In this session, the SentinelOne team will share what 18 months of real-world deployment have revealed about the Autonomous SOC maturity model: where organizations are advancing fastest, what's holding teams back, and why the biggest barrier to progress is rarely the technology. They'll walk through what AI-powered investigation and governed automated response look like in practice, and cover new ways organizations are getting started on the path.
If machine identities now outnumber your human workforce 45-to-1, your current security posture was built for a workforce that no longer exists. This session is the blueprint for closing that gap. You'll leave with: A governance framework for machine identities that MFA can't reach A model for Just-in-Time access and Kill Switch protocols A path for moving your team from operators to supervisors of agentic workflows More impact per analyst and greater control with less fatigue, this session was designed exclusively for the security leaders in this audience.
The gap between "theoretical security" and "operational reality" has never been wider. While industry headlines focus on saturated benchmarks and "state-of-the-art" claims, real-world defenders are navigating a landscape of shifting geopolitical tensions, novel attack vectors, and the messy complexity of multi-vendor environments. Join our panel of researchers and industry experts for a 45-minute deep dive into: Macro Intelligence: A geopolitical overview of current campaigns and how global shifts impact your organization’s risk profile and internal messaging. Regional Adversary Analysis: Nuanced breakdowns of the specific TTPs hitting your region. The Defensive Playbook: Practical, authoritative recommendations for hardening your environment and shifting from reactive patching to proactive, intelligence-led hunting.
In a three-week span in the spring of 2026, the security landscape shifted. Three distinct threat actors, including a North Korean state-sponsored operator launched Tier-1 supply chain attacks against widely trusted software: LiteLLM (AI infrastructure), Axios (the most downloaded JavaScript HTTP client), and CPU-Z (a trusted system utility). No perimeter was breached. The attack arrived through trusted software organizations had already approved. This is the attack vector boards need to understand: sophisticated adversaries are targeting dependencies, not defenses. Trusted software is now the weapon. The board-level question that follows is: what is our maximum probable loss if a dependency in our build pipeline is weaponized against us? Most organizations cannot answer that today.