7:00 – 7:10 PM
Welcome & Kickoff
Host intro, agenda overview, ground rules (technical talks only — no vendor pitches), and a quick chat warm-up prompt for the room.
7:10 – 7:40 PM · 30 min + Q&A
🎤 Technical Talk #1
Possible themes:
- Detection engineering case study
- Real-world SOC incident investigation
- Lessons from a major breach
- Building detections that actually work
7:40 – 8:10 PM · 30 min + Q&A
🎤 Technical Talk #2
Possible themes:
- Cloud security detection
- Threat hunting workflows
- SIEM rule tuning
- SOC automation techniques
8:10 – 8:40 PM
⚡ Lightning Talk Block #1 — 6 × 5 min
Fast-paced mini talks from the community. Example topics:
A detection that saved our SOC hours
The weirdest alert I've ever investigated
How we reduced alert noise by 80%
Breaking production with a security rule
Favorite threat hunting technique
A SIEM query everyone should know
☕ 5-MINUTE BREAK · 8:40 – 8:45 PM
8:45 – 9:15 PM · 30 min + Q&A
🎤 Technical Talk #3
Possible themes:
- Adversary emulation insights
- Purple team lessons
- Incident response deep dive
- AI-assisted security operations
9:15 – 9:45 PM
⚡ Lightning Talk Block #2 — 6 × 5 min
More rapid-fire practitioner content. Example topics:
Detection engineering tips
Security automation scripts
War stories from IR
Lessons from failed detections
Favorite open-source tools
AI + security experiments
9:45 – 10:00 PM
🤝 Speed Networking
Two rounds of randomly-paired Zoom breakouts (7 min each). Prompt: your role, what you work on, and one security challenge you're solving right now.
10:00 – 10:30 PM · Optional
💬 Open Breakout Rooms
Choose your room and move freely:
- SOC Analysts
- Detection Engineering
- Cloud Security
- Incident Response / DFIR
- AI + Security · Job Seekers · Hiring