Briefings
The focus of the AI, ML, and Data Science track is to cover the subject in a way that provides value for security professionals. Topics for the track can range from attacking and defending systems implementing AI to applying AI for better attacks, defenses, or detections. Submissions for the track should have the AI/ML functionality playing a key role in the submission. Regardless of the topic, the content for the track should have a heavy focus on applied concepts that attendees can use after the conference is over.
The Application Security track encompasses presentations aimed at enhancing software security for security practitioners and development teams. We prioritize objective, data-driven research and case studies on secure development practices, accompanied by actionable recommendations. Topics include the Secure Development Lifecycle (SDLC), DevSecOps, software supply chain, and automated security testing. We seek scalable, empirically-supported ideas with demonstrated outcomes. Infrastructure-as-Code (IaC) submissions addressing code security are welcome.
The Cloud Security track highlights innovative strategies for both offensive and defensive measures in cloud environments. Presentations delve into cutting-edge techniques tailored to attack and defend cloud platforms, including major providers such as Azure, AWS, and GCP, along with cloud-native technologies like containers, orchestration systems, microservices, and serverless architectures. Topics encompass novel approaches to cloud identity and access management, data exfiltration, privilege escalation, lateral movement, and other emerging challenges in securing cloud infrastructures.
The Cryptography track aims to focus on practical, real-world advances in cryptography informed by an attacker's sensibility. A Cryptography Track talk will almost always be backed up with running code. We prize offensive cryptography and cryptanalysis but will host defensive and research cryptography when rooted in a context of real-world attacks. We're an especially good place to send new vulnerabilities in cryptographic protocols like TLS, cryptographic hardware like HSMs and smart cards, and cryptographic primitives like SHA-1.
From industrial control systems to self-driving vehicles, from medical devices to exotic hardware hacks—this track explores the convergence of cyber-physical systems (CPS) and embedded security. As digital threats increasingly have real-world consequences, understanding vulnerabilities, attacker objectives, and defensive strategies across both physical and cyber domains is critical. Talks in this track will examine systemic security challenges across hardware, firmware, embedded devices, IoT, robotics, smart cities, and beyond. Whether dissecting low-level exploits, reverse-engineering firmware, or hardening interconnected ecosystems, this track is for those pushing the boundaries of offensive and defensive security in the physical-digital world.
The Emerging Tech track is dedicated to exploring the latest advancements and innovations in technology that are shaping the future of cybersecurity. Topics include cutting-edge technologies, tools, and techniques that have the potential to revolutionize cybersecurity practices. Sessions provide attendees with insights into the latest trends, best practices, and real-world applications of emerging technologies in cybersecurity.
The Exploit Development & Vulnerability Discovery track focuses on leading-edge, practical techniques for gaining code execution or similar unauthorized access to software. Successful submissions often share novel approaches to vulnerability discovery, new code execution techniques or mitigation bypasses. Submissions are welcome across a wide array of technology, including mobile devices, cloud and browsers; submissions that present attacks against 'hard' targets that lack known techniques are often the most successful. Submissions shouldn't be constrained to memory safety issues, but these often resonate with the audience.
The Identity & Access Management (IAM) Track explores the evolving landscape of identity security, authentication, and access control in modern enterprises. As organizations adopt cloud-first strategies, hybrid infrastructures, and Zero Trust architectures, IAM has become a critical component of cybersecurity. This track delves into the challenges and advancements in securing identities, managing access, and mitigating identity-based threats. Sessions can cover practical, scalable approaches to IAM, including federated identity, role-based access control (RBAC), attribute-based access control (ABAC), multi-factor authentication (MFA), passwordless authentication, identity threat detection and response (ITDR), and privileged access management (PAM).
The Malware & Human Factors track explores the intricate interplay between malicious software and human behavior in the realm of cybersecurity. This track delves into the human aspects of security, examining how individual decisions impact organizational security and how technology can influence these decisions. Discussions encompass various strategies for manipulating or influencing individuals or groups, including the use of disinformation or misinformation, as well as innovative approaches to leveraging generative AI. Additionally, talks delve into the defensive and offensive aspects of malware development, covering topics such as malware analysis, anti-analysis techniques, detection, remediation, malware development, execution techniques, and obfuscation.
The Management, Career & Community track offers a platform for sharing ideas and discussions on pertinent issues impacting both cybersecurity professionals and management. Topics encompass a broad spectrum, including strategic management, leadership & team management, security awareness, legal considerations, career development & professional growth, community engagement & inclusivity, communication, and mental health. Talks in this track aim to offer constructive solutions and innovative ideas.
The Network & Endpoint Security Track explores the evolving landscape of securing enterprise networks, endpoints, and mobile platforms against modern cyber threats. As attackers increasingly target devices, infrastructure, and connectivity layers, organizations must adopt holistic, adaptive, and proactive security strategies to defend against a broad range of threats. This track covers network security, endpoint security, mobile security, and platform security, providing insights into protecting users, devices, and assets across diverse environments. Sessions may address advanced threat detection, modern defense mechanisms, security visibility, and the intersection of endpoint and network security architectures to mitigate evolving attack techniques.
The Policy & Privacy track delves into the intersection of information security, policy, and privacy considerations. This track encompasses a broad spectrum of topics, including political, technological, and economic policies, technical standards, laws, and behavioral norms. We invite research and risk-based findings on the security impacts of policy or legislation, unintended consequences of policy or technical choices, metrics for assessing the balance between attackers and defenders, and proposed public policies against emerging security threats. Successful submissions will offer novel insights backed by research. Additionally, we explore privacy vulnerabilities and solutions, including privacy-by-design, attacks on privacy-preserving technology systems, and unique vulnerabilities arising from privacy considerations. Join us for discussions that shape the future of policy and privacy in cybersecurity.
"Reverse engineering is the process of extracting the knowledge or design blueprints from anything man-made and reproducing it or reproducing anything based on the extracted information." — Eldad Eilam
Talks in the Reverse Engineering track may include subjects such as vulnerability discovery, data visualization, advanced exploitation techniques, bypassing security and software protections, and reverse engineering of hardware, software, and protocols.
The Security Essentials & Lessons Learned track focuses on fundamental principles and insights derived from real-world experiences. This track is dedicated to exploring essential security practices, foundational concepts, and lessons learned from both successes and failures. We invite proposals covering a wide range of topics, including threat detection and response strategies, incident handling procedures, risk management frameworks, security awareness training, and compliance best practices, all focusing on practical knowledge and actionable insights.
The Threat Hunting & Incident Response track will consist of topics and techniques used to assist defenders in responding to a variety of security incidents in on-premise, hybrid, and cloud environments. These topics may include, but aren't limited to, identification of compromised systems, digital evidence collection, network, host, malware analysis, threat intelligence, detection engineering and threat hunting. Focus should be on techniques and procedures that can help defenders understand how an attack unfolded, if and when a breach occurred, and how it can be prevented in the future.