Pittsburgh Cybersecurity Conference

AI is already reshaping every stage of the cyberattack chain. This session takes a focused look at today’s AI‑powered threats, from automated phishing and malware generation to emerging cyber‑physical attack scenarios. Attendees will learn how AI‑driven technologies help reduce detection and response time while strengthening overall security posture.

For two years, agentic AI in the SOC has been a prediction. In 2026, it shipped. This session is a field report from inside the shift. We’ll start with what’s actually changed in the threat landscape — data extortion incidents grew 11x year over year, attackers exploit edge-device vulnerabilities in a median of zero days, and 65% of intrusions now come through legitimate remote access tools. Then we’ll look at what AI is delivering in security operations today: 80-day faster breach lifecycles, $1.9 million saved per breach, and case resolution measured in minutes instead of hours. We’ll cover the new attack surface agentic AI creates — memory poisoning, tool misuse, prompt injection — and the governance frameworks that make autonomous defense trustworthy. Attendees will leave with a clear view of where AI delivers real value now, what’s coming, and concrete steps to take back to their organization.

Every organization has a layer in its security stack that nothing is watching: the running application. Until recently, the cost and complexity of exploiting it at scale provided accidental protection. Mythos ended that. This session uses Anthropic’s AI vulnerability research system as a lens to examine the application layer threat landscape, why the industry’s go-to controls were never designed to see these attacks, and what defense-in-depth must look like now.

AI is accelerating the speed, scale, and sophistication of cyberattacks, leaving traditional reactive defenses struggling to keep pace with faster, more evasive, and increasingly single-use attacks. This session explores why DNS has become a critical security control point for modern security teams and how cloud environments, including Google Cloud, have expanded the need for stronger, more proactive defense. Together, DNS and cloud visibility provide broad insight across users, devices, applications, and emerging attack activity that other tools often miss.

Attendees will see how adversaries abuse DNS, why protective DNS is gaining momentum as a cybersecurity best practice, and how to identify gaps and improve detection earlier in the attack lifecycle. The session will also highlight practical approaches for strengthening DNS-layer defenses across hybrid and cloud environments, including Google Cloud, as part of a more resilient, defense-in-depth strategy.

Cloud identity platforms make authentication and access seamless, but recovery is far more complex than most organizations realize.

This session explores why AD, Entra ID, and cloud IDPs cannot fully restore identity state, relationships, and cloud-native objects after incidents.

Attendees will learn what actually breaks—and what must be rebuilt—across tenants, SaaS integrations, and MFA during identity recovery.