2026-04-25 –, Track 1
Modern cyber operations generate massive, high‑dimensional data, alerts, asset inventories, scan results, DNS and TLS telemetry, threat intel feeds, and more—yet most teams still force this data into legacy, row‑and‑column patterns that were never designed for AI‑driven analysis. This talk presents a practical approach to modernizing, vectorizing, and visualizing your cyber operations data using the Qdrant vector database as the core of a next‑generation threat intelligence and recon platform.
We will walk through how to transform cyber data (from tools like Nmap, Amass, sslscan, passive DNS, other pentesting tools, and OSINT sources) into embeddings that capture semantic relationships—between assets, indicators, behaviors, and attack paths—instead of just static fields. Once vectorized, Qdrant enables fast similarity search, context‑aware pivoting (e.g., “find assets with high potential of being compromised”), and automated clustering for campaign or infrastructure grouping. On top of that, we will show how to leverage Qdrant’s filtering and metadata capabilities to combine classic threat hunting (by IP, ASN, tags, exposure) with vector search workflows for ease of analysis.
Red Team operator with experience breaching enterprise environments through sophisticated network, web application, API exploitation campaigns. Kevin Figueroa specializes in full-scope penetration testing, living-off-the-land techniques, and custom tooling development. Passionately tracking adversary TTPs while weaponizing AI and vector databases for automated attack path discovery and payload generation to expose and close critical gaps in organizational defenses.
Dickson Kwong is a Senior Information Security professional with over a decade of experience in red teaming and blue teaming. Work experience spans from financial institutions, US government agencies, and technology startups.