Note: We're still finalizing the official schedule, but the following talks have been confirmed! Check back closer to the event for a full list of talks, times, and tracks.
In today’s organizations, the greatest vulnerability isn’t always in the network — it’s in communication. Security and IT professionals routinely identify serious risks that leadership ignores, minimizes, or delays. This talk explores how technical experts can navigate the political landscape of their organizations to turn warnings into action. Drawing from real-world experience in incident response and executive leadership, Jonathan shares practical strategies for building influence, framing messages that leadership actually hears, and surviving the frustrating gap between technical truth and executive decision-making.
In 1985, a software race condition in a radiation therapy device called the Therac-25 began quietly killing cancer patients by delivering radiation doses up to 100 times the therapeutic level. Six patients were overdosed, and three died. The root cause was nothing exotic: reused code, removed hardware interlocks, a single unreviewed programmer, and a manufacturer so confident in their software that they dismissed every patient complaint for nineteen months.
Almost fourty years later, the healthcare sector is deploying millions of connected medical devices such as insulin pumps, infusion systems, patient monitors (telemetry), diagnostic imaging, connected laboratory equipment and implantables. A surprising amount of which repeat every structural failure that the Therac-25 made famous. Software-only safety controls. Legacy firmware reused without re-testing. Security alert fatigue.
This talk takes attendees inside the Therac-25 Affair with deep technical details of the race conditions, the integer overflows, the missing hardware interlocks, and the regulatory blind spots.
Security teams are drowning in alerts while attackers are rapidly adopting automation and AI to accelerate reconnaissance, exploitation, and lateral movement. The future battlefield is no longer human vs. human — it is autonomous offense vs. autonomous defense.
This session explores the emergence of agentic AI security platforms capable of independently observing environments, making decisions, executing actions, and continuously adapting in real time. Attendees will see how offensive agents can autonomously discover assets, chain attack paths, validate exploitability, and pressure-test security controls — while defensive agents simultaneously detect behavioral anomalies, initiate containment, and execute incident response without waiting for human approval.
Rather than theoretical AI discussions, this talk focuses on operational architecture and real-world design patterns, including:
Attendees will leave with a clear blueprint for transitioning from reactive SOC models to self-driving security operations, along with a practical understanding of the risks, governance requirements, and strategic advantages of agentic AI.
If you believe attackers will automate faster than defenders — this session will show you how to reverse that equation.
“Everyone has a plan until they get punched in the face.” Mike Tyson’s line sums up incident response better than any manual. You can draft the neatest IR plan in the world, but unless you have practised taking the hit, it will fold the moment reality lands a blow.
This talk is about building muscle memory before the breach. You will walk away with five practical steps to turn dusty plans into lived experience. These steps will minimise damage and improve your chances of getting back to BAU in a timely way. Remember, the best response isn’t necessarily the fastest, it’s the one that is the most coherent, calm, and well managed. Key takeaways:
Dysentery, snake bites, and drowning—classic ways to die in Oregon Trail. But how do you “die” in application development? Simple: a day-zero breach or cyberattack. Just one successful breach can land your organization on the front page of the news.
The question is: can you prevent it?
Yes.
Today, open source components make up 90% of modern application dependencies. With the software industry’s reliance on open source, it’s critical to choose well-maintained, community-driven projects to withstand disasters like Log4j.
In this session, learn how attackers embed malicious code that evades sandbox detection or masquerades as legitimate vendor software. We’ll explore real-world examples, from Log4j vulnerabilities to state-sponsored malware in macOS Flutter apps, dissecting what went wrong.
Discover emerging technologies that assess software risks without relying on source code, like automated static binary analysis and black-box testing. Gain actionable insights and best practices to uncover hidden threats in your software supply chain.
