Fall Cyber Solutions Fest 2025: AI Track

Thu, Nov 6, 2025
9:30AM - 3:20PM EST
English
Matt Bromiley
Solutions Forum

Thank You To Our Sponsors

Artificial Intelligence is no longer just a futuristic concept—it's a powerful driver of innovation across industries. In this webcast, we explore the latest breakthroughs in AI, including advancements in machine learning, generative models, and intelligent automation. Join leading experts as they discuss how AI is transforming business operations, enhancing decision-making, and creating new opportunities for growth.

Attendees will gain insights into:

Emerging trends and technologies shaping the AI landscape
Real-world applications and case studies from diverse sectors
Best practices for integrating AI into existing systems
Ethical considerations and responsible AI development

Whether you're a business leader, developer, or researcher, this session offers practical knowledge and strategic perspectives to help you navigate the rapidly evolving world of AI.

Get Connected —> Join us on Slack!

Full Fall Cyber Solutions Fest Track List:

Emerging Technologies Track | Nov 4
Cloud Identity and Access Management Track | Nov 5
SOC Track | Nov 5
Threat Track | Nov 6
AI Track | Nov 6

Schedule

Showing 14 of 14

Filter by:

Select day:

Event Kickoff

09:30AM - 09:45AM EST

Presented by

Matt Bromiley

Certified Instructor

Virtual

Agentic Defense 360°: Closing Every AI Security Gap

According to Gartner, by 2028 over 95% of enterprises will have used Generative AI APIs or models, or deployed GenAI-enabled applications in production. In the meantime, security leaders face a rapidly evolving threat landscape, rising expectations, and the challenge of balancing innovation with risk management.

Join Elad Schulman’s session to learn how to navigate this fast-moving AI security landscape. We will present a transformative approach using next-generation Agentic Purple Teaming solutions, combining Red Teaming and Blue Teaming for AI.

Key Takeaways: See a live demo showcasing how to identify and remediate vulnerabilities across agentic and generative AI environments. Experience Lasso’s Purple Teaming in action, closing security gaps across agentic and generative AI. Learn strategies to proactively secure AI agents, enforce compliance, and turn complex AI risks into a fully managed defense.

*Sponsored by Lasso Security

09:45AM - 10:15AM EST

Presented by

Elad Schulman

CEO and Co-Founder

Virtual

MCP and the AI Security Crossroads: Build, Buy, or Breach by Proxy

Artificial Intelligence has taken the cybersecurity community by storm, fundamentally changing how we think about both threats and defenses. Malicious actors are leveraging AI with increasingly devastating results, yet we still lack a consistent, secure playbook for defending against them using these same powerful tools. Join this presentation as we cover strategies and perspectives on AI and the long-term implications for security teams.

*Sponsored by DefectDojo

10:15AM - 10:45AM EST

Presented by

Greg Anderson

CEO

Virtual

Securing the AI Revolution: A New Open Protocol for Cross-Application Access

AI is fundamentally changing how applications are built, but this shift introduces new security challenges such as identity blind spots and hidden user consent. Okta has worked with leading industry partners to develop a new open extension to OAuth, named Cross App Access (XAA), to directly address these AI security risks.

This session will provide an overview of XAA, a proposed standard currently under review, and its value in accelerating AI adoption.

Specific Takeaways:

Why this topic matters now: As AI adoption accelerates, a standardized approach is needed to secure new machine-to-machine interactions.
What Okta does differently: Okta’s work on the XAA specification provides a standards-based solution to secure AI and API ecosystems.

What attendees will walk away with:

How to simplify AI security by leveraging an extension to an existing, trusted standard
How to prevent over-privileged token sprawl
How to contribute to the future of AI security by learning about the Oasis working group.

*Sponsored by Okta

10:45AM - 11:15AM EST

Presented by

Aaron Berman

Principal Solutions Architect

Virtual

Break

11:15AM - 11:30AM EST

Virtual

Secure Vibe Coding: Real-Time AI Guardrails with Semgrep MCP

Vibe coding with AI tools like Cursor is changing how software gets written: natural language in, working code out. But with that speed comes real risk. AI models are trained on massive public repos that often lack secure patterns, and they generate more code than ever before, frequently bypassing the security standards your team worked hard to define. Semgrep’s Model Context Protocol (MCP) server brings security into the loop. It gives your team a seat at the table, right alongside the developer and their AI copilot, by delivering real-time feedback as code is generated. That means you can scale your security coverage without needing to grow your AppSec team one-to-one with engineering. AI moves fast, and now security can too.

*Sponsored by Semgrep

11:30AM - 12:00PM EST

Presented by

Erik Buchanan

Head of AI

Jack Moxon

Staff Product Manager

Virtual

Securing the Rise of Agentic Identities: From Visibility to Governed Access

As organizations increasingly deploy AI agents to automate and augment human workflows, security, compliance, and operational challenges arise. AI agents and non-human identities (NHIs) and are fast becoming a dominant part of the identity landscape and its most significant blind spot—outnumbering human identities by orders of magnitude.

Yet, many IAM programs remain under-prepared for these dynamic, and autonomous identities.

In this session, we’ll explore how to:

Discover and classify the AI agents and NHIs running in your environment.
Implement a robust governance framework for AI agent deployment and operations.
Leverage new technologies to deploy agentic AI safely with secure-by-design guardrails like just-in-time access.
Secure your AI-powered future without stifling innovation.

*Sponsored by Astrix Security

12:00PM - 12:30PM EST

Presented by

Jonathan Sander

Field CTO

Virtual

Agentic AI in Elastic Security: From Triage to Response

Security teams are under pressure to do more with less—AI features too often show up as a "black box" or as add-ons practitioners can't trust.

In this session, you'll see how Elastic Security takes a different approach: AI that is built-in, transparent, and designed to help with the work you do every day. We'll dive into practical use cases where predefined agents already accelerate tasks like triage, enrichment, and guided response, and preview what's coming next in Elastic's agentic roadmap.

*Sponsored by Elastic

12:30PM - 01:00PM EST

Presented by

James Spiteri

Director of Product Management

Virtual

Break

01:00PM - 01:15PM EST

Virtual

Fact or Fiction: AI Pentesting Hype vs Reality

AI is set to redefine offensive security, but it's critical to separate marketing hype from operational reality. Join this pragmatic briefing to cut through the hype of agentic AI pentesting to examine what today’s technology can actually deliver, from automating triage of findings to augmenting human testers, and explore how to balance these new AI-driven methods with traditional expert-led approaches.

You’ll learn how to:

Separate hype from reality by understanding the true capabilities and limitations of AI in pentesting today.
Apply AI to automate vulnerability triage, freeing your experts to focus on high-impact discovery.
Build a strategic framework for combining AI-powered automation with human ingenuity to maximize efficiency and threat detection.
Prepare your offensive security program for the next wave of AI-driven tools and methodologies.

*Sponsored by Cobalt

01:15PM - 01:45PM EST

Presented by

John McShane

Principal Product Manager for AI and Data Science

Virtual

AI-Driven Adversary Emulation: From Threat Intel to Security Validation

Security teams drown in threat intelligence, yet manually translating this data into actionable tests to validate defenses is slow and inconsistent, leaving critical gaps.

This session introduces an AI-driven engine that automates adversary emulation, converting unstructured intel from CISA alerts to research blogs into ATT&CK-mapped attack scenarios in minutes.

Attendees will leave with a practical roadmap to implement this workflow, shifting their teams from reactive defense to a proactive, evidence-based security posture.

*Sponsored by Picus Security

01:45PM - 02:15PM EST

Presented by

Volkan Erturk

Co-Founder and CTO

Virtual

TBD

02:15PM - 02:45PM EST

Virtual

CISO Perspective on Agentic AI Security and Deconstructing ForcedLeak

As organizations rapidly deploy AI agents, understanding the unique attack surface they create is critical for security leaders.

This session examines the ForcedLeak vulnerability (CVSS 9.4) discovered in Salesforce Agentforce, demonstrating how attackers can leverage content security policy weaknesses, indirect prompt injection, and human-AI interaction patterns to extract and exfiltrate sensitive enterprise data.

Drawing from Noma Security research, CISO Diana Kelley will walk through the complete attack chain and reveal practical lessons about the four critical security boundaries that failed. Attendees will gain actionable guidance for secu ring agentic AI and understanding the expanded threat landscape that autonomous AI agents introduce to enterprise environments.

*Sponsored by Noma Security

02:45PM - 03:15PM EST

Presented by

Diana Kelley

CISO

Virtual

Closing Remarks

03:15PM - 03:20PM EST

Presented by

Matt Bromiley

Certified Instructor

Virtual

Meet Your Speaker

Matt Bromiley

Security R&D

Matt Bromiley is a Lead Solutions Engineer at LimaCharlie and SANS Certified Instructor. He serves as a GIAC Advisory Board member, a SME for the SANS Security Awareness, and a technical writer for the SANS Analyst Program.

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

Fall Cyber Solutions Fest 2025: AI Track

Share

Thank You To Our Sponsors

Get Connected —> Join us on Slack!

Full Fall Cyber Solutions Fest Track List:

Schedule

Event Kickoff

Agentic Defense 360°: Closing Every AI Security Gap

MCP and the AI Security Crossroads: Build, Buy, or Breach by Proxy

Securing the AI Revolution: A New Open Protocol for Cross-Application Access

Break

Secure Vibe Coding: Real-Time AI Guardrails with Semgrep MCP

Securing the Rise of Agentic Identities: From Visibility to Governed Access

Agentic AI in Elastic Security: From Triage to Response

Break

Fact or Fiction: AI Pentesting Hype vs Reality

AI-Driven Adversary Emulation: From Threat Intel to Security Validation

TBD

CISO Perspective on Agentic AI Security and Deconstructing ForcedLeak

Closing Remarks

Meet Your Speaker

Matt Bromiley

Event Kickoff

Agentic Defense 360°: Closing Every AI Security Gap

MCP and the AI Security Crossroads: Build, Buy, or Breach by Proxy

Securing the AI Revolution: A New Open Protocol for Cross-Application Access

Break

Secure Vibe Coding: Real-Time AI Guardrails with Semgrep MCP

Securing the Rise of Agentic Identities: From Visibility to Governed Access

Agentic AI in Elastic Security: From Triage to Response

Break

Fact or Fiction: AI Pentesting Hype vs Reality

AI-Driven Adversary Emulation: From Threat Intel to Security Validation

TBD

CISO Perspective on Agentic AI Security and Deconstructing ForcedLeak

Closing Remarks