Skip to content

2026 Schedule

GrrCON 2026

Schedule

Two days. Four tracks. No egos. No divas. Just a good time and good content.

Thursday

TimeInversionThe ResistanceOverLordsDrift
8:30 AMWelcome to GrrCONEggDropX & P1nkN1ghtmare
9:00 AMKeynote: GrrCON Awakening: Truth, Tactic, Talent – How Humans WinDr. Louis DeWeaver
10:00 AMThis Talk Was Written by AIDave KennedyIn 30 Min, Access the Building and Takeover the DomainPaul BrownridgeDefending in the Age of AI Agents. A SOC Playbook for the Agentic EraBrandon McGirr
Strategic SummitInvite Only10:00 AM – 4:30 PM
11:00 AMYour Security Isn’t Failing, It’s RegressingTimothy ScheidYour Incident Response Plan Is Lying to YouShaun BertrandHacking Big Iron with AI: Attacking Mainframe OSAdam Toscher
11:30 AMHacking Facial Recognition with Real-Time DeepfakesSergio MahiaBadge, Bluff & Backdoors: Hacking the Human PerimeterReid BroskoYour AI is Social Engineering YouJ Wolfgang Goerlich
12:30 PMKeynote: TBA
1:30 PMEvery Risk Acceptance Memo I’ve Signed Was a BetRobert FormerEvolving Risks and Strategies to Safely Deploy AIMatthew ClemansI Suck at Coding. Claude Senpai, Make Me Malware.Kyle Meyer
2:00 PMInside Scattered Spider: Evolving TechniquesIlkin JavadovTBABill EmmettDetection Essentials for Autonomous Security IntelligenceShane Harsch
2:30 PMVibeShell: How Trusting Your AI IDE Costs You Your MachineEtizaz MohsinPod-tential for Disaster: Hacking Kubernetes Pod to ClusterScott MillerYour AI Agent Could Be a Threat ActorLarry Suto
3:30 PMAll Keys Lost: A Car Hacking Adventuref8alTBATBAMy Bed Tried to Freeze Me at 3AM. I Rooted It.Adam Schaal
4:00 PMBypassing Protection Mechanisms in Automotive ECUsGavin OrcuttWhat Happens to Cybersecurity When the Internet Fails?Dick HaightAI-Ready Exposure Management: A Practical Guide to Operationalizing Your Security OperationsIvan Dwyer
4:30 PMVIPs and Fake IDs: Investigating PDF RevisionsKyle EatonTBATBAAI SOC Analyst: 24/7, No Complaints, Occasionally RightJason Young
5:00 PMKeynote: I Sent AI Agents to Call the Scammers BackMohammad Eshan
5:30 PMGoodByeEggDropX & P1nkN1ghtmare   

Friday

TimeInversionThe ResistanceOverLordsDrift
9:00 AMKeynote: 17 Governments Audited, Zero Exploits, Bloomberg Called Me CriminalRingmast4r (Patrick Quirk)
10:00 AMTBAJayson E StreetTBATBAWeaponizing LLMs: Abuse Patterns & Countermeasuresgeorge antoniouBoldly Going: Cybersecurity Lessons from Space ExplorationNathan Theule
11:00 AMGiving Swords to our Future AI OverlordsMatt Lee & Tom LawrenceTBATBAFor Prompt Injection, Press 1: Hacking AI Voice AgentsWillie ZhangCtrl + Alt + Lead: Rebooting Cyber Culture with Human SkillsAmanda Kollmorgan
11:30 AMPreemptive Security in a Reactive WorldBart Lenaerts-BergmansThe Agent You Forgot: How Non-Human Identities Are Bypassing Your IGA and PAM ControlsRichard Lack
NoonCompounding Interest: Compromising the ATM Supply ChainMatt BurchAmbitious Persistent Teens (APT) – True Threat to Your BusinessAnthony KraudeltTBATBAFireside Chat with GrrCON Founder, EggDropXRachel Giacobozzi
1:00 PMDealing with Shadows: Life of a Threat Actor NegotiatorMatt BarnettGo Hack Yourself: More War Stories from 250k+ PentestsRamzi HarbTBAAtlas of D00mLast Night a DJ Erased My DriveMathew Caplan
2:00 PMTalk Title to be determined by number of Feds in the RoomChris RobertsThe Amber Prison: Proxying Ghosts into the ShellThomas RichardsBreaking MCP – Attack Paths in Agentic AIDarren Meyer
GrrCON GamesHosted by @lintile2:00 PM – 4:00 PM
3:00 PMHow to Win GrrCON and the Secretive ShitterCONThe Infamous M&MHow Adopting a Risk Based Mindset Can Improve ResilienceTim ConnollyAttackers Don’t Need Shells, They Need PromptsRaz Tel-Vered
3:30 PMCatch Me If You Can: Hooking into Encrypted IoT TrafficMansoor AhmadTBATBAMy Other Inbox Is Your Inbox: M365 Copilot Email TheftAdam Logue
4:00 PMBitch Dont Kill My VibeRyan BonnerSo You Want to Be a ForensicatorCatherine UllmanLiving Between the Walls of Death & Loving Itrand0h 
5:00 PMKeynote: The History of Malware: 40 Years of Viruses & WormsEliad Kimhy
6:00 PMDay 2 Wrap Up & PrizesEggDropX & P1nkN1ghtmare