Date & Time:
Tuesday, November 4
08:30 - 17:00

Venue:
The Box
1069-1073 Howard Street
San Francisco, CA
94103

A Different Kind of Security Event

The Infosec Anti-Summit challenges the status quo by creating a space for CISOs and security leaders to engage, collaborate, and share real-world experience.

Through a series of hands-on workshops, tabletop exercises, mock scenarios, and peer-led discussions, the Anti-Summit encourages maximum exchange of ideas in a setting built for trust, candor, and community.

This is not about watching from the sidelines, it is about being part of the conversation. It's not about people on stage talking at the audience, it's about getting people around the table talking with each other.

Identify the challenges. Understand how others are solving them. Develop a strategy to safeguard.

Welcome to the Anti-Summit.

Agenda

Registration & Breakfast

08:30-09:30

Opening Remarks

09:30-09:40

Tabletop Exercise

09:40-10:40

Omni-Channel Threat Response: A Tabletop Exercise for Business Resilience
Organizations are global engines with many disparate systems and critical moving parts. The threat landscape is vast and the attack surface is growing in complexity. Your customers look to you, to lead in times of disruption and crisis. This exercise will challenge traditional thinking and disrupt the approach to incident and crisis management.

Workshops (Choose Your Own Adventure)

10:50-11:20

Workshop #1: Turning Chaos into Clarity During Security Incidents
When incidents hit, most teams scramble. Between shifting regulations, overlapping responsibilities, and mounting pressure, even well-prepared organizations can lose control.

This session explores how to build a more agile, resilient approach to incident response. Learn how automated, tailored playbooks and real-time guidance can align stakeholders, streamline communication, and ensure compliance—before, during, and after a breach.

It’s time to move from reactive firefighting to proactive control.

Workshop #2: Killing the Questionnaire: Scaling Trust Without the Rework
For many companies, proving strong security is still a slow, manual grind. The process is repetitive, reactive, and built around outdated tools—none more notorious than the security questionnaire.

This session dives into how organizations are modernizing customer trust workflows with automation, AI, and frictionless transparency. Explore how a unified trust platform can streamline reviews, reduce sales delays, and help teams focus on building great products—not navigating compliance bottlenecks.

Modern businesses move fast. Your trust process should, too.

Anti-Roundtable

11:35 - 12:20

Rethinking GRC with Actionable Data
GRC programs are often weighed down by disjointed tools and outdated workflows. Static reports and manual processes make it difficult to keep pace with today’s dynamic risk environment.

This session explores how a modern Compliance OS can bring structure and clarity to your GRC strategy. Learn how continuous monitoring, integrated applications, and real-time data can streamline audits, improve decision-making, and unlock greater value from your compliance investments.

Walk away with a clearer path to building a GRC program that works with your tech stack, not against it.

Workshops (Choose Your Own Adventure)

12:30 - 13:00

Workshop #1: No Compromise: Cloud Security at the Speed of Dev
Security can’t wait. But neither can your developers. One misstep puts your reputation—and your business—on the line. Yet too often, security and dev teams are forced into tradeoffs: move fast or stay safe.

This session explores how leading teams are breaking that cycle. Learn how to align speed and security in the cloud—from threat detection to runtime protection—without slowing down innovation. See how a modern, unified approach helps teams move in sync, not at odds.

When the stakes are this high, “good enough” isn’t enough.

Workshop #2: Real-Time Search AI: Turning Data Into Results
Organizations generate more data than ever, but too often it sits untapped. This workshop explores how real-time Search AI can help you unlock insights, secure sensitive information, and optimize infrastructure at scale. We’ll discuss practical approaches for connected distributed data sources and building smarter applications, showing how an open, connected foundation can turn endless data possibilities into meaningful outcomes.

Lunch

13:00 - 14:00

Anti-Roundtable

14:05 - 14:50

Taming the Non-Human Identity Jungle: Securing Secrets, Systems, and AI at Scale
In this interactive session, participants will navigate four high-stakes scenarios involving non-human identities (NHIs) — from post-M&A chaos and third-party breaches to AI agent risks and compliance blind spots. Each challenge will explore the hidden dangers of unmanaged secrets, orphaned integrations, and rapidly expanding machine access. Participants will huddle to explore practical steps to discover, control, and secure NHIs, while balancing agility with security and regulatory expectations.

Workshops (Choose Your Own Adventure)

15:00 - 15:30

Workshop #1 : Seeing What We Can’t See: Visualizing Our Workforce
Your workforce — FTEs, Contractors, Consultants, and MSPs are all supporting your cybersecurity functions. Together, they define your cyber capabilities. Yet the extreme rate of change across personnel, providers, projects, technology, GRC, Privacy, and budgets constantly reshapes what this “workforce” is doing. As a result, your cyber capabilities are changing just as fast. How are you dealing with this?

Workshop #2: If Security Were a Startup, Would You Fund It?
Most CISOs talk about business alignment — but if your security program were a startup, would your CEO actually invest in it? In this workshop, Terry O’Daniel draws from his experience leading security at Netflix, Salesforce, Instacart, and Amplitude to explore how modern security leaders can operate like founders: customer-obsessed, metrics-driven, and outcome-focused. We’ll unpack what it takes to earn executive trust, build programs that deliver measurable value, and tell the story of security in a language the business understands.

Cyber Arcade

15:30 - 16:30

Step into the Cyber Arcade - a casual, come-and-go space where you can explore tools and self-test-drive the latest products that actually solve problems. Play with it. Break it. Start again. And just like any normal arcade, there will be tickets and prizes up for grabs!