with Clint Pollock, Principal Architect Solutions Engineering – Britive
Abstract: Cloud transformation has fractured the way identities are managed. Different tools govern humans, service accounts, DevOps pipelines, and SaaS tools. AI agents are adding even more complexity and security gaps.
This session explores how enterprises can reduce operational risk and complexity by managing all privileged access through a unified policy engine. We’ll examine how runtime access decisions, least-privilege enforcement, and zero standing privileges can be applied across identity types without slowing down cloud adoption.
with Clint Baker, Strategic Account Executive and Terry Olaes, Senior Solutions Engineer from AppOmni
Abstract: As organizations grow more reliant on SaaS, securing these environments requires more than point-in-time checks. This session explores how to build and operationalize a SaaS security program that delivers visibility, enforces policy, and reduces risk at scale. Learn how to align security efforts with business goals, streamline response with existing tools, and establish a foundation for continuous protection across your SaaS ecosystem.
with Yaniv Miron from Proofpoint
Abstract:As the security landscape continues to evolve, actors progressively look for ways to bypass enterprise defenses by directly compromising end-user accounts. Protecting these users is fundamental to a human-centric security posture. Join Proofpoint’s cloud threat research team as they walk through the stages of attacks centered on account takeover (ATO), from initial access through persistence.
With Cody Steffens from Corewell Health
Abstract: Cody will share the story of how his team has moved from ad-hoc access requests to a more standardized, process driven approach, which has been oddly similar to ordering and making food at a restaurant.
with Trevor Bidle from US Signal
Abstract: In today’s fast-paced digital world, where a single misstep can lead to significant repercussions, effective cyber risk management is essential. Join us as we explore acceptable risk, third-party risk, and risk avoidance strategies. This session will equip you with practical insights to navigate the evolving threat landscape and strengthen your organization’s security posture.
with Justin Lentz from Solis Security
Abstract:EDR platforms promise deep visibility and rapid response across endpoints, but the evolving threat landscape and proliferation of cloud workloads have exposed their limitations. This talk takes a candid look at where EDR tools fall short—whether due to technical blind spots, attacker evasion, or organizational missteps.
Drawing on real incident response and threat hunting experience, we’ll map out the most common gaps, from cloud-native assets and ephemeral workloads to lateral movement and credential abuse. We’ll then equip attendees with actionable steps to spot EDR limitations in their own environment, layer additional controls, and, crucially, recognize the signals that mean it’s time to escalate and bring in outside expertise before minor incidents become major breaches.
with Joanna Udo from Corewell Health
Abstract: Digital Employee Experience (DEX) is no longer just a “nice-to-have” — it’s a powerful lever for securing data, reducing waste, and delivering measurable value across the enterprise.
In this session, Joanna Udo — unpacks how poor Digital Employee Experience leads to real-world consequences:
• Shadow IT and security vulnerabilities
• Wasted spend from low device utilization
• Lost productivity and user burnout
• A broken trust cycle between users and IT
Drawing from real enterprise use cases, Joanna shows how a strategic DEX program improves compliance, reduces costs, and builds tech ecosystems employees actually want to use — not work around.
Whether you manage infrastructure, security, support, or experience — this talk will challenge your team to stop measuring uptime and start measuring impact.
with Retired Lieutenant Colonel Oakland McCulloch
Abstract: Retired Lieutenant Colonel Oakland McCulloch has 40 + years of leadership experience, in Combat, Peacekeeping Operations, Disaster Relief and in the Boardroom. His “Building Effective and Efficient Teams” talk, and book, is based on his wealth of knowledge and lessons learned during his career as a leader. Oak highlights team building principles that will allow leaders in any profession or at any level can use to build effective and efficient teams in their organization. There is NO discussion of theory in this talk. We will discuss what every leader can do every day to improve their teams effectiveness and efficiency.
In this talk we will cover the following topics for leaders:
with Glen Roebuck, Senior Solution Architect with Thales
Abstract: Talking about zero trust and how you can get to a layered approach using tools and knowledge available today and understanding where to start.
Bots aren’t just annoying, they’re stealing millions. Credential stuffing, price scraping, and fake engagement distort analytics, drain budgets, and erode trust. Traditional tools fail because today’s bots learn, adapt, and disguise themselves as human users. Winning requires AI that spots micro-behaviors, dynamic rate limiting, and deep fingerprinting. See real-world cases where businesses lost millions and how they fought back with next-gen bot mitigation.
with David Gwizdala, Sr. Sales Engineer, Ping Identity
Abstract: New account fraud and account takeover are persistent problems for CIOs and CISOs because fraudsters are constantly evolving their tactics, requiring security teams to adapt rapidly while maintaining user-friendly experiences.
The cost of fraud is high. The fear of data breaches and the potential financial and reputational damage they cause keep CIOs and CISOs awake at night, as does the pressure to balance stringent security measures with smooth customer experiences.
CIOs and CISOs might cite budget constraints, legacy infrastructure complexities, and the potential for negative customer experience impacts as reasons for not fully achieving fraud prevention initiatives. This highlights the tension between security needs and organizational priorities.
Key Takeaways –
At this session we will review how you can differentiate genuine users from potential fraudsters and prevent account takeover attempts while minimizing friction for legitimate users by:
with Tim Campbell, Security Engineer from Check Point
Abstract: Threats don’t wait for the second inning—most emails are opened in under 60 seconds. If your current solution reacts too late, it’s time for a new defense strategy.
In this session, Tim Campbell shows how Check Point’s Harmony Email & Collaboration (HEC) closes the gap between delivery and detection. Learn how a true last-layer solution stops advanced threats across email and SaaS tools before they land—keeping users safe and your team in control.
with Bob Rabbitt from Concentric AI
Abstract: Data security has been around for decades, and yet, it still feels like an unsolvable puzzle. Legacy technologies are typically resource-intensive, find just a small portion of companies’ sensitive data, and produce a ton of false positives. The impact to operations is often so significant that businesses never move their DLP out of monitoring mode.
Attend our session to learn
With the right strategy and technology, you can transform your data from a liability to a well-managed asset.
with Ben Corll, CISO in Residence from Zscaler
Abstract: Artificial Intelligence (AI) is revolutionizing security operations by enhancing efficiency, precision, and scalability in addressing today’s most complex cyber threats.
As organizations increasingly adopt AI to bolster their cybersecurity frameworks, this session at CloudCon will delve into the transformative role of AI in modern security practices, with a special focus on real-time threat detection, rapid incident response, and predictive analytics.
Attendees will gain insights into how AI-driven tools empower organizations to detect vulnerabilities faster, identify anomalies, and proactively mitigate risks. The presentation will also address pressing challenges, such as ethical considerations, adversarial machine learning threats, and the critical importance of transparent governance and workforce readiness.
Join us to explore how AI is reshaping the cybersecurity landscape, equipping organizations to confidently safeguard their digital and physical assets in an evolving threat environment.
with Adam Seabolt, Security Engineer from Check Point
Abstract: Attackers are evolving. Are you? With digital footprints expanding across the open, deep, and dark web, the battleground has moved beyond your firewall.
In this session, Adam Seabolt, Security Engineer and Marine Corps Veteran, shares how Check Point’s External Risk Management solution empowers organizations to uncover hidden vulnerabilities, shut down external threats, and neutralize third-party risk. Walk away with insights you can act on—and a better playbook for securing your expanding digital footprint.
with Robert Anderson, Security Engineer from Check Point
Abstract: Lagging VPNs. Frustrated users. A tangled web of tools. If your current secure access solution is striking out, step up to the plate with Harmony SASE.
Robert Anderson—25-year security veteran and former Army Intel pro—will show how Check Point’s SASE platform brings 2x faster connections, full Zero Trust mesh, and smart SD-WAN into one clean, cloud-first package. No more trade-offs. Just security that wins the game.
Abstract: Join us for a very candid conversation about the current challenges facing security leadership in the healthcare, insurance and infrastructure industries. We will be discussing topics ranging from advance social engineering threat, the cause of recent cyberattacks, securing AI and how to lead high stress/high burnout teams.
A panel discussion with local CISO rockstars Scott Dresen, Trevor Bidle and Jorel VanOs
with Jackie McGuire from Cribl
Abstract:The rapid evolution of IT and security demands robust data infrastructure to handle increasing volumes of telemetry and logs, driven further by AI advancements. However, most organizations lack the infrastructure to manage this data surge effectively.
Traditional data collection methods are fragmented and inefficient, creating silos and complicating data integration. Manual parsing and routing of diverse data sources become unsustainable, hampering analytics and data utilization. Moreover, regulatory requirements for prolonged data storage add to the complexity and cost, leaving little budget for modernization. Combining an iterative modernization strategy with a data maturity model provides a clear roadmap.
This approach helps organizations understand their current state, identify urgent modernization areas, and measure progress. Leaders, architects, and operators can systematically enhance data management capabilities, aligning efforts with organizational goals.
What You’ll Learn
-What data modernization is and how it impacts the work IT and security professionals do every day
-What a data maturity model is, what different states of maturity look like, how to determine where an organization is at, and how to measure progress
-Tools and techniques to de-risk the upgrade process
-Strategies for aligning project, department, and enterprise goals
with Kathleen Kuczma from Recorded Future
Abstract: Immerse yourself in security-themed challenges to contend for the top spot on the leaderboard. There will be prizes so be sure to bring the heat!!
Resilience is an organization’s ability to continuously deliver upon their goals, despite adverse events. During this session, uncover how Threat Intelligence can help organizations build resilience against unexpected threats. Test your skills with a CTF as you hunt for indicators of compromise (IoCs) associated with threat actors and investigate leaked credentials.
with Yiannis Vassiliades from ZScaler
Abstract:How AI presents challenges, and opportunities, for effective data protection programs
Generative AI platforms like ChatGPT represent yet another opportunity for sensitive data to leak from organizations. This is on top of an expanding roster of remote endpoints, public cloud instances, and SaaS applications in widespread use today that make the practice of data loss prevention seem almost insurmountable. But while AI has in some ways made data protection more difficult, its capabilities can also be put to effective use by defenders. Join this session to learn how AI enables critical data protection capabilities including automated discovery, public cloud configuration, and generative AI governance.
Discussion Topic 1: AI challenges to data protection
Does your organization allow the use of third-party AI tools? If so, how do you ensure sensitive data isn’t an input? If not, how do you ensure GenAI tools aren’t used as shadow IT?
In what applications or functions do you think GenAI could improve your organization’s productivity? How do you plan to do that?
How do you evaluate the data privacy policies of GenAI tools your organization uses or is considering using? Have you updated your own data privacy policies to include GenAI risks?
Discussion Topic 2: How AI can facilitate effective data protection
How would you categorize the maturity of your current data protection program? Do you have a strong sense of what data exists across cloud, endpoint, IoT/OT devices?
How are you currently categorizing data and do these designations apply inline, in the cloud, and on endpoint devices? Do these categorizations cross over?
How are your organization’s DLP rules currently developed and administered today?
Would you say your organization dedicates adequate resources to data protection? Is dedicating adequate resources a likely prospect in the short to medium term?
Abstract: Threat Intelligence is an overused and abused “lingo” like “AI”. Here we talk about the difference between signal intel and actionable intel. Walk up and swing hard on curating your own intelligence specific to your business and score a run through intel sharing and data-driven insights leading to better prioritization, understanding, and application of threats and threat detection.
with Chris Zimmerman from Wiz
Abstract: As cloud adoption expands, security teams are faced with securing an increasingly complex cloud estate. Keeping pace requires a new approach. Completely agentless, CNAPPs take minutes to set up and enable security teams to unify a fragmented security stack and empower cloud engineers to take action. CNAPPs remove friction and highlight critical risks so that engineering teams have the incentive and context needed to remediate without security team oversight.
with Eric Johnson from Cohesity
Abstract: The age of artificial intelligence (AI) has ushered in a new era where deep insights and learnings can be unlocked from your data. These advancements mean organizations can get augmented information from their business data by using natural language questions instead of data queries.
Cohesity just launched the industry’s first generative AI-powered conversational search assistant to help businesses transform secondary data into knowledge.
Data Insights with Cohesity Gaia enables organizations to make smarter and faster business decisions by bringing the power of retrieval-augmented generative (RAG) AI to unlock deep learnings and novel insights from their data Whether you need more insights into your organization’s compliance posture, need to conduct an eDiscovery exercise, or want to be smarter about prior customer engagements, Cohesity Gaia can unlock value for your organization.
Cohesity Gaia can transform your data into knowledge.
Key Benefits
with AppOmni
Abstract: After a brief demo attendees will work through multiple challenges to understand risk within SaaS Applications such as:
Please bring your laptop as this will be a hands-on CTF
with AppOmni
Abstract: 78% of organizations store their critical data in SaaS applications, relying on SaaS platforms to conduct business. Consequently, SaaS now represents one of the largest attack surfaces that businesses must safeguard.
Why has SaaS become the new battleground in cybersecurity and how are attacks happening?
with Ashley Bull from ProofPoint
Abstract: Humans accidentally and intentionally expose their organizations to infinite variations of risk, challenging security teams to stop the unknowable. Join Proofpoint to learn how augmenting your threat and data defenses with behavioral AI automatically detects threats in users’ inboxes and prevents sensitive data from ending up in the wrong hands. In this session, we’ll demonstrate how organizations can leverage behavioral AI to prevent costly email security incidents.
with Robert Anderson from Check Point
The internet is the new corporate network, leading organizations to shift to secure access service edge or SASE solutions. However, current SASE solutions break the user experience with slow connections and complex management.
Harmony SASE offers a game-changing alternative by delivering 2x faster internet security combined with full mesh Zero Trust Access and optimized SD-WAN performance—all with an emphasis on ease-of-use and streamlined management.
by Jordan Weiss from Check Point
Managing cyber risk is always complex, and managing risk in the cloud is even more complicated- as cloud-native applications change and scale 100 times faster.
Today’s cloud environment needs more context to provide better security at cloud speed and scale. CloudGuard CNAPP goes beyond simple posture management and workload protection to automate security throughout the software development lifecycle – from code to cloud.
with Jeff Richardson from Checkpoint
Traditional email solutions like Secure Email Gateways (SEG) are not built for the cloud. They are external to the cloud architecture and only cover email, leaving other SAS applications vulnerable. Perhaps you have looked at some Next Gen API solutions but found they only remove attacks Post-delivery of the email.
Statistically, malicious emails are removed after 2.5 minutes, which is too late since a user will open, read, and click links in an email in just over a minute. HEC is a cloud native solution that is API-based and can block threats before they reach the end users inbox. It runs as a last layer to eliminate what the default security or your existing layers miss.
with Laura Thayer
Abstract: Laura Thayer brings her expertise to discuss how you can best partner with your organization to get projects approved, improve overall security and enable your business to move faster and more secure.
with Charles ‘Chip’ Bowden
Abstract:
with Yasser Fuentes from Bitdefender
Abstract: In this presentation we will highlight the importance of Cloud Security from a holistic standpoint. We will also go over the different areas & workload types and share best practices as well as suitable security controls and recommendations.
with Shane Harsch from Sentinel One
Abstract: As cloud visibility matures, how do we pull it all together? What do these acronyms mean, and what promise does complete visibility across your cloud infrastructure look like? How do we keep secrets from leaking? We will explore each of these data sets together, discuss secrets scanning, agentless vulnerability scanning, continuous offensive security testing of your cloud, and more.