AI Summit Solutions Track 2026 Day 1

Mon, Apr 20, 2026
10:00AM - 5:00PM EDT
English
Matt Bromiley
Solutions Forum

Thank You To Our Sponsors

Artificial intelligence is transforming how security teams detect threats, automate response, and make critical decisions—but effective adoption requires more than just powerful tools. This Solutions Track session explores real-world approaches to applying AI in cybersecurity programs, focusing on how to move from theory to measurable impact.

The discussion will highlight proven methods for integrating AI into existing workflows, improving threat visibility, and enhancing analyst efficiency without sacrificing oversight or trust. Attendees will also gain insight into emerging challenges such as model transparency, data protection, and ethical implementation. Whether you’re evaluating AI-driven security products or building your own, this session will provide practical guidance on how to responsibly leverage AI to strengthen cyber resilience and empower human expertise.

Why Register?

Expert-led Sessions
Flexible Attendance (Attend live or watch on your own time)
On-Demand Access (Revisit sessions and download presentations at your convenience)
Connect with Industry Leaders
Build Your Professional Network
Earn CPE Credits

Don't Forget to Register for Day 2.

Schedule

Showing 13 of 13

Filter by:

Select day:

Opening Remarks

10:00AM - 10:15AM EDT

Presented by

Matt Bromiley

Certified Instructor

Virtual

The AI Genie is Out of the Bottle and Granting Infinite Wishes. Now What?

James, and his new venture Harmonic Security, has been working with enterprises around the world to help them adopt AI with confidence. In his talk, he’ll share candid insights into what’s going well and what’s not going well as organisations navigate the transformative power of AI in their workforce.

*Sponsored by Harmonic

10:15AM - 10:45AM EDT

Presented by

James Derbyshire

Virtual

Taming the AI Wild West: Securing Sanctioned and Shadow AI

AI is already here, embedded in every SaaS application your employees touch, from Slack and Microsoft 365 to "shadow" tools like Claude and Grammarly. For security teams, the "Block All" era is over, but the "Allow All" era is a data-loss nightmare. To survive the AI explosion, organizations must move from reactive blocking to proactive governance.

In this session, we will explore why traditional CASB falls short and demonstrate how a browser-centric approach provides the "last mile" visibility needed to protect corporate IP.

Key Takeaways:

The AI Visibility Gap: Understanding how GenAI is silently being added to your existing Enterprise SaaS stack.
The Governance Blueprint: How to define and enforce policies for "Tolerated" apps (allowing innovation while restricting risky behavior like code-pasting or file uploads).
Live Defense Demo: A real-world look at AI Access Security and Prisma Browser in action, showing real-time inspection of encrypted prompts and the neutralization of data exfiltration before it hits the model.

*Sponsored by Palo Alto Networks

10:45AM - 11:15AM EDT

Presented by

Marty Lee

Director, Technical Solutions

Virtual

Securing the AI Lifecycle: Why Prompt-Level Controls Won’t Scale

AI is transforming how organizations operate—but without a security strategy that spans the entire AI lifecycle, innovation can quickly become a liability. We will talk about strategies to align your security posture with your AI ambitions before a breach forces the conversation.

*Sponsored by Orca Security

11:15AM - 11:45AM EDT

Presented by

Tim Chase

Field CISO and Product Marketing Director

Virtual

Break

11:45AM - 12:00PM EDT

Virtual

Rethinking Threat Modeling for Modern Engineering Velocity: AI-Powered Self-Service at Scale

In large, fast-moving engineering organizations shipping products at scale, threat modeling remains one of the most valuable security practices. It enables developers to identify potential security issues early in design, but traditional approaches struggle to keep pace with modern engineering velocity. Reviews are often point-in-time, expert-driven, and difficult to sustain consistently as product complexity and delivery speed increase. This session explores how AI can act as a force multiplier, shifting threat modeling from a centralized security function to a scalable, self-service capability that empowers product teams to take greater ownership of security design decisions.

*Sponsored by Adobe

12:00PM - 12:30PM EDT

Presented by

Pawan Suresh

Product Security Manager

Virtual

AI Red Team: Continuous Testing. Explainable Results, Proven Resilience

AI systems evolve faster than traditional security testing can keep up. Join F5 experts to learn how AI Red Team accelerates continuous adversarial testing across models, apps and agents—using an extensive attack database, multi-turn Agentic Resistance campaigns, and operational stress tests—to surface vulnerabilities before they’re exploited.

We’ll demo how severity and risk-scored results and Agentic Fingerprints produce audit-ready, explainable reports and show how findings can be operationalized into runtime protections via F5 AI Guardrails.

Key Takeaways:

Explain the evolving runtime-layer threat landscape and why traditional pen-testing is insufficient
Demonstrate how to configure and run continuous red-team campaigns (signature + agentic tests) and interpret CASI/ARS risk scores.
Read and act on Agentic Fingerprints and audit-ready vulnerability reports to prioritize remediation and enable GRC initiatives
Map AI Red Team findings into runtime protections with F5 AI Guardrails for continuous enforcement.

*Sponsored by F5

12:30PM - 01:00PM EDT

Presented by

Ian Luth

Director, Product Marketing

Virtual

The AI Security Paradox: Adoption vs. Oversight

As organizations rapidly adopt AI tools, the real emerging risk isn’t just AI-powered attacks—it’s unmanaged AI usage inside your own environment. Shadow AI, unclear ownership, and policy lag are quietly expanding the attack surface and introducing operational, compliance, and data exposure risks. Drawing on data from our latest State of Trust report, this session explores where organizations are falling behind and offers practical steps to implement AI governance structures and policies that reduce risk without slowing innovation.

*Sponsored by Vanta

01:00PM - 01:30PM EDT

Presented by

Faisal Khan

Lead, GRC Solutions Expert

Virtual

Break

01:30PM - 01:45PM EDT

Virtual

Intent Under Control: Keeping Agentic AI Safe and Predictable

Autonomous AI tools are no longer a concept, they're actively shaping workflows, decisions, and operations across enterprises. But as these tools act on their own, intent becomes the new attack surface.

Industry predictions suggest that by 2030, over 50% of software will include agentic AI, driving more than $450B in revenue by 2035. Yet the reality is that once enterprises deploy AI-powered applications and agents, they face entirely new risks: prompt injection, data leakage, unsafe tool use, model manipulation, and unpredictable behavior across complex AI pipelines.

Join Elad Schulman for a practical, real-world discussion on where AI security truly matters in autonomous agents:

The paradigm shift: from content risk to behavioral risk
Why legacy security fails for agentic AI
Practical controls for securing AI agents in production
What secure-by-design means for trusted AI frameworks

*Sponsored by Lasso Security

01:45PM - 02:15PM EDT

Presented by

Elad Schulman

CEO and Co-Founder

Virtual

On the Front Lines of AI-Powered Email Attacks: Lessons from a Security Leader

Security leaders are confronting a new generation of AI-powered email attacks that are faster, more convincing, and more scalable than ever before. Even organizations with mature security stacks are discovering that traditional controls, secure email gateways, and manual review processes are not designed for adversaries leveraging generative AI. In this session, you'll hear a candid, first-hand account from a security leader who believed his organization had built a best-in-class security program—until a single AI-crafted email exposed a critical gap.

Through real-world incidents, including payroll fraud, sextortion, and vendor email compromise, we'll examine how attackers use AI to enhance social engineering, personalize pretexting at scale, and exploit human trust, urgency, and authority. We'll break down what changed in the threat landscape, why conventional detection models struggle against AI-generated attacks, and how security teams must rethink controls at the human layer.

Attendees will leave with practical guidance to: Identify indicators of AI-augmented social engineering Reduce human-layer risk without increasing operational friction Align people, process, and technology to counter evolving BEC tactics Build resilience against increasingly adaptive AI-driven threats

This session delivers actionable insights for security practitioners navigating the rapidly shifting intersection of AI and email-based threats.

*Sponsored by Abnormal AI

02:15PM - 02:45PM EDT

Presented by

Mick Leach

Field CISO

Virtual

AI Writes Code in Minutes. Can Your Security Program Keep Up?

AI-assisted coding is dramatically accelerating software development. Code that once took weeks to design, implement, and review can now be generated, tested, and merged in minutes. But most application security programs were built for a slower, human-paced development process with design reviews, pull requests, and investigations acting as control points. As those checkpoints shrink or disappear, security teams are being asked to evaluate risk at machine speed.

This session explores how security Semgrep Workflows can help close that gap. We’ll demonstrate how combining deterministic program analysis with AI reasoning can automate discovery, detection, triage, and remediation. The talk includes a live demo demonstrating security workflows that detect business logic vulnerabilities in real code within an AI-assisted development pipeline.

*Sponsored by Semgrep

02:45PM - 03:15PM EDT

Presented by

Jack Moxon

Staff Product Manager

Virtual

Closing Remarks

03:15PM - 03:30PM EDT

Presented by

Matt Bromiley

Certified Instructor

Virtual

Meet Your Speaker

Matt Bromiley

Security R&D

Matt Bromiley is a Lead Solutions Engineer at LimaCharlie and SANS Certified Instructor. He serves as a GIAC Advisory Board member, a SME for the SANS Security Awareness, and a technical writer for the SANS Analyst Program.

Related events

View all events

Slide 1 of 2
SANS AI Cybersecurity Summit 2026
Obtain hands-on, practical skills from the world's best instructors by taking a SANS course at SANS AI Cybersecurity Summit 2026.
Summit
Mon, Apr 20 - Mon, Apr 27, 2026 • ET
Arlington, VA, US & Virtual (ET)
9 Courses
View event details Register
Slide 2 of 2
AI Summit Solutions Track 2026 Day 2

Artificial intelligence is transforming how security teams detect threats, automate response, and make critical decisions—but effective adoption requires more than just powerful tools. This Solutions Track session explores real-world approaches to applying AI in cybersecurity programs, focusing on how to move from theory to measurable impact.
WebinarArtificial Intelligence
- 21 Apr 2026
- 10:00 EDT
- Matt Bromiley
View details

View all events

SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals

AI Summit Solutions Track 2026 Day 1

Share

Thank You To Our Sponsors

Why Register?

Schedule

Opening Remarks

The AI Genie is Out of the Bottle and Granting Infinite Wishes. Now What?

Taming the AI Wild West: Securing Sanctioned and Shadow AI

Securing the AI Lifecycle: Why Prompt-Level Controls Won’t Scale

Break

Rethinking Threat Modeling for Modern Engineering Velocity: AI-Powered Self-Service at Scale

AI Red Team: Continuous Testing. Explainable Results, Proven Resilience

The AI Security Paradox: Adoption vs. Oversight

Break

Intent Under Control: Keeping Agentic AI Safe and Predictable

On the Front Lines of AI-Powered Email Attacks: Lessons from a Security Leader

AI Writes Code in Minutes. Can Your Security Program Keep Up?

Closing Remarks

Meet Your Speaker

Matt Bromiley

Related events

SANS AI Cybersecurity Summit 2026

AI Summit Solutions Track 2026 Day 2

Opening Remarks

The AI Genie is Out of the Bottle and Granting Infinite Wishes. Now What?

Taming the AI Wild West: Securing Sanctioned and Shadow AI

Securing the AI Lifecycle: Why Prompt-Level Controls Won’t Scale

Break

Rethinking Threat Modeling for Modern Engineering Velocity: AI-Powered Self-Service at Scale

AI Red Team: Continuous Testing. Explainable Results, Proven Resilience

The AI Security Paradox: Adoption vs. Oversight

Break

Intent Under Control: Keeping Agentic AI Safe and Predictable

On the Front Lines of AI-Powered Email Attacks: Lessons from a Security Leader

AI Writes Code in Minutes. Can Your Security Program Keep Up?

Closing Remarks