Abstract
Traditional security controls were designed for a threat landscape that no longer exists. Today’s adversaries operate with industrial-grade attack engineering, blending living-off-the-land techniques, legitimate credential abuse, API exploitation and AI-augmented reconnaissance to evade signature-based detection, bypass perimeter controls and outpace human response cycles. They chain low-risk actions into high-impact breaches, exploit trust relationships over technical vulnerabilities and weaponize enterprise complexity against itself.
This session will cover: How adversaries use legitimate tools, APIs, and admin privileges to stay invisible; Why stolen identities outperform zero-days in modern attack chains; Mapping how adversaries establish persistence, conduct reconnaissance, and trigger payloads.