Venue: Las Positas College, 2400 Campus Loop, Livermore, CA
Date and Time: March 13, 2026 | 8:00 AM – 5:00 PM
The Secure AI Revolution: A Practical Blueprint for Developers and Cybersecurity Auditors to Master the New AI Development Lifecycle. With its main topic, Application Security and Development in the Age of AI, this event examines the necessary shift in workforce education, re-emphasizes critical SDLC guardrails often overlooked amidst the excitement of novel AI capabilities (such as VIBE Coding), and addresses new skills and security concerns through practical, hands-on learning.
Conference Keynotes and Labs explore the transformative impact of resource-conscious AI development, including RAG and low-cost fine-tuning, on application security. Our focus is on providing hands-on training to secure every stage of the AI development lifecycle, from preventing Data Poisoning and Prompt Injection to auditing AI-assisted code against the OWASP LLM Top 10 framework.
The Nine Live Labs format is designed to maximize practical engagement, offering attendees hands-on, in-depth exploration of the platforms and solutions provided by nine of our key sponsors. Attendees will participate in three separate lab sessions and have dedicated time to interact with a full gallery of exhibitors and subject matter experts.
As we add the newly released OWASP Top Ten for Agentic AI, this planning will evolve and be refined.
- HiddenLayer | RAG Rampage: Hands-On Prompt Injection and Defense
- BigID | AI-Powered Data Discovery, Classification, and Privacy
- Black Duck | AI and Application Security (SCA/IAST)
- Intezer | Automated Code Analysis and Incident Triage
- VeriaLabs | Find Your API Exploits Before They Do – VeriaLabs
- Snyk | Developer Security, SCA, and Supply Chain Risk
- Stellar Cyber | Open XDR for AI Applications: Detection and Response
- TBD | Data Security Posture Management (DSPM)
- CoreLight | Network Forensics for AI Exfiltration and Model Theft
Two Keynote Speakers in the morning and afternoon: Neil Daswani, Ph.D. – CISO-In-Residence, Firebolt Ventures; Co-Director, Stanford Advanced Cybersecurity Certification Program, and Malcolm Harkins – Chief Security and Trust Officer, HiddenLayer
Key Learning Tracks and Content Focus
The conference is structured around two essential Keynote Plenary Sessions and three distinct hands-on learning tracks, each covering a crucial phase of the AI Development Lifecycle (AIDLC).
- Keynote Plenary Sessions (Governance & Trust): Expert-led sessions covering the foundations of security and governance for AI, establishing risk policies, and building trust in models (Neil Daswani and Malcolm Harkins).
- Track 1: Pre-Deployment Security (Labs 1, 2, 3): Focus on securing the model’s source and code integrity. This track includes hands-on defense against Prompt Injection (OWASP LLM01), preventing Training Data Poisoning and Sensitive Data Leakage (OWASP LLM03/LLM06), and auditing AI-generated code to combat Overreliance (OWASP LLM09).
- Track 2: Deployment & API Security (Labs 4, 5, 6): Focus on the application and delivery layer. Sessions cover practical API Hacking and defense against Insecure Output Handling (OWASP LLM02), addressing Supply Chain Vulnerabilities (OWASP LLM05) in third-party components, and rapid triage of suspicious code.
- Track 3: Runtime & Post-Exploitation Forensics (Labs 7, 8, 9): Focus on monitoring, response, and incident handling. This track covers controls for Excessive Agency (OWASP LLM08) using DSPM, detecting Model Denial of Service (OWASP LLM04), and leveraging network forensics to uncover Model Theft (OWASP LLM10) and exfiltration attempts.
Pricing and Registration
Register Early for the Best Value! Early Bird pricing and all Partner Discount codes expire on February 28, 2026.
How to Apply Your Discount at Checkout
Partner Chapters and Organizations: Enter the unique one-time code provided to you in the promo code section during checkout.
ISC2 East Bay Members: Use your registered member email address in the promo code section during checkout to unlock member rates. Ensure your annual chapter dues are current to qualify.
| Pass Type | Early Bird (Ends Feb 28) | Standard (Starts Mar 1) |
| Member Full Conference Pass | $100.00 | $125.00 |
| Guest Full Pass (Non-Member) | $145.00 | $175.00 |
| Networking Pass (1 PM – 5 PM) | $65.00 | $85.00 |
| Student (Full-time) | $45.00* | — |
| *Note: Student tickets go on sale February 14, 2026. |
Special Admissions & Dinner Policy
- Staff, Speakers, & Sponsors: Your tickets will be assigned to you automatically. To purchase a block of discounted tickets, please contact the Conference Chair (Robin) directly.
- Distinguished Dinner: Admission is included for Lab Leaders, Keynotes, Committee/Board Members, and Sponsors.
- Dinner for General Guests: If you do not meet the criteria above but wish to attend the dinner, you may do so by making a “Pay it Forward” donation to the Chapter Scholarship Fund. Please contact Robin for details after donating.
Event Capacity: Strictly limited to 250 attendees. We recommend registering early to secure your spot.
Continuing Professional Education (CPE) Credits
We make earning and reporting your credits simple:
- Full Conference Pass: 8 CPEs
- Networking Pass: 5 CPEs
- Speakers & Volunteers: Up to 13 CPEs
How to claim:
- Automatic Posting: For all ISC2 credential holders, we will post your CPEs directly to your account.
- Certificates: All attendees who submit the mandatory Conference Feedback Form will receive a Certificate of Completion for their records.
Conference Sessions & Schedule
8:00 AM Breakfast and Registration
Pick up your badge, ribbons, and get your name listed for your preferred labs.
Members and conference staff have the option to pick up an ISC2 East Bay Chapter Backpack and fill it with their favorite swag. Everyone is provided a gift bag and the opportunity to interact with all of our exhibiting sponsors.
Breakfast selections are an array of bagels, shmears, yogurt, fruit, coffee, juice, and snack selections.
8:50 AM Greetings from the ISC2 East Bay Chapter
Welcome, Students, Entrepreneurs, Civic, Business, and Education Leaders, Cyber Professionals, and Job Seekers. We are pleased to share a brief discussion of the ISC2 East Bay Chapter Mission, Rules for our day at Las Positas, expectations for the “In The Bag” activity, and a reminder about your mandatory feedback requirement.
Keynote Speakers
Keynote One – 9:00 AM to 9:45 AM | Neil Daswani, Ph.D. – CISO-In-Residence, Firebolt Ventures; Co-Director, Stanford Advanced Cybersecurity Certification Program
Neil Daswani, PhD, is a Co-Director of the Stanford Advanced Cybersecurity Certification Program. He is also the President of the startup advisor/investment firm Daswani Enterprises, and a former CISO and CISO-in-Residence at private equity firms. Previously, Neil was a CISO at the companies Symantec and LifeLock, and a security executive at Twitter, Salesforce, and Google. He is the author of Foundations of Security: What Every Programmer Needs to Know and co-author of Big Data Analytics: From Strategic Planning to Operationalizing. Neil holds a PhD and a Master’s in Computer Science from Stanford University.
Keynote Two – 3:15 PM to 4:00 PM | Malcolm Harkins – Chief Security and Trust Officer, HiddenLayer
Malcolm Harkins is the Chief Security and Trust Officer at HiddenLayer, where he focuses on securing AI models and data. He previously held the role of Chief Security and Trust Officer at Cylance. Prior to that, he was the VP and Chief Security and Privacy Officer (CSPO) at Intel, leading the company’s security, privacy, and trust efforts. Malcolm is a respected voice on risk-based security and governance, promoting a balanced approach to managing risk, cost, and trust. He is an award-winning leader in the field of information security.
Lab Coverage: OWASP LLM Top 10
- Track 1 (Pre-Deployment): Focuses on foundational security: Data integrity, classification, and supply chain vetting (LLM03, LLM05, LLM06).
- Track 2 (Deployment): Focuses on runtime security: Hardening the model interaction layer through validation, sanitization, and access control (LLM01, LLM02, LLM07, LLM08).
- Track 3 (Post-Exploitation): Focuses on detection and consequence management: Auditing for flaws, detecting attacks in progress, and forensic analysis (LLM04, LLM09, LLM10).
| OWASP LLM Risk | Description | Primary Coverage in Lab Track | Relevant Lab |
|---|---|---|---|
| LLM01: Prompt Injection | Manipulating the LLM via crafted inputs to cause unintended actions (Direct or Indirect). | Track 2: Deployment | Lab 1: RAG Rampage (Dedicated to crafting and defending against prompt injection) |
| LLM02: Insecure Output Handling | Accepting LLM output without scrutiny, leading to downstream exploits (XSS, RCE, etc.). | Track 2: Deployment | Lab 5: API Exploits (Focuses on sanitization and validation of all application inputs/outputs) |
| LLM03: Training Data Poisoning | Tampering with training data to introduce vulnerabilities, biases, or backdoors. | Track 1: Pre-Deployment | Lab 2: Poisoning the Well (Dedicated to auditing and preventing data poisoning) |
| LLM04: Model Denial of Service (DoS) | Attackers are causing resource-heavy operations to degrade service quality or incur high costs. | Track 3: Post-Exploitation | Lab 7: Exploit to EDR (Reviews detection of attack consequences, including resource spikes that characterize DoS) |
| LLM05: Supply Chain Vulnerabilities | Compromised components (libraries, datasets, plugins) are undermining system integrity. | Track 1: Pre-Deployment | Lab 6: Defending the Supply Chain (Addresses vulnerabilities in third-party libraries and IaC used to deploy the AI app) |
| LLM06: Sensitive Information Disclosure | LLMs are revealing confidential data in responses due to a lack of sanitization or strict policies. | Track 1: Pre-Deployment | Lab 2: Sensitive Data Leakage (Focuses on discovering and redacting sensitive data before it is used for training or RAG) |
| LLM07: Insecure Plugin Design | Plugins/extensions are processing untrusted inputs and lack sufficient access control. | Track 2: Deployment | Lab 5 (API) & Lab 8 (DSPM) (Cover the critical controls like Least Privilege and access control that restrict plugin maliciousness) |
| LLM08: Excessive Agency | Granting LLMs unchecked autonomy leads to unintended and dangerous actions. | Track 2: Deployment | Lab 8: Data Security Posture (Emphasizes Principle of Least Privilege and strictly governing LLM access permissions to data stores) |
| LLM09: Overreliance | Failing to critically assess LLM outputs leads to compromised decisions or security risks. | Track 3: Post-Exploitation | Lab 3 (Black Duck) & Lab 4 (Intezer) (Teach manual and automated auditing of AI-generated/AI-assisted code to combat overreliance) |
| LLM10: Model Theft | Unauthorized access, copying, or exfiltration of proprietary LLM models. | Track 3: Post-Exploitation | Lab 9: Network Forensics (Detecting unauthorized bulk data transfer/exfiltration and C2 traffic, which are primary indicators of model theft) |
Track 1 (Pre-Deployment): Focuses on foundational security: Data integrity, classification, and supply chain vetting (LLM03, LLM05, LLM06).
Please check back no later than January 15th for the full lab plans and lab leader bios. We are finalizing additional vendor presentations and sponsors from now till January 8th.
Session 1 – Lab one – 10:00 AM – 11:00 AM | HiddenLayer | RAG Rampage: Hands-On Prompt Injection and Defense
Details coming soon.
Session 1 – Lab two – 10:00 AM – 11:00 AM | BigID | AI-Powered Data Discovery, Classification, and Privacy
Details coming soon.
Session 1 – Lab three – 10:00 AM – 11:00 AM | Black Duck | AI and Application Security (SCA/IAST)
Details coming soon.
Track 2 (Deployment): Focuses on runtime security: Hardening the model interaction layer through validation, sanitization, and access control (LLM01, LLM02, LLM07, LLM08).
Session 2 – Lab four – 11:00 AM – 12:00 PM | Intezer | Automated Code Analysis and Incident Triage
Details coming soon.
Session 2 – Lab five – 11:00 AM – 12:00 PM | VeriaLabs | Find Your API Exploits Before They Do
Details coming soon.
Session 2 – Lab six – 11:00 AM – 12:00 PM | Snyk | Developer Security, SCA, and Supply Chain Risk
Details coming soon.
12:00 PM – 12:55 PM Lunch OPTION One
In addition to several allergy-sensitive and vegan options, our luncheon serves delicious, Premium Sandwiches made up of Mr. Pickle’s of Livermore’s tried-and-true favorites. All Sandwiches Include “The Works” Condiments: Mayonnaise, Mustard, and Garlic Sauce served on the side. Veggies: Tomato, Onion, Pickles, and Pepperoncinis are served on the sandwich (unless otherwise specified). Meals come with Chocolate Chip Cookies, fruit, and the following options.
- Tom Turkey on French Roll
- Italian on French Roll
- Big Jake on Dutch Crunch Roll
- Truly Vegan on Wheat Roll
- Big Easy on Dutch Crunch Roll
- Cali Tuna on Wheat Roll
We will also provide a choice of soda, water, coffee, or any remaining juice with each lunch.
Lunch Option Two – Food Trucks TBD
Track 3 (Post-Exploitation): Focuses on detection and consequence management: Auditing for flaws, detecting attacks in progress, and forensic analysis (LLM04, LLM09, LLM10).
Session 3 – Lab seven – 1:00 PM – 2:00 PM | Stellar Cyber | Open XDR for AI Applications: Detection and Response
Details coming soon.
Session 3 – Lab eight – 1:00 PM – 2:00 PM | TBD | Data Security Posture Management (DSPM)
Details coming soon.
Session 3 – Lab nine – 1:00 PM – 2:00 PM | Corelight
Details coming soon.
CAKE BREAK & Networking – 2:00 – 3:15 PM Vendor Exhibits and Lab follow-up
Panel Discussion
Leader: Jules Okafor
The Wrap-up – 4:30 – 5:00 PM – Vendor Raffles, Conference Feedback Forms, and Sharing What’s In The Bag – Main Presentation Hall
To receive all 8 CPEs, attendees must complete their Conference Feedback Form. Volunteers and Presenters can claim additional CPE for their preparation and planning participation.
Thank You to Our Sponsors and Distinguished Guests
For those of you who attended the Second ISC2 East Bay Distinguished Speaker and Sponsor Dinner – here’s a reminder of who you met. Our next book publication will post on March 11th, 2026.
Platinum Sponsors
- Intezer: Leverages proprietary AI and genetic analysis to automate and streamline core Security Operations Center (SOC) tasks. Its platform automatically triages and investigates security alerts, accurately identifies malicious code by comparing it to known code families, and automates initial response actions. Intezer helps security teams reduce alert fatigue, enhance threat detection accuracy, and accelerate incident response by enabling human analysts to focus their expertise on the most critical and complex threats, improving overall SOC efficiency and effectiveness.
- HiddenLayer: Provides an AI security platform and services that proactively protect machine learning models from emerging threats like prompt injection, data leakage, and model theft. Founded by experts in cybersecurity and machine learning, its platform safeguards AI applications without requiring access to raw data or algorithms and without adding unnecessary model complexity. HiddenLayer helps organizations secure their AI supply chain, enforce runtime defense, and manage security posture across their most critical AI applications.
- StellarCyber: Pioneers an Open XDR platform that unifies security operations across the entire attack surface, including networks, endpoints, cloud, and applications. Leveraging advanced AI and machine learning capabilities, their platform automatically detects sophisticated threats, significantly enhances security operations, and improves analyst efficiency by providing comprehensive, correlated visibility and accelerating incident response workflows from a single, integrated pane of glass.
- Astrix Security: Specializes in securing non-human identities and SaaS-to-SaaS connectivity, addressing a critical and often overlooked attack surface in today’s digital landscape. Their platform provides comprehensive visibility into all non-human access, enabling organizations to enforce granular, adaptive policies and proactively prevent data breaches by meticulously managing access for API keys, service accounts, and critical cloud integrations, ensuring robust security for automated processes.
Gold Sponsors
- Black Duck: Leads the evolution of application security with a next-generation platform designed to secure both the traditional software supply chain and the emerging AI-driven development lifecycle. By integrating AI-specific risk management with industry-leading Software Composition Analysis (SCA) and Interactive Application Security Testing (IAST), Black Duck provides the deep visibility and automated guardrails necessary to identify vulnerabilities in open-source components and AI-generated code alike, ensuring enterprise trust in the age of the Secure AI Revolution.
- RevolutionCyber: A boutique cybersecurity and resilience consulting firm that blends strategic advisory, cultural transformation, and technology enablement to redefine how organizations approach security. They focus on aligning security with core business outcomes, such as resilience, trust, and revenue generation, rather than treating it as a standalone technical function, offering services that enhance security culture and prepare for rapid incident response.
- CoreLight: CoreLight is the creator of Open Network Detection and Response (NDR), providing deep visibility into network traffic for advanced threat detection and accelerated incident response. Their platform extracts comprehensive network evidence (like rich logs and metadata) from raw traffic, enabling security teams to quickly hunt threats, perform forensic analysis, and gain complete situational awareness across complex, distributed environments. This dramatically reduces the time needed to detect and neutralize sophisticated attacks and model theft.
- Snyk: An enterprise-grade developer security platform that provides organizations with deep visibility and governance over their entire software supply chain. Snyk’s AI-powered orchestration engine enables security leaders to implement global risk policies while empowering development teams to remediate vulnerabilities in code, open-source dependencies, containers, and cloud infrastructure. By bridging the gap between security and engineering, Snyk provides the scalability and auditability required for large-scale digital transformations and secure AI adoption.
- These Sponsors will send materials for our use but are not in attendance for this event:
- Exiger: Provides an AI-powered supply chain and third-party risk management platform that helps organizations illuminate, analyze, and mitigate complex risks across their extended enterprise. Their solutions offer deep insights into vendor vulnerabilities, geopolitical supply chain disruptions, and financial health, enabling proactive risk management and enhanced resilience in an AI-driven world.
- Sepio: Offers a Hardware Access Control (HAC) and asset visibility platform that provides actionable visibility to continuously manage the risk of all known and shadow assets. Utilizing innovative multi-disciplinary SaaS solutions that combine practical physics, machine learning, and big data, Sepio delivers unified hardware device risk management, helping secure IT, OT, and IoT environments and providing defense against “invisible threat layers.”
- Summit 7: Specializes in DIB cybersecurity compliance, with a core focus on CMMC (Cybersecurity Maturity Model Certification) and robust Microsoft 365 security solutions. They assist defense industrial base (DIB) companies in achieving and maintaining compliance with stringent federal regulations like CMMC, DFARS, and NIST, ensuring secure operations within the Microsoft ecosystem.
Silver Sponsors
- BigID: BigID is a leading data intelligence platform that utilizes advanced AI and machine learning to comprehensively discover, classify, and manage sensitive and regulated data across diverse and hybrid environments, including cloud, on-premise, and SaaS applications. It empowers organizations to ensure stringent data privacy compliance, precisely identify and remediate security risks associated with vulnerable data exposures, and automate critical data governance processes by providing unparalleled data intelligence and control, thereby significantly enhancing overall security posture and reducing data risk.
- Happiest Minds Technologies: A global IT services company that leverages cutting-edge technologies in digital transformation, cloud, cybersecurity, analytics, and Internet of Things (IoT) to drive enterprise success. They provide end-to-end services that help businesses achieve digital excellence, optimize operational efficiency, and foster continuous innovation with a strong emphasis on human-centric solutions, delivering comprehensive and integrated technology services that align with specific business objectives and industry standards.
- Horizon3.ai: Provides NodeZero, an autonomous penetration testing platform. It continuously assesses an organization’s internal and external attack surface, automatically discovers exploitable weaknesses, and verifies vulnerabilities without human intervention. By rigorously emulating real-world attacker behaviors and techniques, NodeZero identifies critical attack pathways and provides clear, actionable remediation steps to proactively strengthen security posture and continuously validate an organization’s defenses against evolving cyber threats, supporting a continuous security validation program.
- Illumio: Provides Zero Trust Segmentation to prevent the lateral movement of breaches across complex hybrid environments, including data centers, multi-cloud infrastructures, and endpoints. It meticulously visualizes application dependencies and communication flows, micro-segments networks down to individual workloads, and enforces granular, adaptive policies to contain attacks. This approach dramatically minimizes breach impact by reducing the attack surface and significantly enhancing an organization’s overall cyber resilience and security posture.
- One Identity: Offers comprehensive identity and access management (IAM) solutions that provide a unified platform for managing identities, governing access, and securing privileged accounts across an organization’s entire digital landscape. Their solutions include Identity Governance and Administration (IGA) for managing user access lifecycles, Privileged Access Management (PAM) for securing elevated accounts, and Access Management for secure authentication. This helps organizations streamline identity lifecycle management, enforce least privilege principles, and improve compliance posture across complex IT environments.
- P0 Security: Provides a unified identity security platform that automates the lifecycle of non-human and human identities. By connecting what legacy systems can’t, P0 eliminates manual security workflows and uses agentic AI to safely automate actions, reducing the identity attack surface in days.
- Redblock’s Agentic AI (redblock.ai) automates identity and security workflows across disconnected apps — extending SailPoint and other identity systems for full coverage. It connects what Identity systems can’t, eliminates CSVs and IT tickets, and automates actions safely with policy guardrails. The result: a smaller identity attack surface in days, not months. Manual workflows become autonomous, auditable actions.
- StrongDM: Offers a unified platform for managing and auditing access to all critical infrastructure, including servers, databases, Kubernetes clusters, and internal applications. It connects users securely without the need for traditional VPNs, meticulously logs every session for comprehensive auditing and compliance, and enforces granular, least-privilege access policies in real-time. This centralizes control over all technical access, significantly enhancing security posture and streamlining compliance workflows while improving operational efficiency.
- VeriaLabs: Provides an AI-native offensive security platform designed for autonomous vulnerability discovery and exploitation. By integrating directly into Git repositories and CI/CD pipelines, VeriaLabs utilizes specialized AI agents to analyze codebases, generate real-world exploit PoCs to verify risk, and provide automated remediation. Their approach shifts offensive security left, enabling organizations to validate their security posture and secure critical vulnerabilities with high confidence and at machine speed.
Note that sponsors Astrix, Balkan, StrongDM, and One Identity are scheduled to be at the November Conference on Identity and will not be among the March Exhibitors. Some sponsors, Exiger, Sepio, The Good Data Factory, and Summit7, have not made their intention to exhibit at this event known. We will accommodate all sponsors with a 6-foot table, space for one pop-up, a student staff for the day, a dinner ticket, and two conference tickets for attendance and coverage at their exhibitor table. Gold and Platinum sponsors have priority placement and are encouraged to place an additional pop-up in the Presentation Hall. Space for the March event is finalized on January 15th.
Please become an ISC2 East Bay Sponsor by donating today.
About ISC2
ISC2 is the world’s leading member organization for cybersecurity professionals, driven by our vision of a safe and secure cyber world. Our nearly 675,000 members, candidates, and associates around the globe are a force for good, safeguarding the way we live. Our award-winning certifications – including cybersecurity’s premier certification, the CISSP® – enable professionals to demonstrate their knowledge, skills, and abilities at every stage of their careers. ISC2 strengthens the cybersecurity profession’s influence, diversity, and vitality through advocacy, expertise, and workforce empowerment, accelerating cyber safety and security in an interconnected world. Our charitable foundation, The Center for Cyber Safety and Education, helps create more access to cyber careers and educates those most vulnerable. Learn more and get involved at ISC2.org. Connect with us on X, Facebook, and LinkedIn.
