Chicago Cybersecurity Conference

Most security programs measure effort — not outcomes. Organizations patch thousands of vulnerabilities, deploy dozens of tools, and run annual tabletop exercises… but when an attacker shows up, none of that matters.

What matters is whether they can prove their defenses actually work.

In this talk, Horizon3.ai shares how leading organizations are using autonomous pentesting to see their environment through the attacker’s eyes — continuously, safely, and at scale. By shifting from assumptions to proof, they’ve learned to:
• Prioritize what’s exploitable. Focus limited resources on the weaknesses that truly put the business at risk that are known to be abused by threat actors.
• Quickly fix what matters. Close the loop from find → fix → verify and reduce your exploitable attack surface.
• Reduce attacker dwell time. Use pentest results to precisely deploy honeyTokens to detect compromise early, and to continuously prove your EDR and SIEM are tuned and working as intended.

Cyber resilience isn’t about being perfect — it’s about getting better over time. And the only perspective that truly matters is the attacker’s.

For two years, agentic AI in the SOC has been a prediction. In 2026, it shipped. This session is a field report from inside the shift. We’ll start with what’s actually changed in the threat landscape — data extortion incidents grew 11x year over year, attackers exploit edge-device vulnerabilities in a median of zero days, and 65% of intrusions now come through legitimate remote access tools. Then we’ll look at what AI is delivering in security operations today: 80-day faster breach lifecycles, $1.9 million saved per breach, and case resolution measured in minutes instead of hours. We’ll cover the new attack surface agentic AI creates — memory poisoning, tool misuse, prompt injection — and the governance frameworks that make autonomous defense trustworthy. Attendees will leave with a clear view of where AI delivers real value now, what’s coming, and concrete steps to take back to their organization.

A good fake Rolex uses Swiss movement, sapphire crystal, 904L steel — every component genuine. Only the crown and the intent are fake. That’s phishing in 2026: real SendGrid accounts, real Cloudflare CAPTCHAs, real Google redirects. The only counterfeit is the intent. Josh Bass will break down what 5,000 real SEG-bypassing attacks reveal about why pattern-matching defenses fail silently and what security leaders need to evaluate differently.

Artificial Intelligence has revolutionized how we work, but it has also armed cybercriminals with unprecedented capabilities. From automated reconnaissance to “Clickfix” social engineering tactics that bypass reputation-based security tools—including AV, EDR/EPP, firewalls, and SWGs/CASBs—attackers are moving faster and smarter. Are your defenses ready for 2026?

AI has evolved from a research concept into a transformative force reshaping how businesses operate and defend against cyberthreats. Its rapid growth brings powerful benefits — automating routine tasks, improving efficiency, and enabling faster, more accurate threat detection. But AI is a double-edged sword. While security teams use it to predict and stop attacks, cybercriminals exploit it to craft sophisticated phishing campaigns, deepfakes, and adaptive malware.

This session explores AI’s evolution, its rapid rise in business environments, and its expanding role in today’s cybersecurity arms race. You’ll walk away with practical insights and clear steps to help your organization use AI securely, responsibly, and effectively.