Date & Time:
Tuesday, April 14, 2026
08:30 - 17:00
Venue:
SECOND
849 6th Avenue
New York, NY 10001
A Different Kind of Security Event
The Infosec Anti-Summit challenges the status quo by creating a space for CISOs and security leaders to engage, collaborate, and share real-world experience.
Through a series of hands-on workshops, tabletop exercises, mock scenarios, and peer-led discussions, the Anti-Summit encourages maximum exchange of ideas in a setting built for trust, candor, and community.
This is not about watching from the sidelines, it is about being part of the conversation. It's not about people on stage talking at the audience, it's about getting people around the table talking with each other.
Identify the challenges. Understand how others are solving them. Develop a strategy to safeguard.
Welcome to the Anti-Summit.
What to Expect at the
Anti-Summit
CISO-Led Agenda
Step into the action with a collaborative TTX simulation designed to test response, resilience, and teamwork. Continue your day with hands-on sessions built around real-world challenges, led by peers who’ve been in the hot seat.
The Cyber Arcade
A live, interactive space where emerging founders, security innovators, and practitioners collide. Test-drive new ideas, swap feedback, and see what’s next without the sales pitch.
Connection Over Convention
Honest, peer-drive discussions about what’s working and what’s not in today’s security landscape. From hallway chats to post-session conversations, it’s all about the people at the InfoSec Anti-Summit.
Agenda Coming Soon!
Registration & Breakfast
08:30 - 09:30
Opening Remarks
09:30 - 09:40
Tabletop Exercise
09:40 - 10:40
Omni-Channel Threat Response: A Tabletop Exercise for Business Resilience
Organizations are global engines with many disparate systems and critical moving parts. The threat landscape is vast and the attack surface is growing in complexity. Your customers look to you, to lead in times of disruption and crisis. This exercise will challenge traditional thinking and disrupt the approach to incident and crisis management.
Workshops (Choose Your Own Adventure)
10:50 - 11:20
Anti-Roundtable
11:35 - 12:20
Workshops (Choose Your Own Adventure)
12:30 - 13:00
Workshop #1: When Boundaries Break, Securing How Applications Connect
Modern applications cross borders all day long. They talk to partners, customers, cloud services, and each other. And most of the time, no one has a clear answer to the question: “How do our apps authenticate to anything?” This workshop digs into that gap.
We’ll talk about the messy reality of service-to-service trust, what happens when secrets spread, and how to secure connections without slowing developers down. We’ll also explore what a world of strong workload identity looks like and how it changes the way teams think about risk. If you want a clearer sense of how to secure what your systems are doing behind the scenes, this is your room.
Workshop #2: SaaS Sprawl is Out of Control. Here is how CISOs are Tackling It.
Every team adopts SaaS faster than security can keep up. Access spreads, data moves in ways no one expects, and “who can see what” becomes a guessing game. This workshop gets past the buzzwords and into the real work of securing modern SaaS environments.
We’ll break down what dynamic SaaS visibility looks like, how to understand identity and data risk across dozens (or hundreds) of apps, and how to protect the business without crushing productivity. We’ll explore how to approach the problem, and then pressure-test the model together to see what holds up for fast-growing, cloud-heavy organizations.
Endpoint-Native Security: Cutting Out the Middle Hops
Most SWGs and cloud proxies weren’t built for how people work today. Backhaul, outages, slowdowns - CISOs are tired of fighting the same problems every quarter.
This session explores an alternative: running inspection and policy enforcement directly on the endpoint. We’ll dig into what this approach actually changes - performance, privacy, DLP accuracy, and day-to-day reliability - and where it has limitations.
Come ready to challenge the model, stress-test the assumptions, and see if this holds up under real scrutiny.
Lunch
13:00 - 14:00
Anti-Roundtable
14:05 - 14:50
Rethinking GRC with Actionable Data
GRC programs are often weighed down by disjointed tools and outdated workflows. Static reports and manual processes make it difficult to keep pace with today’s dynamic risk environment.
This session explores how a modern Compliance OS can bring structure and clarity to your GRC strategy. Learn how continuous monitoring, integrated applications, and real-time data can streamline audits, improve decision-making, and unlock greater value from your compliance investments.
Walk away with a clearer path to building a GRC program that works with your tech stack, not against it.
Workshops (Choose Your Own Adventure)
15:00 - 15:30
Workshops (Choose Your Own Adventure)
15:45 - 16:15
Cyber Arcade & Happy Hour
16:20 - 17:30
After-Summit Dinner
17:30 - 21:00
Time to unwind and enjoy some great company after a successful day. No more work related discussions, just good food and good people. Perfect.
Past Voices Of The Anti-Summit
Jameeka Green Aaron
Cyrus Tibbs
Tazin Khan
Terry O’Daniel
Stephen Garcia
Steve Hindle
Kasia Hanson
Rick McElroy
Yabing Wang
Aaron Katz
