May 14, 2025
8 AM - 5 PM
Monona Terrace | 1 John Nolen Dr, Madison, WI 53703
As automation, machine learning, and AI reshape cybersecurity, industry leaders will dive into the risks, innovations, and strategies to stay ahead in this ever-changing digital battlefield. Don't miss this opportunity to connect with experts, gain actionable insights, and prepare for the next era of cyber resilience.
More details to come.
Event welcome and introduction to the day's schedule.
A data scientist has joined a team of cybersecurity experts. He knows next to nothing about cybersecurity. But the world of cybersecurity is suddenly fixated on artificial intelligence. Every cybersecurity vendor is talking about their new AI-powered capabilities. A data scientist wants to tell you, what do these vendors really mean when they say AI?
Recently, a report was released that indicated that nearly 90% of enterprise GenAI use in an enterprise environment is done without proper IT oversight. This is the modern equivalent of Shadow IT, a battle that network defenders have been fighting since the inception of time. We thought we had the problem under control. We thought better monitoring and logging would prevent things like this. We thought we had the technical measures in place to prevent this. We were wrong. A statistic that high indicates a need to rethink enterprise security on all fronts. Like it or not, AI is here to stay…so how can we adapt and overcome this time?
Despite years of security training, password policies, and technical controls, users are still choosing bad passwords and handing them over to attackers. In this talk, we'll share what we've learned from the past seven years of real-world security assessments:
- How password complexity and user behavior are evolving
- Why some policies make things worse
- How attackers are adapting through the more efficient use of technology.
You'll see how we use comprehensive wordlists, advanced rulesets, and — increasingly — AI to break even well-crafted credentials. But the problem doesn't stop at passwords. We'll also explore how phishing techniques are evolving thanks to AI and how even MFA can be phished and bypassed.
To wrap up, we'll share practical, forward-looking recommendations:
- How to fix your organization's security culture problem
- How to implement password policies that frustrate attackers, not your users
- How to choose phishing-resistant authentication methods
Whether you're managing a mature security program or still wrangling weak passwords, this talk will give you actionable insight into what's working, what's not, and what's next.
Session description to come.
Session description to come.
How we learned the potential of "nothing" to solve problems classical computers couldn't solve in a million years and we only had to commit scientific heresy to do it.
In the modern Security Operations Center (SOC), the challenge isn’t choosing between human analysts and AI-driven tools—it’s learning how to harness both effectively. This session explores how to process overwhelming volumes of cybersecurity data into actionable intelligence by combining human insight with machine efficiency. Attendees will gain insights into building workflows that empower entry-level talent, enhance decision-making, and cultivate a next-generation SOC where humans and machines work in true partnership. Perfect for those looking to strengthen their cyber teams and better navigate today’s complex threat landscape.
In this talk you'll learn how to deliver security automation quickly using AI tools, even if software development isn't your day job. The demand for automation often outstrips the capacity to create it -- how do we catch up?
The role of IT security is constantly evolving, especially in today’s hybrid enterprise environments. When reporting to the C-suite, it is essential to include not only how the company manages change visibility and complexity but also how it ensures the security policies that govern these systems are well-maintained and effective. Cybercriminals often exploit misconfigurations, human errors, and exposed vulnerabilities—issues that can arise from both unnecessary complexity and poor policy hygiene. These vulnerabilities often go unnoticed in complex, rapidly changing environments.
In this presentation, we will discuss strategies to reduce complexity while enhancing security visibility, particularly through the lens of attack surface management. A critical aspect of managing the attack surface is maintaining clean and well-managed enforcement security policies. Real-time Life Cycle Management of network security policies help eliminate gaps in coverage, misconfigurations, and outdated controls that threat actors frequently target. By combining policy hygiene with automation and comprehensive change visibility, organizations can reduce the opportunity for exploitation and proactively secure their ever-expanding attack surface. Ultimately, simplifying the security landscape, along with maintaining robust security policies, not only improves visibility but also strengthens the organization’s defenses against evolving threats.
Presented By: Adrian Diaz, Technical Director - Unit 42
In a world where cyberattacks are intensifying daily, AI-driven techniques and calculated disruptions from adversaries are redefining how organizations must approach cybersecurity.
In 2024, the Unit 42® Incident Response team handled 500+ of the world’s largest cyberattacks, 86% of which directly impacted business operations. Leveraging insights from these incidents, the 2025 Unit 42 Global Incident Response Report delivers an in-depth analysis of the evolving threat landscape and attacker's tactics and techniques.
Join Adrian Diaz, Technical Director of Unit 42 Palo Alto Networks, as he discusses the findings and explore:
The increasing speed of attacks: Understand how attackers leverage AI and advanced tactics to reach exfiltration within an hour, leaving minimal time to respond.
Evolving attack techniques: Discover how 70% of incidents now span three or more attack surfaces, emphasizing the need for holistic security across endpoints, networks, cloud environments and human factors.
Key emerging threat trends: Explore the rise of disruptive extortion, supply chain vulnerabilities, insider threats and AI-assisted attacks, and how they impact organizations across industries.
Experience the next frontier of cybersecurity at Mortal vs Machine, where cutting-edge technology meets human expertise. At the heart of this electrifying competition is Purple AI, SentinelOne’s revolutionary AI security analyst that propels security operations to unprecedented heights.
In a series of dynamic matchups, Mortal vs Machine pits seasoned security professionals against audience volunteers—each equipped with the rapid, AI-driven capabilities of Purple AI. The question is simple yet game-changing: can advanced, AI-augmented threat detection outperform the nuanced insights of human analysts?
Purple AI reshapes traditional security practices—like threat hunting and incident investigations—by transforming them into intuitive, natural-language conversations. Its advanced generative AI empowers users of any skill level to uncover hidden threats, analyze complex logs, and detect anomalies through straightforward prompts. Even those new to query languages can instantly investigate potential breaches with confidence.
Picture the synergy: experienced security veterans facing off against volunteers augmented by Purple AI. Participants witness firsthand how effortlessly Purple AI streamlines threat investigations—often outpacing the speed and accuracy of experts. Each session is a testament to Purple AI’s power, drawing massive crowds and generating buzz at high-profile events like Black Hat and RSA.
The Mortal vs Machine competition showcases Purple AI as a force multiplier that dramatically reduces mean time to detect and respond. By removing the hurdles of complex query languages and accelerating threat analysis, Purple AI positions itself as an essential ally for security teams.
Step into this immersive experience to see, participate, and compare the difference between conventional threat hunting and a future driven by AI. With Purple AI, your SOC operations will never be the same—enjoy faster, more precise threat detection, comprehensive data protection, and robust privacy protocols.
Join us at our next Mortal vs Machine event to discover how Purple AI can revolutionize your security operations—smarter, faster, and more efficient than ever before. Embrace autonomous cybersecurity with SentinelOne’s Purple AI and experience how human expertise measures up against machine intelligence.
This talk will present a practical guide to leverage Large Language Model (LLM) code generation for IT and Security professionals. A real world security incident will be used as an example problem to explore the technique, with particular emphasis given to how to trust code that was written by an LLM.
Modern DNS has come a long way from RFC882-883 in 1984. The worlds largest distributed database has become a mass surveillance and marketing tool and way to circumvent security controls. Carriers are selling your DNS data for marketing purposes. Threat actors use DNS for command-and-control and data exfiltration. How can an enterprise best protect itself?
Cloud AI products face many of the same IT security challenges that SaaS solutions have for decades. As well as brings new IT security challenges. An overview of SaaS security, the tooling, and the how these ideas are changing with the introduction of Cloud AI.
AI models like DeepSeek, Grok, and ChatGPT are rapidly evolving, pushing the boundaries of technology while introducing new challenges for data security. How can organizations harness the power of AI while ensuring compliance and protecting sensitive data? This session delves into strategies for data security tailored to the risks and opportunities of AI. Join us to learn: emerging trends in AI and how to safely integrate these tools into your enterprise environment, Best practices for securing data in the era of generative AI, How a top retail organization leveraged GenAI for enhanced security.
In today’s rapidly evolving digital landscape, organizations must balance cost optimization with robust security while also reducing complexity and unlocking the full value of their data to stay competitive. This session explores real-world examples of organizations that have streamlined their technology stacks, simplified operations, and advanced business outcomes—without sacrificing security or performance. We'll dive into: - key innovations, form actionable threat intelligence to post-quantum cryptography considerations, and showcase strategies for securing applications, networks, and remote workforces, - How modern security solutions can only fortify your defenses but also simplify infrastructure, reduce operational overhead, and extract meaningful insights from data to drive smarter business decisions.
What does AI governance look like in the current regulatory environment? This talk examines various themes on governing AI, and attempts to make practical recommendations in an absence of regulatory guidance.
