant at TrustedSec\, specializing in advanced threat hunting\, forensic triage\, and intrusion analysis. With over 30 years in IT and two decades in information security\, Shane helps organizations detect\, investigate\, and contain targeted attacks against critical systems and intellectual property. His previous roles at FireEye\, Fortinet\, and RSA focused on malware reverse engineering\, threat intelligence production\, and adversary tradecraft analysis. He frequently presents and teaches at the University of South Florida on topics including Digital Forensics\, Ethical Hacking\, and Offensive Operations.  \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/threat-hunting-summit-talk-threat-hunting-in-the-dark-a-practical-approach/
CATEGORIES:Threat Hunting
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/04/TH-Summit-Talk_Shane-Hartman_Threat-Hunting-in-the-Dark.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260617T140000
DTEND;TZID=America/New_York:20260617T145000
DTSTAMP:20260418T061226
CREATED:20260415T204342Z
LAST-MODIFIED:20260417T135833Z
UID:10000948-1781704800-1781707800@www.antisyphontraining.com
SUMMARY:Threat Hunting Summit Panel: Legal Landmines\, Insurance & Incident Response
DESCRIPTION:With Patterson Cake\, Troy Wojewoda\, John Danyluk and David Vanalek \n\n\n\n\n\n\n\nWhen should you call your cyber insurance provider\, and when should you bring in outside legal counsel? And does privilege actually protect your incident communications from discoverability during litigation? \n\n\n\nJoin Patterson Cake (Director of IR\, BHIS)\, Troy Wojewoda (Incident Responder\, Threat Hunter\, and SOC Principal Analyst\, BHIS)\, John Danyluk (Partner\, Gentry Locke)\, and David Vanalek (Chief Legal and Compliance Officer\, Richmond National Insurance) for a fast‑paced\, candid panel discussion that demystifies the legal and insurance decisions every defender eventually faces. \n\n\n\nYou’ll learn how incident responders\, insurers\, and attorneys think about notification timelines\, privilege\, documentation\, and the real‑world consequences of calling—or not calling—the right people at the right time. \n\n\n\nBring your toughest questions: the panel will open the floor for live Q&A so you can finally get straight answers to the insurance and legal questions no one ever explains. \n\n\n\n  \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n This talk is part of the Antisyphon Training Threat Hunting Summit\, a free\, six-hour\, live virtual event designed to give you a practical\, real-world look at how cyber threat hunters detect stealthy adversaries\, investigate suspicious behavior\, and turn discoveries into stronger defenses. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive\, effective defender. \n\n\n\nTroy Wojeowda will teach Threat Hunting on the Edge on June 18. \n\n\n\nPatterson Cake will be teaching LOLBINS vs. LOLBINS: Endpoint Threat Hunting on June 19. \n\n\n\n\nLearn more about the Threat Hunting Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\n\nAbout the Instructors\n\n\n\nPatterson Cake\n\n\n\n\nBio\n\n\n\nPatterson Cake has worked in cybersecurity for more than two decades\, specializing in the development of incident-response teams\, programs\, and processes. He is currently the Director of Incident Response for Black Hills Information Security\, holds more than twenty-five industry certifications\, is a former SANS instructor\, teaches for Antisyphon\, and has trained law enforcement\, military\, and national cybersecurity organizations on four continents. Patterson is the creator of the “Incident Response Capabilities Matrix Model\,” developed “Rapid Triage Workflow” for IR investigations\, is a prolific speaker\, and is actively involved in the cybersecurity community. \n\n\n\n\n\n\n\n\n\n\n\n\n  \n\n\n\n\n\nTroy Wojewoda\n\n\n\n\nBio\n\n\n\nTroy Wojewoda is a Security Analyst at Black Hills Information Security (BHIS). Prior to joining BHIS\, Troy has held roles in application and system administration\, host and network intrusion detection\, wireless security\, penetration testing\, digital forensics\, malware analysis\, threat hunting\, and incident response. In addition to earning several professional certifications\, Troy has a BS in Computer Engineering and Computer Science. \n\n\n\n\n\n\n\n\n\n\n\n\n\n\nDavid T. Vanalek\n\n\n\n\nBio\n\n\n\nDavid T. Vanalek is the Chief Legal and Compliance Officer and Corporate Secretary of Richmond National\, a specialty excess and surplus lines insurance company dedicated to writing hard to place risks for small and mid-sized businesses across the country headquartered in Richmond\, Virginia. David is responsible for all corporate governance\, regulatory\, compliance\, claims law\, and litigation activities of the company and its affiliates\, and serves as legal advisor to the leadership team\, business units\, and board of directors. Prior to joining Richmond National\, David served as the Claims Chief Operating Officer at a global Fortune 500 insurance carrier\, where he led the day to day operational support for all claims divisions responsible for all lines of business throughout North America and Bermuda. David also served for years in various claims leadership roles in the professional liability\, cyber liability and management liability product lines. Prior to joining the insurance industry\, Mr. Vanalek was in private practice as a commercial litigator\, serving clients throughout California and Illinois. He received his Bachelor’s degree from the University of California\, Los Angeles\, and his law degree from the University of California\, Davis\, where he served as an Editor on Law Review\, as well as a judicial extern for an associate justice of the California Supreme Court. Mr. Vanalek is a frequent speaker on insurance\, claims\, technology\, professional liability\, cyber liability and management liability issues. \n\n\n\n\n\n\n\n\n\n\n\n\n\n\nJohn Danyluk\n\n\n\n\nBio\n\n\n\nJohn Danyluk is a partner at Gentry Locke and a member of its Band‑1‑ranked White Collar Defense\, Investigations & Compliance practice group. He represents corporate and individual clients through all phases of the criminal process and advises highly regulated industries—including government contractors\, healthcare\, and critical infrastructure—on compliance and risk. A Certified Information Privacy Professional (CIPP/US)\, he guides organizations through complex data‑privacy and cybersecurity obligations\, conducts internal investigations\, and helps clients navigate cyber incidents and regulatory scrutiny. John draws on his experience as an Army JAG Officer and former Special Assistant U.S. Attorney\, where he litigated more than 1\,000 cases and advised senior leaders on procurement\, trade regulations\, and national‑security matters. 
URL:https://www.antisyphontraining.com/event/threat-hunting-summit-panel-legal-landmines-insurance-incident-response/
CATEGORIES:Threat Hunting
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/04/TH-Summit-Panel-and-QA_Legal-Landmines.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260617T150000
DTEND;TZID=America/New_York:20260617T152500
DTSTAMP:20260418T061226
CREATED:20260416T192108Z
LAST-MODIFIED:20260416T192112Z
UID:10000945-1781708400-1781709900@www.antisyphontraining.com
SUMMARY:Threat Hunting Summit Talk: Fast-track Reports into Ready-Made Hypotheses with AI
DESCRIPTION:With Lauren Proehl \n\n\n\n\n\n\n\nWhat if every intelligence report instantly became a ready‑to‑run hypothesis — instead of dying in a Slack channel? \n\n\n\nIn this talk\, Lauren Proehl\, Global Head of Detection and Response at Marsh and co‑founder of THOR Collective\, walks through a practical\, repeatable workflow for using large language models to convert published threat reports into structured\, testable hunt hypotheses. \n\n\n\nShe’ll break down how to extract attacker tradecraft\, map TTPs\, scope data sources\, and generate analytic logic hunters can run immediately. Real examples will help you explore how crafted prompts can surface detection gaps\, enrich investigations\, and produce hypotheses that go far beyond IOC matching. \n\n\n\nExamine how AI‑assisted workflows are reshaping the future of threat hunting and leave with a method you can put to work\, whether you’re a solo hunter or running a mature program. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n\n\n This talk is part of the Antisyphon Training Threat Hunting Summit\, a free\, six-hour\, live virtual event designed to give you a practical\, real-world look at how cyber threat hunters detect stealthy adversaries\, investigate suspicious behavior\, and turn discoveries into stronger defenses. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive\, effective defender. \n\n\n\n\nLearn more about the Threat Hunting Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nLauren Proehl\n\n\n\n\nBio\n\n\n\nLauren Proehl leads detection and response globally at Marsh\, overseeing the full lifecycle from threat intelligence through incident response and red teaming. She is co-founder of THOR Collective\, a practitioner-driven cybersecurity collective\, and has spent her career identifying and disrupting cyber adversaries across Fortune 500 networks — from data breaches to targeted intrusions. She now works to define some part of the limitless unknowns in cyberspace and make cybersecurity less abstract and more tangible. Lauren sits on the CFP board for BSides Kansas City\, serves on the board of Urban Trail Co.\, and tries to escape computers by running long distances in the woods.  \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/threat-hunting-summit-talk-fast-track-reports-into-ready-made-hypotheses-with-ai/
CATEGORIES:Threat Hunting
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/04/TH-Summit-Talk_Lauren-Proehl_Fast-track-Reports.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260617T153000
DTEND;TZID=America/New_York:20260617T162000
DTSTAMP:20260418T061226
CREATED:20260416T194823Z
LAST-MODIFIED:20260417T135734Z
UID:10000949-1781710200-1781713200@www.antisyphontraining.com
SUMMARY:Threat Hunting Summit Keynote: Defending AI: Organized Musings on Securing AI Agents for Cybersecurity
DESCRIPTION:With Jason Haddix \n\n\n\n\n\n\n\nAre you securing your AI agents\, or just hoping the system prompt holds? \n\n\n\nAs AI agents move from prototypes into production\, most security programs are still treating them like traditional apps or opaque black boxes – and that gap is where real risk is emerging. \n\n\n\nJoin Jason Haddix\, CEO and “Hacker in Charge” at Arcanum Information Security\, as he lays out a practical architecture for defending AI agents based on real-world assessments and organizing controls across the full ecosystem: application design and tool boundaries\, system prompt hardening\, and intermediate guardrails and classifier-based protections. \n\n\n\nHe’ll cover how attacks actually manifest across these layers\, the best security practices and common missteps seen in development teams\, and where open-source defensive tooling fits today. \n\n\n\nThe focus of this talk is pragmatic: giving defenders a usable mental model\, concrete configurations\, and the tradeoffs they need to understand to make AI systems survivable in production. \n\n\n\nIf you’re building or defending AI systems\, this is the playbook you’ll want to have. \n\n\n\n\nRegister Here\n\n\n\n\nChat with your fellow Threat Hunting Summit attendees in the Antisyphon Discord server: https://discord.gg/antisyphon \n\n\n\n\n\n This talk is part of the Antisyphon Training Threat Hunting Summit\, a free\, six-hour\, live virtual event designed to give you a practical\, real-world look at how cyber threat hunters detect stealthy adversaries\, investigate suspicious behavior\, and turn discoveries into stronger defenses. \n\n\n\nFor those who want to go further\, multiple hands-on\, high-quality\, and affordable training courses are available June 18-26 to help you sharpen your skills and become a more proactive\, effective defender. \n\n\n\n\nLearn more about the Threat Hunting Summit\n\n\n\n\nSee the entire Antisyphon Training Course Catalog for affordable cybersecurity training!  \n\n\n\n\n\n\n\nAbout the Instructor\n\n\n\nJason Haddix\n\n\n\n\nBio\n\n\n\nJason Haddix\, also known as jhaddix\, is the CEO and “Hacker in Charge” at Arcanum Information Security. Arcanum is a world-class assessment and training company.  \n\n\n\nJason has had a distinguished 20-year career in cybersecurity\, previously serving as CISO of FLARE\, CISO of Buddobot\, CISO of Ubisoft\, Head of Trust/Security/Operations at Bugcrowd\, Director of Penetration Testing at HP\, and Lead Penetration Tester at Redspin. He has also held positions doing mobile penetration testing\, network/infrastructure security assessments\, and static analysis. Jason is a hacker and bug hunter and is currently ranked 57th all-time on Bugcrowd’s bug bounty leaderboards. Currently\, he specializes in recon\, web application analysis\, and emerging technologies. Jason has also authored many talks on offensive security methodology\, including speaking at conferences such as DEFCON\, Bsides\, BlackHat\, RSA\, OWASP\, Nullcon\, SANS\, IANS\, BruCon\, Toorcon and many more.   \n\n\n\n\n\n\n\n\n\n\n\n\n 
URL:https://www.antisyphontraining.com/event/threat-hunting-summit-keynote-defending-ai-organized-musings-on-securing-ai-agents-for-cybersecurity/
CATEGORIES:Threat Hunting
ATTACH;FMTTYPE=image/avif:https://www.antisyphontraining.com/wp-content/uploads/2026/04/TH-Summit-Keynote_Jason-Haddix_Defending-AI.avif
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260629T120000
DTEND;TZID=America/New_York:20260702T160000
DTSTAMP:20260418T061226
CREATED:20251215T173433Z
LAST-MODIFIED:20260116T164801Z
UID:10000868-1782734400-1783008000@www.antisyphontraining.com
SUMMARY:Active Defense and Cyber Deception with John Strand
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/active-defense-and-cyber-deception-with-john-strand-6/
CATEGORIES:Blue Team,Featured,Pay What You Can
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/New_York:20260901T140000
DTEND;TZID=America/New_York:20260906T160000
DTSTAMP:20260418T061226
CREATED:20251107T141232Z
LAST-MODIFIED:20260304T155435Z
UID:10000835-1788271200-1788710400@www.antisyphontraining.com
SUMMARY:Professionally Evil CISSP Mentorship Program
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/professionally-evil-cissp-mentorship-program-5/
CATEGORIES:CISSP Training,Pay What You Can,SecureIdeas
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T080000
DTEND;TZID=America/Denver:20261009T203000
DTSTAMP:20260418T061226
CREATED:20260203T225118Z
LAST-MODIFIED:20260203T225118Z
UID:10000894-1791273600-1791577800@www.antisyphontraining.com
SUMMARY:Wild West Hackin' Fest Deadwood 2026
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/wild-west-hackin-fest-deadwood-2026/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T225617Z
LAST-MODIFIED:20260203T230452Z
UID:10000895-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Active Directory Security and Hardening
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/active-directory-security-and-hardening/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T225931Z
LAST-MODIFIED:20260203T230448Z
UID:10000896-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Attacking and Defending AI
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/attacking-and-defending-ai/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T225936Z
LAST-MODIFIED:20260203T230444Z
UID:10000898-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Advanced Endpoint Investigations
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/advanced-endpoint-investigations/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230034Z
LAST-MODIFIED:20260203T230439Z
UID:10000897-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Breaching the Cloud with Beau Bullock
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/breaching-the-cloud-with-beau-bullock-7/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230203Z
LAST-MODIFIED:20260203T230426Z
UID:10000899-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Cybersecurity Incident Command
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/cybersecurity-incident-command-2/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230212Z
LAST-MODIFIED:20260203T230421Z
UID:10000900-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Defending M365 and Azure with Kevin Klingbile
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/defending-m365-and-azure-with-kevin-klingbile-2/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230218Z
LAST-MODIFIED:20260203T230418Z
UID:10000901-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Enterprise DFIR Investigations: Ransomware & APT Attacks
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/enterprise-dfir-investigations-ransomware-apt-attacks/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230507Z
LAST-MODIFIED:20260203T230507Z
UID:10000902-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Foundations of Security Operations with Hayden Covington
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/foundations-of-security-operations-with-hayden-covington-2/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230515Z
LAST-MODIFIED:20260203T230515Z
UID:10000903-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Fundamentals of Android Application Security Testing
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/fundamentals-of-android-application-security-testing/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230523Z
LAST-MODIFIED:20260203T230523Z
UID:10000904-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Fundamentals of Cybersecurity: Threats & Defenses
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/fundamentals-of-cybersecurity-threats-defenses/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230530Z
LAST-MODIFIED:20260203T230530Z
UID:10000905-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Hacking and Defending Satellite Infrastructure
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/hacking-and-defending-satellite-infrastructure/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230718Z
LAST-MODIFIED:20260203T230718Z
UID:10000906-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Hands-On AI Security Risk Assessment
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/hands-on-ai-security-risk-assessment/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230720Z
LAST-MODIFIED:20260203T230720Z
UID:10000907-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Intro to IoT Hacking
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/intro-to-iot-hacking/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230722Z
LAST-MODIFIED:20260203T230722Z
UID:10000908-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Network Forensics and Incident Response
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/network-forensics-and-incident-response-2/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T230725Z
LAST-MODIFIED:20260203T230725Z
UID:10000909-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Next Level OSINT with Mishaal Khan
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/next-level-osint-with-mishaal-khan-3/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T231230Z
LAST-MODIFIED:20260203T231230Z
UID:10000910-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Offense for Defense
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/offense-for-defense/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T231232Z
LAST-MODIFIED:20260203T231232Z
UID:10000911-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Penetration Testing: Beyond the Basics
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/penetration-testing-beyond-the-basics/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260203T231234Z
LAST-MODIFIED:20260203T231234Z
UID:10000912-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:PowerShell for InfoSec: What You Need to Know
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/powershell-for-infosec-what-you-need-to-know/
END:VEVENT
BEGIN:VEVENT
DTSTART;TZID=America/Denver:20261006T083000
DTEND;TZID=America/Denver:20261007T170000
DTSTAMP:20260418T061226
CREATED:20260225T182357Z
LAST-MODIFIED:20260225T182450Z
UID:10000921-1791275400-1791392400@www.antisyphontraining.com
SUMMARY:Threat Hunting & Incident Response with Velociraptor
DESCRIPTION:
URL:https://www.antisyphontraining.com/event/threat-hunting-incident-response-with-velociraptor-2/
END:VEVENT
END:VCALENDAR