7:00 – 7:10 PM
Welcome & Kickoff
Host intro, agenda overview, and ground rules — technical talks only, no vendor pitches.
7:10 – 7:40 PM · 30 min + Q&A
🎤 Technical Talk #1
Possible themes:
- Detection engineering case study
- Real-world SOC incident investigation
- Lessons from a major breach
- Building detections that actually work
7:40 – 8:10 PM · 30 min + Q&A
🎤 Technical Talk #2
Possible themes:
- Cloud security detection
- Threat hunting workflows
- SIEM rule tuning
- SOC automation techniques
8:10 – 8:50 PM
⚡ Lightning Talk Block — 8 × 5 min
Fast-paced mini talks from the community. Example topics:
A detection that saved our SOC hours
The weirdest alert I've ever investigated
How we reduced alert noise by 80%
Breaking production with a security rule
Favorite threat hunting technique
A SIEM query everyone should know
Lessons from a failed detection
AI + security experiments
☕ 5-MINUTE BREAK · 8:50 – 8:55 PM
8:55 – 9:25 PM · 30 min + Q&A
🎤 Technical Talk #3
Possible themes:
- Adversary emulation insights
- Purple team lessons
- Incident response deep dive
- AI-assisted security operations
9:25 – 9:40 PM
🤝 Speed Networking
Two rounds of randomly-paired Zoom breakouts (7 min each) — small groups if attendance is high. Prompt: your role, what you work on, and one security challenge you're solving right now.
9:40 – 10:10 PM · Optional
💬 Open Breakout Rooms
Choose your room and move freely:
- SOC Analysts
- Detection Engineering
- Cloud Security
- Incident Response / DFIR
- AI + Security · Job Seekers · Hiring