Daniel Schell - How Attackers Play the Endpoint - and How to Break the Game

What if you looked at your endpoint the way an attacker does—not as a system to defend, but as a game to win? This talk reframes modern endpoint compromise as a series of repeatable strategies drawn from a well-understood playbook. Despite the apparent complexity of malware, ransomware, and post-exploitation frameworks, most attacks rely on a small set of foundational techniques: gaining code execution, evading controls through in-memory and "living off the land" methods, and chaining these primitives to achieve persistence and impact. Through a structured breakdown of these core "moves," this session deconstructs real-world attack patterns and shows how attackers consistently succeed—now increasingly accelerated by AI-assisted tooling. By understanding the strategy guide attackers implicitly follow, defenders can stop reacting to individual threats and instead target the underlying mechanics that make compromise possible. The session provides concrete defensive approaches, including deny-by-default and application control strategies, that materially limit attacker options at the endpoint. The goal is simple: if you understand the rules of the game, you can start to change them.

Join Today
Rahul Samant - The New Face of the Email Attack: When Everything Looks Legitimate
▶︎

Rahul Samant - The New Face of the Email Attack: When Everything Looks Legitimate

Emile Bakarat - Make Your Business a Hard Target for Cybercriminals
▶︎

Emile Bakarat - Make Your Business a Hard Target for Cybercriminals

Fortinet's Vulnerability Exposed Every Small Business That Skipped Defense in Depth
▶︎

Fortinet's Vulnerability Exposed Every Small Business That Skipped Defense in Depth

Chris Horsley, Prescott Pym - Levelling up your CTI program with the CTI-CMM
▶︎

Chris Horsley, Prescott Pym - Levelling up your CTI program with the CTI-CMM

Attacking AI - Jason Haddix - NDC Security 2026
▶︎

Attacking AI - Jason Haddix - NDC Security 2026

Matthew Pokarier - Incident Response: What Security Teams Need to Know (legal one)
▶︎

Matthew Pokarier - Incident Response: What Security Teams Need to Know (legal one)

Why Aliens Would NEVER Invade Africa
▶︎

Why Aliens Would NEVER Invade Africa

AnduinOS JUST REPLACED Windows With Linux — And It Was Built Inside Microsoft!
▶︎

AnduinOS JUST REPLACED Windows With Linux — And It Was Built Inside Microsoft!

Brett Williams - When Attackers Use AI: How Defenders Can Respond
▶︎

Brett Williams - When Attackers Use AI: How Defenders Can Respond

Jess Dodson - "GAME OVER! Start again?" Getting Security Right From the Start
▶︎

Jess Dodson - "GAME OVER! Start again?" Getting Security Right From the Start

Game On! The AUSCERT Challenge
▶︎

Game On! The AUSCERT Challenge

Passkeys Explained: Are They Actually Better Than Passwords?
▶︎

Passkeys Explained: Are They Actually Better Than Passwords?

Zero-Click Attacks: AI Agents and the Next Cybersecurity Challenge
▶︎

Zero-Click Attacks: AI Agents and the Next Cybersecurity Challenge

Scammers PANIC After I Tell Them Their REAL Names
▶︎

Scammers PANIC After I Tell Them Their REAL Names

Nick Clark - The 16 Minute Breach: Why Human-Led Defense Fails Against Agentic AI
▶︎

Nick Clark - The 16 Minute Breach: Why Human-Led Defense Fails Against Agentic AI

How to Track the People Tracking YOU
▶︎

How to Track the People Tracking YOU

I Stole a Car Using a Baby Monitor
▶︎

I Stole a Car Using a Baby Monitor

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026
▶︎

Keynote: After the AI Hype – What’s Real, and What’s Next - Richard Campbell - 2026

MIT Just Revealed the AI Bubble's Fatal Flaw
▶︎

MIT Just Revealed the AI Bubble's Fatal Flaw

Somindu Abeydeera - Cognitive Warfare: When Defenders Stop Updating Their Mental Model
▶︎

Somindu Abeydeera - Cognitive Warfare: When Defenders Stop Updating Their Mental Model