Detroit Cybersecurity Conference

Threat actors employ a multitude of Tactics, Techniques, and Procedures (TTPs) to evade detection of their phishing pages, emails, and malware by both AI-based tools and humans. These TTPs also extend to making their content more difficult to analyze if it is detected. This briefing will highlight some of the most effective methods seen in 2025, with a focus on abuse of legitimate content and methods known to stymie SOCs. It will also include some specific mitigations that can be done to help improve security posture and SOC effectiveness.

Exposure Management is one of the most impactful evolutions you can make in your security program.  Vulnerability Management has gone through many evolutions in the past few years. From traditional Vulnerability Management to Risk Based vulnerability Management then Unified vulnerability Management and now Exposure management with a few iterations in-between.  Let’s navigate the ambiguity together, talk about what matters most and leave with some calls to action on how to move from VM to EM by breaking down the data silos between sensors and vendors.

Attackers aren’t breaking in anymore — they’re logging in. Join Varonis security experts as they break down the 2026 Attacker’s Playbook and reveal how modern adversaries use AI, trusted tools, and misconfigurations to move through your environment undetected. In this fast‑paced session, you’ll walk away with clear insights into how attackers actually operate today — the tools they abuse, the trust relationships they exploit, and the misconfigurations that quietly open the door for them. You’ll leave with practical guidance you can bring back to your team to strengthen defenses and stay ahead of the 2026 threat landscape.

Defense in depth has long been the cornerstone of cybersecurity, layering protections across networks, endpoints, identity, and cloud environments. Yet today’s threat landscape — driven by sophisticated nation-state actors, automated attacks, and increasingly capable adversaries — continues to outpace traditional defenses. As development accelerates from waterfall to Agile, CI/CD, and AI-assisted code generation, attackers increasingly target applications in production, where visibility and prevention are lacking. Many organizations rely on Web Application Firewalls as their primary safeguard, but no single control is infallible, leaving a critical gap in the security stack. This session explores why runtime application protection is the missing layer in modern defense-in-depth strategies and how strengthening it prepares organizations not only for today’s attacks but also for emerging risks like quantum-driven cryptographic disruption.

We often talk about threats in terms of dollars lost, data stolen, or headlines made. But the real threat lives deeper—in the structure, the strategy, and the growing ambition of the actors behind the screen. Today’s cybercriminals don’t just encrypt files; they build economies, launder, influence, and forge alliances that stretch across borders and industries. In this talk, we’ll peel back the layers of modern cybercrime and explore how loosely affiliated hackers have evolved into organized syndicates. These groups operate more like multinational corporations than rogue disruptors—complete with HR departments, recruitment pipelines, insider relationships, and state protections.