RSA Conference 2024

May 6-9, 2024 · San Francisco, CA · 348 talks

The world's largest cybersecurity conference featuring keynotes, track sessions, and the Innovation Sandbox competition covering enterprise security, AI security, threat intelligence, and GRC.

→ See editor’s top picks at RSA Conference 2024

• The Power of Community

  Hugh Thompson, Executive Chairman of RSA Conference, delivered a powerful keynote address at RSAC 2024, emphasizing the critical role of **community** in navigating the complex and ever-evolving…

• Technology and the Transformation of U.S. Foreign Policy

  In a pivotal address at RSAC 2024, United States Secretary of State Antony J. Blinken outlined the Biden administration's comprehensive strategy for integrating technology into U.S. foreign policy…

• The Time is Now: Redefining Security in the Age of AI

  In this compelling RSAC 2024 presentation, Jeetu Patel, Executive Vice President and General Manager of Security and Collaboration at Cisco, along with his colleague Tom Giles, articulated a vision…

• The State of Cybersecurity – Year in Review

  Kevin Mandia, CEO of Mandiant at Google Cloud, delivered a concise yet comprehensive overview of the cybersecurity landscape based on over 1,100 investigations, hundreds of red team exercises…

• CISO Confidential: What Separates The Best From The Rest

  This talk, delivered by Trellix CEO Bryan Palma and CISO Harold Rivas at RSAC 2024, delves into the dramatic evolution of the Chief Information Security Officer (CISO) role, charting its journey…

• Securing the Modern Application: From Code to Infrastructure
• Securing New Limits: Protecting the Pathway for AI Innovation

  In this compelling keynote at RSAC 2024, Kevin Skapinetz, Vice President of Security Strategy at IBM, joined by Rosa Bolger, Vice President and Distinguished Engineer at IBM, addressed the profound…

• Securing AI: What We’ve Learned and What Comes Next

  In this compelling RSA Conference talk, Vasu Jakkal, Corporate Vice President of Microsoft Security, delves into the unprecedented rise of Artificial Intelligence (AI) and its profound implications…

• Next-Gen SIEM: Converging Data, Security, IT, Workflow Automation & AI

  In this compelling keynote at RSAC 2024, George Kurtz, CEO and Co-founder of Crowdstrike, laid bare the critical challenges facing modern cybersecurity operations and articulated a bold vision for…

• Revolutionizing the SOC for the Future Threat Landscape

  In this insightful talk from RSAC 2024, Gary Steele, Executive Vice President and General Manager at Splunk (recently having joined forces with Cisco), presented a compelling vision for the future…

• Reducing AI’s Blast Radius: How to Prevent Your First AI Breach

  In an era where **Generative AI (Gen AI)** has rapidly transitioned from a niche technology to a mainstream enterprise tool, the question of data security has become paramount. Matt Radolec, Vice…

• The Possibilities, Risks, and Rewards of Cyber Tech Convergence

  In his RSA Conference 2024 presentation, "The Possibilities, Risks, and Rewards of Cyber Tech Convergence," Sundhar Annamalai, President of the newly formed Level Blue (formerly AT&T Cybersecurity)…

• Art in the Era of Artificial Intelligence

  In an era increasingly defined by rapid technological advancement, the intersection of artificial intelligence and human creativity stands as a fascinating and often contentious frontier. This talk…

• Artificial Intelligence: The Ultimate Double-Edged Sword

  At RSAC 2024, a distinguished panel convened to explore the multifaceted nature of Artificial Intelligence, aptly titled "Artificial Intelligence: The Ultimate Double-Edged Sword." Moderated by…

• Photographing Nature: Expanding Human Understanding

  Doris Mitsch, an accomplished artist, presented a captivating talk at RSAC 2024, delving into the fascinating intersection of art, nature, and human perception. Titled "Photographing Nature…

• Secret to a Healthier Life? Fun!

  In a departure from the typical cybersecurity discussions at RSAC 2024, award-winning journalist Catherine Price delivered a compelling and insightful talk titled "Secret to a Healthier Life? Fun!"…

• Seeing Sounds and Hearing Colors: The Vibrant World of Synesthesia

  Kaitlyn Hova, a distinguished software executive at JP Morgan with a unique background spanning music and neuroscience, delivered a captivating talk at RSAC 2024 that ventured beyond traditional…

• The Five Most Dangerous New Attack Techniques You Need to Know About

  This article delves into the critical insights shared during the 15th annual SANS panel at RSA Conference 2024, titled "The Five Most Dangerous New Attack Techniques You Need to Know About." Led by…

• Homeland Security in the Age of Artificial Intelligence

  This talk features an insightful discussion between Secretary of Homeland Security Alejandro Mayorkas and Rumman Chowdhury, a member of the newly formed DHS AI Advisory Board, on the profound…

• A World On Fire: Playing Defense in a Digitized World...and Winning

  In a candid and urgent discussion at RSAC 2024, former CISA Director Chris Krebs and current CISA Director Jen Easterly, moderated by The Washington Post's Joseph Menn, painted a stark picture of…

• Cryptographers' Panel

  This RSAC 2024 Cryptographers' Panel brought together leading minds in cryptography to discuss the most pressing and rapidly evolving challenges facing the security landscape today. Moderated by an…

• The State of Our Cyber Is Strong: The View from the White House

  In a candid and insightful discussion at RSAC 2024, National Cyber Director Harry Coker Jr. joined former Principal Deputy Director of National Intelligence Sue Gordon to offer a high-level…

• AI and Democracy

  In his compelling RSAC 2024 talk, renowned security technologist Bruce Schneier delves into the profound and multifaceted impact of artificial intelligence on democratic systems. Schneier argues…

• The First Decade of Corporate Ransomware

  Mikko Hyppönen, Chief Research Officer at WithSecure, delivers a compelling retrospective on the evolution of ransomware, tracing its origins from obscure MS-DOS viruses to the sophisticated…

• AI Safety: Where’s the Puck Headed?

  This panel discussion at RSAC 2024, moderated by Romka Siva, delved into the increasingly urgent and complex topic of **AI safety**, moving beyond the sensationalized "killer robot" narratives to…

• Apocalypse Avoided: The Future According to the Four Horsemen of Cyber

  This insightful panel discussion at RSAC 2024 brought together a truly unique assembly of cybersecurity pioneers, colloquially known as the "Four Horsemen of Cyber," for their first public…

• Tech Diplomacy: Building Cyber Resilience Together
• AI Governance & Ethics: A Discussion with the Big Players

  This panel discussion at RSAC 2024 brought together leading voices from industry and regulation to delve into the critical and rapidly evolving landscape of **Artificial Intelligence (AI)…

• Legal Eagles & CISOs: Safeguarding Tomorrow's Digital Frontiers
• Hacking Exposed: Next-Generation Tactics, Techniques and Procedures
• The Road Ahead for Cyber & Emerging Tech Policy
• CISOs Unchained
• I’m an API Hacker and Here’s How I Hack Everything from the Military to AI

  In this candid and insightful talk, Katie, known online as Insider PhD, demystifies the world of API hacking, arguing that its perceived complexity is largely a myth. Far from requiring elite…

• Securing AI Apps with the OWASP Top Ten for Large Language Models
• DPAPI and DPAPI-NG: Decrypting All Users’ Secrets and PFX Passwords
• Going Passwordless for Employees: Secure Modern Authentication at Work
• How to Keep Your Cool and Write Powerful Incident Response Reports

  In the high-stakes world of cybersecurity, effective incident response is paramount, but its impact is often diminished by poorly communicated outcomes. This talk, "How to Keep Your Cool and Write…

• I Screwed Up Threat Hunting a Decade Ago and Now We're Fixing it With PEAK
• A Blueprint for Detection Engineering: Tools, Processes, and Metrics

  This talk, presented by Jose and Eric from the Splunk Threat Research team at RSAC 2024, delves into the critical discipline of **detection engineering**. It addresses a fundamental challenge faced…

• RFID: Flippers and Access Control
• Kubernetes Security: Attacking and Defending Modern Infrastructure

  In an era where containerization and orchestration have become foundational to modern application deployment, understanding the intricate security landscape of Kubernetes is paramount. This talk…

• The Price is WRONG - An Analysis of Security Complexity
• The Always-On Purple Team: An Automated CI/CD for Detection Engineering
• The Art of Cyber Insurance: What's New in Coverage and Claims
• The End of DevSecOps?
• A Step-by-Step Guide to Securing Large Language Models (LLMs)
• Key Management 101: DEKs, KEKs, and Credentials Living Together, Oh My!
• You’re Doing It Wrong! Common Security Anti Patterns
• The Evolution of Industrial Cyberthreats: Year in Review Report
• Backdoors & Breaches: Live Tabletop Exercise Demo
• IP Protection and Privacy in LLM: Leveraging Fully Homomorphic Encryption
• Building AI Security In: MLSecOps in Practice
• A Proven Approach on Automated Security Architectural Pattern Validation
• The Storm-0558 Attack - Inside Microsoft Identity Security's Response
• Threat Hunting with Python and Pandas
• Gartner's Top Predictions for Cybersecurity 2023-2024
• Advancing AI Security with Insights from the World’s Largest AI Red Team
• Responsible AI: Adversarial Attacks on LLMs
• Operation Cookie Monster & Genesis Market: An International Cyber Takedown

  This talk, presented by FBI Supervisory Special Agent Amanda Kanudson and Intelligence Analyst Tom Gathman, details **Operation Cookie Monster**, the unprecedented international law enforcement…

• Beginner’s Guide to Bypassing Modern Authentication Methods to SSO

  In an era where organizations increasingly rely on robust authentication mechanisms to secure their digital assets, this talk by Dor at RSAC 2024 delves into a critical, often overlooked…

• State of the Hack 2024 - NSA’s Perspectives
• National Security 2030: Social Media and Emerging Cyberthreats
• Fight Smarter: Accelerate Your SOC with AI Discovered Attacks
• UEFI Bootkits and Where UEFI Security Fails

  This talk, presented by Martin Smolar, a Malware Researcher at ESET, delves into the escalating threat of UEFI bootkits and the systemic failures in UEFI security that enable them. Smolar highlights…

• Hiding in Plain Sight: Hunting Volt Typhoon Cyber Actors
• Securing Software Supply Chain: Problems, Solutions, and AI/ML Challenges
• The Anatomy of Cloud Attacks
• Harnessing the Strengths of Neurodivergent Staff for Cybersecurity
• Cloud Security Novice to Native in 10 Steps: A CNAPP Approach

  This talk, titled "Cloud Security Novice to Native in 10 Steps: A CNAPP Approach," aims to demystify the complex landscape of cloud security, guiding organizations from foundational understanding to…

• 10 Key Challenges for AI within the EU Data Protection Framework
• How AI Is Changing the Malware Landscape

  In this insightful talk at RSAC 2024, Vicente Diaz from VirusTotal delves into the transformative impact of Large Language Models (LLMs) on malware analysis and the broader cybersecurity landscape…

• Costume Jewelry: How Capital One Uses Tokenization to Protect Data

  In this compelling talk at RSAC 2024, Andy Ozment, Chief Technology Risk Officer at Capital One, detailed the financial institution's extensive and evolving journey into **tokenization** as a…

• You Can't Measure Risk
• Your Cybersecurity Budget Is a Horse’s Behind
• Cybersecurity for “Have Nots”
• CISOs Under Indictment: Case Studies, Lessons Learned, and What’s Next
• Creating an AI Security and Incident Response Team
• Everything Everywhere All at Once: A Guide to Alert Triage and Analysis
• All You Need Is Guest
• Everything Everywhere All at Once: The European ID Wallet Ecosystem
• 2024 Edition: Cybersecurity Standards Scorecard
• Building Your Quantum-safe Future with Crypto-agility
• What Hacking the Planet Taught Us About Defending Supply Chain Attacks
• Secure and Privacy by Design Converge with Threat Modeling
• Training for Incident Response: The Red, the Blue, and the Ugly
• The Cybersecurity of Smart ‘Adult’ Toys, or Lack of It

  This talk delves into the often-overlooked and highly sensitive realm of cybersecurity vulnerabilities within smart adult toys. Delivered at RSAC 2024 by a seasoned researcher in IoT and smart…

• Hacker’s Perspective on Your Infrastructure: Lessons from the Field
• Achieving Quantum Readiness: A Comprehensive Approach
• Privacy Past and Present: A Father-Daughter Look at Data Privacy Evolution
• Why Outer Space Is the Next Frontier for Cybersecurity
• The ART of Probable: Test with AI, Atomic Red Team, and Threat Metrics
• From Chatbot to Destroyer of Endpoints: Can ChatGPT Automate EDR Bypasses?
• Establishing a Data Perimeter on AWS

  In an era where data is considered the "new oil," its protection is paramount for businesses across all sectors. This talk, delivered by Liam Wadman and Tatyana Yatskevich, Solutions Architects with…

• Connecting the Dots: Threat Intelligence, Cyber Incidents, and Materiality
• Agents of Chaos: Hacktivism Spreads Fear, Disinformation, and Propaganda
• Living with Chronic CFIUS: Foreign Investment Review Security Imperatives
• Seatbelts for Web App (Security Headers)
• Geopolitics and Cyber Risk in 2024 and Beyond
• Identity-Based Encryption

  Identity-Based Encryption (IBE), initially conceived by Shamir and first constructed by Boneh and Franklin, represents a powerful generalization of traditional public key encryption. In an IBE…

• Shades of Purple: Getting Started and Making Purple Teaming Possible
• My Resilient Career: How to Do More than Just Survive in Security
• Enhancing Space Cybersecurity: Securing Space Systems from Cyber Threats
• How Large Language Models Are Reshaping the Cybersecurity Landscape
• Steering Clear of Danger: Decrypting the Realities of Remote Car Hacking
• Batloader or FakeBat? Unraveling Competing MaaS Operations
• Autonomous Hacking Systems - Future Risk or FUD?
• AI, the Software Supply Chain, and Other (Not So) Puzzling Pieces

  In this insightful talk from RSAC 2024, Jacob, Deputy Chief Security Officer at GitHub, draws a compelling parallel between personal health and the often-overwhelming landscape of software supply…

• Unveiling the 2024 Data Breach Investigations Report (DBIR)
• AI Governance: The Security Perspective
• Homomorphic Encryption
• Use Generative AI to End Your Love/Hate Relationship with DLP
• The State of Venture Capital in Cybersecurity
• Flying Under the Radar - New Security Evasion Techniques
• Moving Security Architecture from Art to Engineering
• Building Your Roadmap to Cyber Resilience – Five Things You Can Do Today
• The 2024 Ransomware Threat Landscape: What's Fueling the Epidemic?

  The 2024 ransomware threat landscape continues its relentless expansion, presenting an escalating epidemic that challenges conventional cybersecurity defenses. In this illuminating talk at RSAC…

• Private Web Search with Tiptoe

  In an era where personal data is increasingly valuable and vulnerable, the privacy implications of everyday online activities, particularly web search, are profound. Alexandra Henzinger's talk at…

• Dynamic Analysis of MacOS Malware Using SpriteTree
• Building a Cloud Security Flywheel: Lessons from the Field
• Navigating the AI Frontier: The Role of the CISO in GenAI Governance
• SBOMs for Evil: From Software Supply Chain Documentation to an Attack Path
• Smashing the Stack: Let’s Make It Less Fun And Unprofitable!
• How to CTF Infra - Beyond the Challenges and Flags

  This talk, "How to CTF Infra - Beyond the Challenges and Flags," delves into the often-overlooked complexities of building and operating a Capture The Flag (CTF) event, particularly in the cloud…

• The One About Controls

  In "The One About Controls," Sri (Sriram), Deputy CISO at Genpact, presents a refreshing perspective on managing cybersecurity controls, moving beyond a checkbox mentality to a dynamic…

• AI: Law, Policy, and Common Sense Suggestions to Stay Out of Trouble
• Beyond the Hype: Research on How Cybercriminals Are Really Using GenAI
• Harmonizing IT and OT Security in the Era of Convergence
• Cloud and Platform Agnostic Security Posture Management (xSPM)
• To Patch or Not to Patch OT— A Risk Management Decision

  In the critical realm of Operational Technology (OT), the decision to implement security patches is far more complex than in traditional IT environments. This talk, delivered by Omak Hayman of…

• Now You’re in Role: The Fearless CISO
• Dead Man’s PLC: Ransoming the Physical World via Operational Technology
• Don't Worry About Your Toilet...I'm Just Hacking It

  In a presentation that was as provocative as it was insightful, Ben Smerler, a security expert from Independent Security Evaluators (ISE), delivered the inaugural "toilet talk" at RSAC 2024. Titled…

• Securing and Governing Generative AI: Learnings from Microsoft
• Data Heist: How Stolen Information Becomes a Hot Commodity

  This talk, titled "Data Heist: How Stolen Information Becomes a Hot Commodity," delivered by David at RSAC 2024, delves into the intricate underworld of stolen data, exploring its intrinsic value…

• Why Source Code Exfiltration Is the Biggest Blind Spot in Insider Threat

  In this compelling talk at RSAC 2024, Joe Payne, President and CEO of Code 42, tackles a critical yet often overlooked aspect of enterprise security: **source code exfiltration** as the "biggest…

• Crush Cred Stuffing: A Method for Neutralizing Credential Stuffing Attacks

  In this insightful talk from RSAC 2024, Alex Katz, a Senior Security Researcher at ThreatX, presented a practical and battle-tested methodology for identifying and neutralizing credential stuffing…

• Outpacing the Pacing Challenge: Cyber Command's Strategic Scaling

  Lieutenant General Joe Hartman, Deputy Commander of the United States Cyber Command (US Cybercom), delivered a compelling presentation at RSAC 2024, outlining the command's strategic approach to…

• Outta Luck: Security Lessons from Crypto Forums

  In "Outta Luck: Security Lessons from Crypto Forums," Rachel S. Miller, Principal Security Architect at Protect AI, delivers a compelling and often humorous exploration of the unique and paradoxical…

• Data-Driven Cyber Indicators of Malicious Insider Threat
• A Walkthrough: AppSec Tool Selection, Procurement, and Implementation
• Teaching Software Engineers to Threat Model: We Did It, and So Can You
• Keeping Up with the Algorithms: A Journey in Artificial Intelligence
• Life after the Breach: A Survivor's Guide
• Securing AI: There Is No Try, Only Do!
• All Good Things: End of Life and End of Support in Policy and Practice
• Unveiling the Secrets of Codesys V3: ZeroDays, Forensic Artifacts and More

  This talk, presented by Ori Perez, Maayan, and Vladimir from Microsoft, delves into the intricate world of **Codesys V3**, a widely adopted Software Development Kit (SDK) for industrial control…

• Navigating M&A Security Challenges: A Deep Dive into a Case Study
• Bugs on a Plane: Implementing a Bug Bounty in an Airline IT/OT Environment
• How to Safely Deploy AI Copilots
• How the Cookie Crumbles: What OSINT Tells Us About Dark Web Cookie Sales
• Old McDonald Had a Server Farm—A I, A I, Oh!—A Mock Trial
• Progress in Standardizing Cryptography Extensions for RISC-V Processors
• Techniques to Evolve Risk Governance and Comply with SEC Cybersecurity Rule
• A New Era of Fraud: What Role Can Cyber Play?

  This talk, presented at RSAC 2024 by Rich and Jodie from Target, addresses the evolving and increasingly sophisticated landscape of **Organized Retail Crime (ORC)** and fraud. Far from the…

• Private Sector's Power Play: Shaping AI and Cybersecurity Policy
• Rethinking How to Address Juvenile Cybercrime Today to Protect Tomorrow
• Closing the Gap: Monetary Quantification of Cybersecurity for the Board
• Cybersecurity’s Next Legal and Policy Frontier: Software Liability
• Spooky Action at a Distance: Generating Waves over the Wire for Novel C2
• How to Take Cookies from the Cookie Monster: Genesis Market Takedown

  This talk, "How to Take Cookies from the Cookie Monster: Genesis Market Takedown," presented at RSAC 2024, delves into the intricate details of Genesis Market, a notorious cybercriminal marketplace…

• Catch Me if You Can: Hunting Cloud Exfiltration Using Anomaly Detection
• National Cyber Strategy, Roadmap for a Secure Cyber Future: Year in Review
• Project Power Up: Fighting Electronic Warfare to Keep Ukraine's Grid Safe
• Cloud-Enabling the Electric Grid with Consequence Driven Approaches
• FUD vs. Reality: Bracing for an AI-Powered Threat Landscape
• Techniques for Automatic Device Identification and Network Assignment

  This talk, delivered at RSAC 2024, delves into the critical challenges organizations face in managing an ever-expanding landscape of connected devices, particularly within complex network…

• Quantum Cyber Risk: How Deep and How Wide?
• Herding Certs - How to Automate Certificate Management
• RDI: A Free and Easy Framework for Ransomware Readiness Assessment
• Permissions: Centralized or Decentralized? Both!
• The Art of Threat-Informed Sharing: Real-life Use Cases from NSA

  In an era of escalating nation-state cyber threats, the National Security Agency (NSA) has undergone a significant transformation in its approach to cybersecurity, moving from traditional…

• The Canary in the Coalmine of Cybersecurity: Fraud as a Warning Sign

  In an insightful presentation at RSAC 2024, Eward Driehuis and Jacqueline Nijzink delivered a compelling argument that fraud, particularly mobile-based fraud, serves as a crucial **canary in the…

• Ransomware Resilience: Holistic Defense for SOC Leaders

  In an era defined by escalating cyber threats, ransomware continues to be a formidable challenge for organizations globally. This talk, presented by Neelima, VP Products for Cybersecurity, and…

• The Next Application Security Frontier: AI-Ready API Defense
• Avoid Being Accidentally Offensive (Guys Guide to Being An Ally)
• Detecting Website Intrusion and Account Compromise with Machine Learning

  In an era where cyber threats are increasingly sophisticated and evasive, traditional signature-based detection methods often fall short. This talk, "Detecting Website Intrusion and Account…

• Shielding the Clouds: Advanced Cyber Defense in Hybrid Environments
• Balancing Accessibility, Security and AI: Design Inclusive Security Tools
• Hackers vs. Devs - Attacking Dev Tools and Infrastructure

  In an insightful and timely talk at RSAC 2024, Ofer Maor, Co-Founder & CTO of incident response firm Mitiga, shed light on a critical shift in the threat landscape: attackers are increasingly…

• Secure Modern Data Lakes - A Primer
• Securing Cisco's Supply Chain - Cyberattacks and Intellectual Property Loss
• Data Backup and Recovery: An Unexplored Corner of Zero Trust
• EXPOSURE: The 5th Annual RSAC SOC Report
• Redefining Threat Modeling: Security Team Goes on Vacation
• Top 10 Security Products That Would Be Elevated or Eliminated by GenAI
• Bye-Bye DIY: Frictionless Security Operations with Google

  This talk, presented at RSAC 2024, addresses a critical challenge facing modern security operations centers (SOCs): the pervasive and often ineffective "do-it-yourself" (DIY) approach to security…

• The Importance of Identity-Centric Security in 2024
• Leveraging MacOS's Networking Frameworks to Heuristically Detect Malware
• Bridging Gaps in Cybersecurity for “Target-Rich, Cyber-Poor” Organizations
• The Good, the Bad, and the Bounty: 10 Years of Buying Bugs at Microsoft
• Getting Serious: Critical Disruptions/Thinking/Responses (& Rumors of War)
• Navigating Third-Party Risk in OT Environments
• The Evolving Role of Emojis in Investigations and Data Security
• Criminal Minds: World’s Most Wanted Cybercriminals Interview Insights

  This talk, "Criminal Minds: World’s Most Wanted Cybercriminals Interview Insights," presented by Samantha Van Deven, delves into the fascinating and often counterintuitive phenomenon of…

• Securing Sexuality: Rewiring the Most Intimate Connections
• They Hide, We Seek: Leveraging Global Partnerships Against Our Adversaries
• Security Challenges in Direct Threat Environments
• The Language of the Business: Applying Behavior Science for Risk Management
• Oh, the Possibilities: Balancing Innovation and Risk with Generative AI
• Global Threat Overview
• AI-equipped Threat Actors Versus AI-enhanced Cyber Tools: Who Wins?
• Bear Necessities: Ukraine's Experience Facing APTs, Building Resilience
• AI in Cyber: Is the Cyber Profession Ready for Its Impact?
• Quantum Safe Computing for Telecommunications
• Common Good Cyber
• Protecting Machine Identities: USPTO and Certificate Automation
• Voice Security - Get Up to Speed on This Attack Vector
• CloudSec Hero to Zero: Self-Obsolescing Through Prolific Efficiency
• SBOMs: Navigating the Evolving Landscape of Software Bill of Materials

  Manoj's talk at RSAC 2024, "SBOMs: Navigating the Evolving Landscape of Software Bill of Materials," delves into the transformative shift in how organizations approach software supply chain…

• AI Foundations: Mitigate Risks and Boost SOC Efficiency
• No More Secrets in Cybersecurity: Implementing ‘Radical Transparency’
• Changing from Probability to Prioritization Method in Risk Measurement

  In an era where organizations face an ever-growing deluge of security vulnerabilities, the traditional methods of risk assessment and prioritization often fall short, leading to overwhelmed teams…

• Countering Cyber Threats, Digital Fraud and Theft in the Retail Sector

  This talk, presented at RSAC 2024 by leaders from the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC), Target Corporation, and the National Retail Federation (NRF), addresses…

• Containers Everywhere: Advanced Threat Actors Heavily Leverage Them
• State of the CISO 2024: Doing More With Less
• Burnout in Cyber: The Intersection of Neuroscience, Gender, and Wellbeing
• Builders and Breakers: Partnering for Secure Elections
• What Cloud Has Taught about Securing AI in the Future
• CEO Panel: The Entrepreneur Journey to Scale
• RSAC Security Scholar Poster Pitch-Off
• Reasonable Cybersecurity: Oxymoron or Opportunity?
• The Secret Life of APIs: Latest Attack Data Shows What Your APIs Are Doing

  In an increasingly hyper-connected digital economy, Application Programming Interfaces (APIs) serve as the fundamental backbone for nearly every digital interaction, from booking travel and checking…

• Quantifying the Probability of Flaws in Open Source
• Accelerators in Cybersecurity: Seizing Opportunity in a Shifting Landscape
• Public Key Cryptography

  This talk, presented by Olivier Blazy, a Professor at Ecole Polytechnique, delves into advanced concepts within public key cryptography, specifically focusing on **predicate encryption** and its…

• The Moneyball Approach to Buying Down Risk, Not Superstars
• RSAC Launch Pad
• Ensuring Intelligence, National Security in a Rapidly Changing Technology World
• Applying Past Lessons for Intel-Driven Identity Threat Detection
• Another Digital ID: Privacy-preserving Humanitarian Aid Distribution
• Risk Profiles: Why Some Employees Attract Danger and Others Dodge It
• Tackling Deepfakes, Wars, and Other Security Threats in the GenAI World
• Anatomy of a Vulnerability Response - A View from the Inside
• Reducing Toil in Your AppSec Program
• Web Side Story: A Privacy Odyssey through Tracking and Fingerprinting
• Shifting Privacy In: How Privacy and Security Can Strengthen Each Other
• Cybersecurity Leadership: Mobilize, not Paralyze
• Inside Payback: Using Metrics to Demonstrate Insider Risk Program Value
• Decoding Gen Z: Cultivating Cybersecurity's Next Vanguard
• Lessons Learned from Developing Secure AI Workflows
• Two Steps Forward for SaaS Adoption, One Step Back for Security
• Building a Safer Future: Navigating Digital Currencies in the Modern World

  The rapid evolution of digital currencies and blockchain technology presents both unprecedented opportunities for financial innovation and significant challenges for security and law enforcement…

• The Unpatchables: Credential Stuffing Quantification and Classification
• Controlling a Data Footprint – How to Build a Data Disposition Framework
• Small Changes, Big Impact: Securing Our World Through Public Education
• Beyond Cookies: The Unseen Privacy Risks of Web Analytics
• Director's Cut: A Dummies Guide to Leading a Global Cybercrime Program
• The Human Impact of Cyberattacks: Reframing the Defender Role
• Headspace's Privacy Operations Center and Vault
• Blackjack and Breaches: History of Ransomware on the Casino Industry
• Cracking the Code: Unveiling Synergies Between Open Source Security and AI
• Everything Old Is New Again: Protecting Legacy Systems with Modern Security
• The Tie That Binds: Unique Cyber Tools in the Payments Industry
• ‘Nurturing’ AI: The Story of How an AI Copilot Was Built

  In this insightful talk from RSAC 2024, Ofir Israel, a Product Manager and Engineer at Checkpoint, shares the compelling journey of building an AI copilot for security operations and administration…

• AI at the Gates: Combating AI-Driven Assaults on the Customer Experience

  In an era where digital interactions define the customer experience, a new and sophisticated threat is emerging: AI-driven assaults. This talk, delivered by Nate Carroll, CEO, and Julie Yang, VP of…

• Secrets Management - Falling into the Pit of Success

  This talk, "Secrets Management - Falling into the Pit of Success," delivers a compelling and pragmatic examination of the pervasive challenges surrounding **secrets management** in modern software…

• Establishing and Maintaining Device Trust: A Case Study
• RTX Case Study: The Evolution of Vulnerability Discovery
• Modus OperandAI: Practical Security for Artificial Intelligence

  This talk, "Modus OperandAI: Practical Security for Artificial Intelligence," delivered at RSAC 2024, delves into the real-world challenges and proactive strategies adopted by Southern New Hampshire…

• Ending the Game of Telephone: The Future of Cyber Incident Reporting
• DevSecOps Next: Navigating the Next Era with Industry Titans
• Avoiding Common Design and Security Mistakes in Cloud AI/ML Environment
• A National Initiative for Cybersecurity Advancement
• GenAI Opportunities and Challenges: Where 370 Enterprises Are Focusing Now

  In this insightful session from RSAC 2024, David Gruber, an Industry Analyst at the Enterprise Strategy Group (ESG), presented a comprehensive overview of how 370 enterprises are navigating the…

• Phishing LLMs: Reeling in the Machine

  This talk, "Phishing LLMs: Reeling in the Machine," delves into the security landscape of Generative AI (GenAI) applications, particularly Large Language Models (LLMs). The core premise articulated…

• Deception Is on the Rise, But Is It Time to Unleash Engagement Operations?
• SEC Rules on Cybersecurity: Materiality, Preparedness and Board Oversight
• From Aspiring to Achieving: CISO Journeys Unveiled
• Lesson Learned - General Motors Road to Modern Consumer Identity
• Beyond Desktops: The Rise and Transformation of Mobile Malware
• Cyber-Informed Machine Learning: End-User Value through Explainability
• Thwarting the Adversary: Bending the Zero Trust Curve to Defense
• Lessons Learned from the Summer of Supply Chain Attacks
• Symmetric Cryptography 1

  In an era where digital services routinely handle data for millions of users, understanding the security implications of cryptographic primitives in a multi-user context is paramount. This talk by…

• Employee of the Month to Insider Malfeasance

  In his RSAC 2024 presentation, "Employee of the Month to Insider Malfeasance," Aaron Reyes, a Managing Director at Crowe specializing in digital forensics and investigations, delves into the…

• Threshold Signatures and Fault Attacks
• Signatures 1
• From Panic to Preparedness: California’s New Cyber Audit Regulations
• Bridging the Talent Gap: How Certifications, Upskilling, and AI Can Help
• How Visibility and Segmentation Can "Improve Your Sleep"
• Searching for a Cyber Unicorn: Is it Possible to Find a Perfect Candidate?
• Avoiding Legal Landmines: A Review of Recent Cyber Cases
• Art of Possible: Transforming How We Develop the Next-Gen Cyber Workforce
• Red vs. Bank: Surviving a Three Year Red Team
• Breaking the Cloud to Rebuild It: A Tale of 3 ☁️ Breaches!
• Project Upskill: Digital Security for High-Risk Communities
• Regulation on the Horizon: What You Wish Your Lawyer Had Told You About
• From Attacks to Action: An Open Community Model to Drive Defensive Choices
• Benchmarking Threat Resilience Metrics aka How Do We Compare to Our Peers?
• New Research Reveals Five New Trends for Cyber Resilience
• Prevention vs. Response - Cybersec Economics in the Modern Era

  In a compelling talk at RSAC 2024, the presenter challenged the prevailing mindset in cybersecurity, arguing for a fundamental shift from an almost exclusive focus on **prevention** to a more robust…

• Ensuring Data Defensibility in an Era of Inevitable Breaches
• Remaining Resilient in the Supply Chainpocalypse
• Experts May Decide if You Are a Hero or Will Wear Orange
• Dial-A-CISO Game: 175 Leadership Issues to Choose From
• Security Trends and the Economics of “Better”
• Getting to True Predictive Risk: Will Data Accuracy Thwart AI’s Potential?
• Security's Social Problem
• Magic Bullets Do Not Exist
• How Sworn Enemies Found a Truce (Sort of) to Achieve NIST Compliance
• From Boardrooms to Polling Places: Securing Critical Infrastructure in 2024

  In this compelling talk at RSAC 2024, Nadir Israel, CTO and co-founder of Armis, illuminated the escalating dangers confronting critical infrastructure in an increasingly volatile geopolitical…

• Certified Coach Approach: Enhancing Cyber Resilience for Water Utilities
• Join the Mission to Strengthen the Industrial Ecosystem
• Data-Driven Cyber Policy: From Dream to Reality
• Pitfall or Opportunity: GenAI Legal Case Studies Revealing Practical Advice
• From Attribution to Accountability: Upholding International Rules Online
• Coordinated Disclosure for ML: What's Different and What's the Same
• When Lightning Strikes: The Latest Cyber Law Hot Topics
• Is Visibility an Art of Possible or Impossible?

  In an era of increasingly complex and distributed IT environments, achieving comprehensive visibility into an organization's digital landscape has become a paramount, yet often elusive, goal for…

• The Cost of Innovation: Complexities of Software Regulation
• Constructions

  This talk delves into the **Ascon** cryptographic primitive, specifically focusing on its recently developed Message Authentication Code (MAC) and Pseudo-Random Function (PRF) constructions. Ascon…

• Innovate Now, Secure Later? Decisions, Decisions…

  In an era defined by rapid technological advancement, the security landscape faces unprecedented challenges, particularly with the widespread adoption of Generative AI (GenAI). This talk, "Innovate…

• Security Challenges in the World's Largest Open Finance Ecosystem

  In this compelling talk at RSAC 2024, Fábio Szecsik, a veteran in cybersecurity now leading the charge for **Open Finance** in Brazil, delved into the unique security and privacy challenges inherent…

• Navigating Challenges: Perspectives of Information Security Professionals
• Signatures 2
• Natural Disasters and Cyberattacks: Lessons from Extinction Events
• What’s In Your Burrito?

  In their engaging RSAC 2024 presentation, "What’s In Your Burrito?", Caleb and Raunak, security engineers from Chipotle, delivered a refreshing take on Kubernetes security, deliberately steering…

• Ten Legal Issues: SEC Disclosures
• The Odd One Out - Unleashing the Power of the Unpopular Opinion

  In a departure from the typical technical deep dives often found at security conferences, this RSAC 2024 talk, "The Odd One Out - Unleashing the Power of the Unpopular Opinion," offered a compelling…

• A Constitutional Quagmire: Ethical Minefields of AI, Cyber, and Privacy
• Navigating Chaos: The Consequences of Compromise in Mixed-Autonomy Freeways
• Translating National Security Excellence into Private Sector Vigilance
• Adapting First Order Security Principles to Newer Architectural Trends
• Balancing Employee Sentiment and Metrics for Successful Business Impact
• It’s an Acquired Taste
• What a Cloud Bill Can Reveal

  In an era where organizations increasingly rely on cloud infrastructure for their core operations, the security implications of these environments are paramount. Andre Maccarone, a Director at Stroz…

• Symmetric Cryptography 2

  This talk delves into the critical, yet often overlooked, multi-user security of **2-Key Triple DES (2K3DES)**. While the Data Encryption Standard (DES) is a legacy cipher, its cascaded variant…

• Leading with Integrity and Resilience: Navigating Values and Adversity
• So You Want to Open Source Your Project? Hold Your Horses!
• Living in a Material(ity) World
• Have We Hacked into Inclusivity Yet?
• Winner's Announcement — RSA Conference 2024 Innovation Sandbox

  This talk captures the highly anticipated moment of the winner's announcement for the RSA Conference 2024 Innovation Sandbox competition. Far from a traditional technical presentation, this segment…

• Aembit — RSA Conference 2024 Innovation Sandbox

  In a world increasingly driven by automated software, the challenge of securing access to sensitive data and services by non-human entities – known as workloads – has escalated to a critical point…

• Antimatter — RSA Conference 2024 Innovation Sandbox

  In an era where Generative AI (Gen AI) is rapidly reshaping enterprise IT landscapes, traditional data security paradigms are proving insufficient, leading to significant data breach risks. This…

• Bedrock Security — RSA Conference 2024 Innovation Sandbox

  In a rapidly evolving digital landscape where data oceans proliferate and regulatory icebergs loom, traditional data security mechanisms often prove inadequate. Pravna Aduri, co-founder and CEO of…

• Dropzone A.I. — RSA Conference 2024 Innovation Sandbox

  In an era where cyber threats are escalating in sophistication and volume, and the advent of Generative AI (Gen AI) has further lowered the barrier for attackers, security operations centers (SOCs)…

• Harmonic — RSA Conference 2024 Innovation Sandbox

  Alistair Patterson, co-founder and CEO of Harmonic, delivered an insightful presentation at the RSA Conference 2024 Innovation Sandbox, introducing Harmonic Maestro. The core of his talk centered on…

• Mitiga — RSA Conference 2024 Innovation Sandbox

  In an era where cloud adoption is not just prevalent but rapidly accelerating towards a projected $1 trillion market, the security operations center (SOC) faces unprecedented challenges. This talk…

• P0 Security — RSA Conference 2024 Innovation Sandbox

  In an era defined by the rapid expansion of cloud infrastructure and the proliferation of digital identities, securing access remains a paramount challenge for organizations worldwide. Shashwat…

• Rad Security — RSA Conference 2024 Innovation Sandbox

  This talk, presented by Brooke Motta, Co-founder and CEO of Rad Security, introduces a novel approach to cloud-native security: **behavioral cloud-native detection and response**. Given the rapid…

• Reality Defender — RSA Conference 2024 Innovation Sandbox

  In an era increasingly shaped by the rapid advancements of generative artificial intelligence, the line between reality and fabrication has become dangerously blurred. Ben Coleman, Co-founder and…

• VulnCheck — RSA Conference 2024 Innovation Sandbox

  In an era where cyber attackers are weaponizing vulnerabilities with unprecedented speed, Tom Bane, Chief Marketing Officer of Vulncheck, presented a compelling case for a paradigm shift in…

• RSA Conference 2024 Innovation Sandbox - 2023 Winner Interview

  This talk provides a retrospective interview with Chris Sestito, Co-founder and CEO of Hidden Layer, following their victory as the RSA Conference 2023 Innovation Sandbox winner. The discussion…

• RSAC Tech Talk - Blade Runners for AI & Critical Infrastructure by Divjot Bawa

  In this compelling RSAC 2024 talk, Divjot Bawa, a Cyber-AI Policy Fellow at CISA (Cybersecurity and Infrastructure Security Agency), posited CISA as the "Blade Runner" for the US digital ecosystem…

• RSAC Tech Talk - Open Source Security by Aeva Black

  In this compelling RSAC 2024 presentation, Aeva Black, Section Chief for Open Source Security at the Cybersecurity and Infrastructure Security Agency (**CISA**), delivered a critical address on…

• RSAC Tech Talk - Cyber Hygiene by Trevor Parks and Emily Skahill

  This talk, presented by Emily Scahill and Trevor Parks from the Cybersecurity and Infrastructure Security Agency’s (CISA) Joint Cyber Defense Collaborative (JCDC), delves into the critical need for…

• RSAC Tech Talk - Secure by Design by Lauren Zabierek

  In a pivotal address at RSAC 2024, Lauren Zabierek, a Senior Advisor within the Cybersecurity Division at CISA (Cybersecurity Infrastructure Security Agency), unveiled the agency's ambitious "Secure…

• RSAC Tech Talk - SBOM by Allan Friedman

  Allan Friedman's talk at RSAC 2024 delivered a compelling and often humorous call to action for the widespread adoption of the **Software Bill of Materials (SBOM)**. Friedman, representing CISA…