Cybersecurity is a unique community where certifications weigh equal college degrees, hands-on experience rules the roost, and there's multiple entryways to the Ring. But...which direction should you choose? We'll settle this once-and-for-all with a good old Tag Team matchup!
Tonight, for our main card event: Traditional vs. Non-Traditional Entries into Cybersecurity!

Information Security is an important part of a maturing business. As such, we need to treat it seriously, which means measuring its effectiveness. What should you measure? How should you measure it? And, most importantly, how should you think about measuring, as a concept? Come listen to this talk to find out.

Discover the world of Wireless! From traditional Wi-Fi networks, wireless peripherals, and Bluetooth devices to the broader spectrum of sensors, IoT, and OT, we'll discuss understanding a full signal profile. Set your eyes and ears to RX, keep the TX down to the noise floor, and gain insights on crafting a signals intelligence profile to monitor, attack, or defend your invisible infrastructure.

"The Digital Certificate is like your Driver's License"
Well I wouldn't want my driver's license posted publicly. What's a better way to think about it?
This short talk goes into some common misconfigurations of Digital Certificates found in the wild.
And maybe, just maybe, a better way to describe these to non-technical folks.

The long-anticipated Cybersecurity Maturity Model Certification (CMMC) 2.0 is no longer just a proposal—it’s officially implemented. Now, defense contractors, subcontractors, and public institutions handling Federal Contract Information (FCI) and Controlled Unclassified Information (CUI) must navigate compliance under a rapidly evolving landscape. But what does this mean in practice?

Building from last year's session, this session will break down the immediate impacts of CMMC implementation, what companies are facing right now, and what's coming next as enforcement ramps up.

Have you ever wondered what kind of secrets are floating around in IoT devices in your life? As "smart" IoT devices become more and more ubiquitous you might have some concerns about the amount of effort these companies are putting into the "security" of these devices and their infrastructure, as well as what kind of data they are picking up and sharing, and the possible consequences of this.

"Are AI agents worth the hype?

In this talk, we’ll explore the tangible impact of AI agents in cybersecurity, focusing on how they can be used to automate proactive security workflows at scale.

AI agents can be used to augment traditional human-driven processes to identify, assess, and remediate vulnerabilities. We’ll highlight real world case studies to show where AI agents excel, where they fall short, and lessons I've learned along the way.

We'll also discuss the technical challenges of implementing agentic security solutions, from managing hallucinations, building human-in-the-loop workflows, to integrating agents with existing security datasets for improved performance. We’ll also discuss the broader implications for security teams -- how AI-driven automation is shifting the role of human analysts and changing the way organizations approach cyber resilience."

As the manufacturing industry embraces digital transformation, the line between Information Technology (IT) and Operational Technology (OT) is blurring. This convergence brings new opportunities—and significant challenges. While IT security principles like Zero Trust, network segmentation, and patch management offer valuable insights, their direct application in OT environments can create unexpected risks and operational disruptions.

In this talk, we’ll explore how IT and OT are merging, discuss which IT security strategies translate well to industrial environments, and highlight the critical differences that make a one-size-fits-all approach impossible. With real-world examples from the factory floor, we'll examine where IT and OT can learn from each other—and where they must remain distinct to ensure both security and uptime.

In this talk, we’ll explore real-world attack scenarios, recent security incidents, and live demonstrations to show how LLM-based systems are being abused.

Attendees will gain practical insights on exploitation techniques, the latest adversarial AI tactics, and defensive strategies that can be implemented to secure LLM applications.

Pentesting is meant to uncover security weaknesses, but sometimes the process itself becomes an exercise in frustration. From unclear scopes and unresponsive clients to network misconfigurations and unexpected legal roadblocks, every pentester has war stories of engagements gone wrong. This talk dives into real-world pentesting pain points, sharing firsthand experiences of what makes assessments more difficult than they need to be—and how to avoid these pitfalls.

Whether you’re a seasoned pentester, a blue teamer trying to prepare for a test, or a purple teamer bridging the gap, understanding these challenges can help ensure your next engagement is smoother and more effective. We’ll cover the most common mistakes from all sides of the table, such as poor scoping, lack of communication, ineffective remediation, and unrealistic expectations.

Beyond just the horror stories, this session provides actionable lessons to help security teams and consultants work together more efficiently. Learn how to avoid common traps, improve collaboration, and turn painful experiences into opportunities for a more productive outcome.

Safety has been at the forefront of civil aviation since the formalization of safe software development standards. These standards had be developed by the Radio Technical Commission for Aeronautics (RTCA) and were first released in 1981. For the next two decades, the aviation industry continued to develop safety standards for both hardware and systems design . Soon, aviation found that aircraft were becoming flying data centers with increasing levels of connectivity to match. (Reword)

Aviation has extensive data, processing capability, and global connectivity, but how does security fit into aviation?

In this talk, participants will learn about how Safety and Security is applied to aviation system design and how they interact in non-obvious ways with one another. We'll define the real, legal, definition of Safety, and you'll learn about the importance of acronyms like Design Assurance Levels (DAL) and Security Assurance Levels (SAL). Most importantly, we'll walk through a simple system analysis to demonstrate how security threats can impact system safety. In the end, you'll have a new perspective on how objective-based systems design can help security teams draw links between threats and their respective impacts regarding operations.

Organizations used to believe that threats stopped at the firewall. As we’ve become more remote and connected, we know that is far from true. Web browsers are now the primary interface allowing for interaction with your most sensitive data from anywhere. Are extensions a hidden threat to your users?

This talk explores the use of open-source tools to enhance incident response capabilities. We'll cover a range of free, robust tools that can be integrated into your IR plan. Attendees will learn how these tools help in preparing for, detecting, and responding to incidents efficiently, highlighting their cost-effectiveness and flexibility through real-world examples.

Dragon riders - grab your flight leathers and let’s strap in for Detection flight school. What makes for a fire(breathing) detection? Where should we even start? We will dive in, discussing head to wings to tail, on how to create high fidelity detection logic - whether you’re protecting a few resources or a few thousand. We will discuss tying in the MITRE ATT&CK framework, choosing the right sources for detection, and testing the logic with the open-sourced Atomic Red Team framework.

Over the years, Kubernetes has grown massively in popularity with developers and IT teams. Has your security team grown with them? When a security incident happens within a Kubernetes environment do you know how to unpack the events in order to gain insight into the scope and impact of a security incident? In this session we will walk through a Kubernetes investigation from runtime alert to root cause. Throughout the presentation we will be uncovering the attacker's behavior and the resulting impact from that behavior. Along the way we will discuss some unique features of Kubernetes that can be very powerful when conducting an investigation.

How to go about planning and building a Homelab that is responsive and in most cases already aware of external threats. This covers initial high over view build plan, but dives however deep into using an Open Source tool called CrowdSec to parse events and connect the parts of an existing network / home-lab to this perimeter maintainer. We will cover some lessons learned in getting this to work as well as integrating local and external CrowdSec installs under one main Engine to have a Multi-Server setup.