AI adoption is accelerating, and so are the risks. Many organizations lack visibility into how AI is used, especially at the endpoint where prompts and agents operate. This track helps security leaders discover shadow AI, enforce policy at runtime, and stop attacks targeting AI systems across endpoints, SaaS, and cloud.

Key takeaways:

• Uncover AI usage: Identify shadow AI, understand usage, and prioritize risk
• Enforce governance: Turn AI policy into scalable, enforceable controls
• Secure at runtime: Protect AI agents with guardrails that monitor and constrain behavior
• Enable safe innovation: Move from visibility to control and response to scale AI securely

As cloud environments evolve, attackers are blending into operations and using AI to move faster than ever. This track explores modern cloud defense, with real-world insights from frontline experts. Learn how to secure applications, infrastructure, and AI workloads — and stop breaches from code to runtime.

Key takeaways:

• Learn from real attacks: Explore real-world cloud intrusions and how to stop them
• Secure end-to-end: Protect cloud environments from code to runtime
• Protect AI workloads: Secure AI applications, services, and LLMs with confidence
• Defend at scale: See how enterprises secure hybrid cloud environments
• Explore what’s next: Hear from product experts on the latest innovations and roadmap

The AI era demands a new approach to security data, and traditional SIEMs can’t keep up. This track shows how to evolve to an Agentic SOC, where AI and human insight work together to accelerate detection, streamline operations, and drive real-time outcomes.

Key takeaways:

• Keep pace with threats: Learn how adversaries are evolving and how to respond at machine speed
• Modernize SIEM: Move beyond alerts to real-time detection, correlation, and response
• Strengthen data pipelines: Unify telemetry to surface high-confidence signals and reduce noise
• Apply AI in the SOC: Accelerate analysis, decision-making, and response with AI
• Drive outcomes: Reduce risk and improve efficiency with a more adaptive SOC

AI is accelerating adversaries and exposing the limits of manual, reactive SecOps. To keep pace, defenders must turn AI into an operational advantage. This track shows how to apply AI in the SOC by automating workflows, deploying intelligent agents, and scaling response while maintaining control and oversight.

Key takeaways:

• Move to execution: Apply AI to automate tasks, build agents, and orchestrate workflows at scale
• Close critical gaps: Improve analyst performance and accelerate response with AI
• Deploy with confidence: Implement AI with the control, transparency, and oversight security teams require

Adversaries now move at machine speed, using AI and stealth techniques to evade traditional defenses. This track shows how to think like an attacker by leveraging threat intelligence and proactive hunting to detect and stop threats earlier. Learn how to operationalize insights, hunt across domains, and act before attacks escalate.

Key takeaways:

• Detect earlier: Understand adversary behavior and identify threats sooner
• Stay ahead: Defend against AI-enabled, malware-free, and identity-based attacks
• Prioritize action: Use threat intelligence and AI to focus on what matters most
• Hunt across domains: Gain visibility across endpoint, identity, cloud, and SaaS
• Think like an attacker: Strengthen defenses and accelerate response

Identity is now the fastest path to breach, yet many organizations still rely on static access models. As human, non-human, and AI identities expand, attackers exploit persistent access and move undetected. This track equips security leaders and practitioners to shift to continuous, real-time control and secure every identity type.

Key takeaways:

• Modernize identity security: Move from static access to continuous verification and dynamic enforcement
• Close response gaps: Detect and contain identity-based threats in real time
• Enforce least privilege: Eliminate standing access across human, non-human, and AI identities
• Learn from the field: See how leaders are stopping credential abuse and lateral movement
• Take action fast: Assess identity risk and implement continuous controls within existing environments

As data moves across endpoints, SaaS, cloud, and GenAI workflows, exposure risks grow with every interaction. Traditional, static approaches can’t keep up. This track helps security leaders shift to real-time, intelligence-driven data protection, gaining continuous visibility, reducing risk, and stopping data threats before they become breaches.

Key takeaways:

• Protect data everywhere: Secure sensitive data across endpoints, SaaS, cloud, and GenAI workflows
• Manage AI risk: Mitigate threats from GenAI, shadow AI, and agentic workflows without slowing innovation
• Stop insider threats: Defend against misuse of valid credentials and other modern attack paths
• Simplify and scale: Reduce tool sprawl and operationalize modern data security strategies

Technology is the baseline, but elite expertise determines the outcome. This track connects you with seasoned practitioners across incident response, red teaming, advisory, and MDR. Learn how leading organizations combine people, process, and technology to strengthen resilience, improve operations, and stay ahead of evolving threats.

Key takeaways:

• Understand the threat landscape: Learn how advanced adversaries operate and where defenses fall short
• Benchmark your program: See how leading organizations are structuring and maturing their security operations
• Learn from the front lines: Hear real-world incident response and MDR experiences
• Plan ahead: Identify emerging risks and priorities for the year ahead
• Extend your team: Explore how expert-led MDR enhances coverage, speed, and response

AI has collapsed the window between vulnerability discovery and exploitation. The challenge is no longer just identifying what’s vulnerable, it’s knowing what’s truly exploitable and acting fast. This track helps security leaders and practitioners prioritize risk, accelerate remediation, and reduce exposure before attackers can gain a foothold.

Key takeaways:

• Move faster: Understand why modern threats demand proactive exposure management
• Prioritize what matters: Identify vulnerabilities most likely to be exploited in your environment
• Focus remediation: Use threat intelligence and adversary behavior to guide action
• Reduce risk early: Apply proven strategies to mitigate exposure before compromise occurs

In the AI era, attackers move faster than ever, breaching environments in minutes and using malware-free techniques that evade traditional defenses. This track equips CISOs and SOC practitioners to defend the modern endpoint as the primary execution layer. Learn how to stop advanced, AI-enabled threats and evolve your defenses to keep pace.

Key takeaways:

• Prioritize the endpoint: Gain visibility and control across complex, cross-domain environments
• Stop modern techniques: Defend against malware-free and “living-off-the-land” attacks
• Modernize response: Shift from manual triage to AI-driven, automated detection and response

As work shifts to the browser, attackers are exploiting gaps with credential theft, session hijacking, and malware-free techniques. This session helps security leaders and practitioners modernize Zero Trust in hybrid environments, eliminating blind spots, reducing VPN/VDI reliance, and enforcing real-time, context-aware protection across any device.

Key takeaways:

• Stop threats earlier: Block browser-based attacks in real time before they reach apps or data
• Simplify access: Reduce VPN/VDI complexity while improving user experience
• Strengthen Zero Trust: Apply endpoint and user context for smarter access decisions
• Secure any user: Protect BYOD and contractor access without added risk
• Consolidate tools: Streamline operations and reduce overhead

AI is reshaping what security teams can achieve, but delivering real solutions still requires engineering. This track prepares developers, security engineers, and partners to build and scale on the CrowdStrike Falcon® platform. Through expert-led sessions and hands-on labs, explore APIs, SDKs, custom apps, AI-powered agents, and integrations, plus practical techniques and assets you can use immediately.

Key takeaways:

• Build with purpose: Apply architectural patterns, sample code, and integration techniques you can use right away
• Learn from builders: Hear directly from CrowdStrike engineers, SDK maintainers, and practitioners
• Explore AI in action: See how AI agents and assisted workflows are transforming development
• Meet every skill level: From first API call to production-ready applications
• Extend the platform: Connect tools, automate workflows, and create capabilities tailored to your environment