Name: Securing DevOps Pipelines with Real-Time Threat Intelligence
Start: 2026-03-10T08:00:00Z
End: 2026-03-10T08:00:43.000Z
Location: BrightTALK

This channel features presentations by leading experts in the field of information security. From application, computer, network and Internet security to access control management, data privacy and other hot topics, you will walk away with practical advice for your strategic and tactical information security initiatives.

Modern businesses face a critical challenge: balancing innovation with robust security practices. For years, security teams have been perceived as barriers to progress, enforcing controls that slow operations. However, the evolving threat landscape demands a shift in perspective—security must transform into a strategic enabler of growth, resilience and trust.

This session explores how security leaders can redefine their role, moving from reactive gatekeepers to proactive growth partners. Mari Galloway, CEO and Founding Board Member of Cyberjutsu, shares actionable insights from real-world transformations, including a groundbreaking initiative that resolved over one million vulnerabilities. Attendees will gain a practical framework for fostering collaboration, enhancing communication and embedding security into the fabric of organizational culture.

Join Mari Galloway to discover how intentional leadership can position security as a cornerstone of innovation and operational success.

Takeaways:

- Understand the business impact of a collaborative security culture
- Learn strategies to align security with organizational goals
- Explore real-world examples of successful security transformations
- Gain a framework for driving cultural change and building trust
- Discover leadership techniques to elevate security’s role in innovation

Driving Security Culture Evolution for Business Growth

Most threat hunting techniques focus on the technology side of keeping bad actors from the enterprise IT ecosystem. In this presentation, Carnival Corporation's Ralph Villanueva will share the often-overlooked human aspect of threat hunting -- valuable in ensuring an effective and holistic approach to mitigating cyber risk and anticipating threats before they show up in the enterprise cyber security perimeter.

In this comprehensive webinar, attendees will learn: 
- Collaboration insights for a holistic approach to threat hunting. 
- Strategies to overcome challenges to effective risk-based threat hunting and mitigation.
- Proven techniques for securing buy-in from senior management and the board for threat hunting and mitigation initiatives.

How to Enhance Threat Hunting Through Enterprise-Wide Collaboration

As enterprises rely more on web browsers as the primary interface for critical applications, attackers have turned their focus to exploiting browser extensions. In 2025 and beyond, campaigns targeting browser extensions have surged, enabling threat actors to steal tokens, hijack sessions and disrupt response actions. The stakes are high—compromised browsers can expose sensitive data, disrupt operations and undermine security measures.

Traditional detection techniques often fail to identify these sophisticated threats, leaving organizations vulnerable to evolving attack tactics. This session will explore real-world campaigns, dissect attacker methodologies and introduce advanced threat hunting strategies tailored to detect and mitigate malicious browser extensions. Learn how to build a robust detection pipeline that adapts to emerging threats and safeguards your enterprise.

Join John Bambenek, President of Bambenek Consulting, to uncover cutting-edge techniques for defending against browser-based threats.

Takeaways:

- Understand the latest trends in browser extension-based attacks
- Learn why traditional detection methods fall short against modern threats
- Discover actionable strategies for building a resilient browser detection pipeline
- Gain insights into real-world campaigns and attacker tactics
- Equip your team with tools to proactively hunt and mitigate browser-based threats

Browser Extensions Under Siege: Advanced Detection Tactics for Enterprises

Cybercriminal tactics are evolving faster than ever. Adversaries are using increasingly sophisticated techniques to outpace traditional defenses. For threat hunters, it's becoming harder than ever to understand their mindset and methodologies. Without this insight, even the most advanced tools and strategies can fall short, leaving organizations vulnerable to emerging threats.

This session explores the gaps in current threat-hunting practices and reveals how aligning with real-world adversary tactics can transform your Cyber Threat Intelligence (CTI) program. By learning from the techniques attackers use today, businesses can proactively adapt their defenses and stay ahead in the escalating battle against cybercrime.

Join Alex Holden, CISSP, Chief Information Security Officer at Hold Security, LLC, to uncover actionable strategies that will elevate your threat-hunting capabilities and fortify your organization against evolving threats.

Key Takeaways:
- Understand why adversary-focused threat hunting is critical in today’s cyber landscape.
- Identify and address common mistakes that limit detection effectiveness.
- Explore cutting-edge techniques used by advanced threat actors. 
Learn how to continuously enhance your CTI program with real-world insights

Mastering Threat Hunting: Aligning with Adversary Tactics in 2026

Despite years of investment in detection, response and post-incident analysis, breaches continue to occur at alarming rates. Why is this happening? The issue isn’t a lack of data or technology—it’s the inability to transform emerging threat signals into actionable insights that empower executives to act swiftly and decisively.

AI and machine learning are revolutionizing threat intelligence. Once focused solely on analyzing past events, these technologies now allow organizations to anticipate attackers by identifying their intent long before traditional controls detect an incident.

Join Obuks Akpede, Co-Founder of Datachayn Limited, as he explores how predictive threat intelligence is transforming security. Learn how organizations are moving beyond alerts and incidents to focus on anticipation and risk foresight.

Don’t miss this session to discover how predictive threat intelligence can serve as your enterprise’s ultimate early-warning system.

Key Takeaways
- Learn how predictive intelligence uncovers attacker intent and targeting—before alerts are even triggered.
- Understand the measurable benefits of acting on intelligence before incidents occur, including enhanced resilience and risk control.
- Explore how AI and machine learning are revolutionizing the threat intelligence landscape.
- Gain a practical roadmap for leveraging threat intelligence to inform executive decisions by aligning it with enterprise assets, operations, and risk.
- And much more...

Anticipate Attacks Before They Strike: Harness Predictive Threat Intelligence

Identity governance and administration (IGA) programs are critical for managing enterprise security and compliance, yet many organizations face persistent challenges. Operational inefficiencies, reliance on manual processes, and the growing complexity of managing diverse applications and identities often hinder success. As the digital landscape evolves, the stakes are higher than ever for enterprises to modernize their IGA strategies.

This session explores the latest research from Omdia, revealing how leading organizations are addressing these challenges. From leveraging AI agents to automating workflows, discover actionable insights that can transform your IGA program into a driver of business value. Whether you’re refining an existing initiative or planning a new one, this session will equip you with the tools and strategies to stay ahead in 2026.

Join Todd Thiemann, Principal Analyst at Omdia, to uncover what’s working, what’s not, and where the future of IGA is headed.

Takeaways:
- Strategies for integrating more applications while controlling costs.
- Insights into rationalizing workforce identity security tool portfolios.
- The role of AI agents in combating deepfakes and enhancing automation.
- Best practices for governing non-human identities (NHIs) and AI agents.
- Key trends shaping the future of enterprise IGA programs.

Elevating Enterprise IGA Programs for the Future

The rapid growth of digital identities, evolving compliance demands and advanced cyber threats have made identity governance and administration (IGA) a critical priority for modern enterprises. Without a structured governance framework, organizations risk operational inefficiencies, data breaches and reputational harm. Issues like access sprawl and privilege misuse are no longer just IT concerns—they are pressing business challenges.

This session will explore how businesses can implement effective IGA strategies to manage identities, ensure compliance and mitigate risks. Learn how to align tools, policies and processes into a cohesive framework that supports enterprise-wide governance. Discover actionable steps to build a compelling business case, standardize global implementation and achieve quick wins that drive executive buy-in.

Join Vincent Amanyi, Founder of Boleaum Inc. to gain practical insights and proven strategies for enabling IGA success at scale.

Key Takeaways:
- Build a persuasive business case to secure board-level approval for IGA initiatives.
- Define a scalable implementation model for geographically dispersed organizations.
- Benchmark and strengthen your organization’s IGA foundation.
- Discover quick-win strategies to accelerate IGA adoption and demonstrate ROI.

Mastering Identity Governance: Strategies for Enterprise Success in 2026

As digital identity solutions gain momentum, 2026 is poised to be a pivotal year with the EU digital wallet deadline and the US's state-by-state rollout of mobile driving licenses. These advancements promise greater convenience for users and enhanced protection against AI-driven fraud, including deepfake and fake document schemes. Still, enterprises face significant hurdles in adopting these technologies, risking missed opportunities to streamline onboarding and strengthen security.

The fragmented nature of digital ID schemes is a major challenge: how can businesses integrate disparate systems that vary in the data they provide? Addressing gaps -- such as one scheme offering only names and dates of birth and another including addresses -- is essential. Additionally, enterprises must ensure inclusive fallback options for users without access to digital IDs. Tackling these barriers is key for organizations looking to stay competitive in this new digital landscape.

Join Jaye Hackett, Chief Technology Officer at Vouchsafe ID, as they share insights from real-world case studies and practical strategies to overcome these challenges.

Key Takeaways:
- Understand the implications of the EU digital wallet deadline and US mobile driving license rollout.
- Learn how to bridge gaps between fragmented digital ID schemes.
- Explore strategies for creating inclusive fallback experiences for non-digital ID users.
- Gain insights from early adopters' case studies to future-proof your onboarding processes.

Overcoming Digital ID Barriers to Drive Seamless Adoption in 2026

As identity becomes the primary attack vector in cybersecurity, the rise of AI-driven adversaries is reshaping the threat landscape. From deepfake-enabled social engineering to synthetic identities, attackers are using AI to bypass authentication, steal credentials and escalate privileges. For businesses, the stakes are higher than ever: compromised identities can lead to data breaches, financial losses and reputational damage.

Traditional defenses that rely on static policies and point-in-time authentication are no longer sufficient. To combat these sophisticated threats, organizations need to adopt modern controls that prioritize continuous authentication, employ behavioural analytics and privilege minimization. This session will provide actionable insights into how AI-assisted detection and governance frameworks can bolster resilience and protect against evolving identity-based attacks.

Join Oksana Denesiuk, Senior Product Manager at Kaiser Permanente and ISSA Advisory Board Member, to explore cutting-edge strategies for securing identities in an AI-driven world.

Key Takeaways:
- Understand the latest AI-enabled identity threats, including deepfakes and synthetic identities.
- Learn how continuous authentication and behavioral analytics can mitigate risks.
- Discover practical steps to modernize access management programs.
- Explore governance frameworks for AI-assisted detection and oversight.
- Gain actionable strategies to make identity your first line of defense.

Defending Against AI-Driven Identity Threats in 2026

The year 2025 marked a pivotal moment for the Mobile Driving License (mDL) ecosystem in the U.S. With over 20 states, including California and New York, now live and 250+ airports accepting digital credentials, mDLs are no longer experimental—they are becoming a nationwide standard. This represents a transformative shift in how identity is verified, offering businesses and governments new opportunities to enhance security, reduce fraud and streamline operations.

However, scaling mDLs involves navigating complex dynamics between State Issuers, Digital Wallet Providers and Relying Parties under the ISO/IEC 18013 standards. In this session, two independent advisors to state DMVs and industry will break down the "Trust Triangle" and provide actionable insights into the technical and operational foundations enabling secure, interoperable identity verification across state lines and industries.

Join Lucy Yang, Founder and Principal of TechServes Consulting, and David Kelts, Founder and Principal of Decipher Identity, LLC, to explore the future of digital credentials and how your organization can lead in this evolving landscape.

Takeaways:
- Analyze 2025 adoption data to see how mDLs are maturing into a fraud-reducing, scalable infrastructure.
- Discover real-world examples and resources for accepting mDLs in your organization.
- Learn how to position your business as a "Relying Party" and unlock value from verification systems.

Scaling Digital Credentials: The Fast Evolving Landscape of mDL

Identity and access management is at a crossroads. Reliant on passwords and centralized directories, traditional IAM can’t meet the demands of today’s distributed infrastructures and increasingly sophisticated cyber threats. As businesses expand their digital presence, they need adaptable, privacy-preserving solutions to safeguard their assets and ensure seamless operations across ecosystems. But implementing these approaches isn’t without its challenges. 

Modern IAM offers transformative opportunities through decentralized identity models and blockchain-enabled verifiable credentials. These replace static identifiers with cryptographically signed proofs, allowing organizations to achieve tamper-proof identity verification, transparent lifecycle management and enhanced privacy. These new solutions align with zero trust principles, paving the way for trust-minimized environments that prioritize security and user control.

Join Yeghisabet Alaverdyan, Senior Researcher and Associate Professor at IIAP MESCSA RA, to share her insights on how the latest IAM strategies are redefining identity management for the modern age.

Takeaways:
- Discover why traditional IAM systems are not suited to modern infrastructures.
- Learn how decentralized identity models enhance security, privacy and user autonomy.
- Understand the role of blockchain in verifiable credentials and tamper-proof identity management.
- Explore how emerging IAM protocols align with zero trust principles. Gain actionable insights to future-proof your organization’s identity strategy.

Modern IAM: Decentralized Solutions for Evolving Threats

Organizations excel at documenting incidents but fail catastrophically at remembering them. Between audits, hard-won lessons evaporate, cultural knowledge resets to zero and enterprises find themselves vulnerable to the same predictable risks that should have been eliminated months ago.

This session reframes security culture as a living control system where organizational memory becomes your strongest defense. Discover how to transform retrospectives into measurable feedback loops, quantify learning as risk reduction and embed institutional knowledge into governance frameworks that create compounding resilience rather than cyclical vulnerability.

Join Oksana Denesiuk, Senior Product Manager at Kaiser Permanente and ISSA Advisory Board Member, to explore proven methodologies for building unbreakable organizational memory.

Key Takeaways: 
- Track how lessons learned translate into behavioral change and improved security posture. 
- Build lasting organizational memory through structured post-incident processes that strengthen defenses over time.
- Measure how well your organization learns from incidents and translate that into reduced security risks.
- Transform retrospectives into measurable feedback loops that prevent incident recurrence. 
- Embed organizational knowledge into leadership and accountability models for sustained cultural transformation.

Transform Security Culture into Measurable Organizational Memory

As organizations embrace AI systems and hybrid workforces, traditional security cultures focused only on human awareness can no longer address today’s complex risks. AI operates at machine speed, influencing decisions and actions in ways that demand a more integrated approach to managing security. Without a culture that accounts for both human and AI behaviors, organizations risk blind spots that could undermine trust, governance, and resilience.

Security culture needs to become a shared model where leadership, governance and incentives guide both human decisions and the design, training and accountability of AI systems. By viewing AI actions as part of the risk landscape and aligning human and machine behaviors with business goals, security leaders can transform culture into a measurable control and a strategic advantage in an AI-driven world.

Join Sandra Estok, CEO & Founder of Way2Protect, to uncover practical strategies for managing security behaviors, bridging human and AI risks, and effectively communicating with executives and boards.

Key Takeaways
- Understand how security culture must evolve to address both human and AI-driven behaviors.
- Learn to treat AI actions as part of the organization’s risk surface.
- Explore practical methods to measure security behaviors in hybrid work environments.
- Discover how leadership decisions shape human conduct and AI system outcomes.
- Gain techniques to communicate human and AI risks to boards in clear business terms.

Evolving Security Culture: Aligning Human and AI Risks for Business Resilience

Since technology cannot keep us completely protected, organizations must embrace a culture of cybersecurity to build true resilience. This cultural transformation is essential to safeguard against risks and ensure readiness to respond effectively when incidents occur.

This session explores how leading organizations are embedding cybersecurity into their values, attitudes, and practices. By fostering a culture of resilience, businesses can strengthen their ability to anticipate, adapt to, and recover from cyber threats. Learn why every manager has a pivotal role in shaping this culture and how to implement strategies that drive lasting change.

Join Dr. Keri Pearlson, Principal Research Scientist at MIT Sloan School of Management, to explore actionable steps for building a culture of cybersecurity that protects your organization and empowers your workforce.

Takeaways:
- Understand cyber resilience thinking and how it differs from traditional protection strategies.
- Discover key mechanisms for fostering an effective cybersecurity culture.
- Gain actionable insights for managers to enhance resilience at work and home.
- Learn from real-world examples of organizations successfully embedding cybersecurity into their culture.

Building Cyber Resilience Through Culture in 2026

Mergers and acquisitions create exponential cyber risk exposure, yet many organizations lack quantified risk frameworks to guide critical business decisions. As cyber threats evolve and regulatory scrutiny intensifies, executives need concrete data to balance growth opportunities against security investments.

Traditional risk assessments fail during rapid organizational change. This session reveals proven methodologies for translating cyber vulnerabilities into financial impact metrics that drive boardroom decisions. Learn to build communication frameworks that align security investments with business objectives while maintaining stakeholder confidence throughout complex organizational transitions.

Join Vincent Amanyi, Founder of Boleaum Inc, to explore actionable strategies for enterprise cyber risk quantification and communication.

Key Takeaways: 
- Develop risk appetite frameworks that identify, prioritize, and absorb organizational risks with minimal business disruption. 
- Master cyber risk quantification techniques that assign tangible dollar values to security threats across all business levels.
- Build structured communication models to effectively convey cyber risk criticality to diverse stakeholder groups. 
- Implement scalable cybersecurity benchmarking practices for growing organizations. 
- Create boardroom-ready risk reports that support strategic decision-making during M&A activities.

Quantify Cyber Risk Impact for Strategic M&A Growth

Breaches have become a daily reality. Dark web activities and emerging threat vectors outpace traditional defenses, creating blind spots that adversaries readily exploit. Without early warning systems, businesses remain vulnerable to sophisticated attacks that could have been prevented.

Effective Cyber Threat Intelligence (CTI) transforms raw intelligence into actionable insights that enable proactive defense strategies. This session demonstrates how to operationalize intelligence, map adversary tactics to business risks, and implement early warning systems that prevent breaches before they occur. Learn to distinguish signal from noise and convert threat intelligence into measurable risk reduction metrics that resonate with executive leadership.

Leverage Cyber Threat Intelligence for Proactive Risk Mitigation

Open-source software drives enterprise innovation, but unmanaged vulnerabilities create operational risks and regulatory exposure. As cyber threats evolve and compliance frameworks tighten, executives face mounting pressure to balance innovation speed with robust security governance.

Traditional approaches to OSS security often create friction between development teams and security requirements, leading to shadow IT practices and increased exposure. This session presents proven frameworks for integrating security into OSS workflows while maintaining developer productivity and meeting emerging regulatory demands like the EU Cyber Resilience Act.

Join Yesenia Yser, Security Engineer and Open-Source Advocate, to explore enterprise-grade strategies for OSS risk management.



Key Takeaways: 

Implement governance frameworks that protect OSS dependencies without slowing development
Create shared accountability between security, procurement, and engineering teams
Apply SLSA, SBOM, and OpenSSF standards to build enterprise-wide security trust
Balance regulatory requirements with collaborative open source community practices 
Turn OSS security management into a strategic business differentiator

Securing Open-Source Dependencies at Enterprise Scale

As DevOps continues to redefine software delivery, the rapid pace of innovation has introduced unprecedented security challenges. With attack surfaces expanding across containers, cloud environments, third-party components and repositories, cyber threats are evolving faster than ever. For organizations, the stakes are high: a single compromised dependency or malicious artifact can disrupt operations, damage reputations and erode customer trust.

This session explores how integrating real-time threat intelligence into DevOps pipelines can transform security from a bottleneck into a business enabler. By embedding threat feeds into code scanning, build pipelines and deployment gates, organizations can proactively detect and mitigate risks like malicious dependencies, compromised images and insider threats. Using AI-driven automation and correlation, businesses can accelerate incident response, enforce guardrails and operationalize security at scale—all without slowing developer velocity.

Join Jyotirmayee Pradeep Kumar, Vice President of Cloud DevOps at a leading global bank, to discover actionable strategies for securing your software supply chain and enabling threat-aware DevOps.

- Learn how to embed threat intelligence across the CI/CD lifecycle
- Discover strategies to secure the software supply chain with intelligence-driven controls
- Explore platform engineering as a security control plane
- Understand how to automate threat detection, containment and remediation in DevOps

Securing DevOps Pipelines with Real-Time Threat Intelligence

DevOps

Threat Detection

Remediation

Security

CI/CD

Threat Intelligence

Cloud

Containers

Cyber Threats

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

IT Security

Increasing expectations for good governance, effective risk management and complex demands for corporate compliance are presenting a growing challenge for organizations of all sizes. Join industry thought leaders as they provide you with practical advice on how to implement successful risk and compliance management strategies across your organization. Browse risk management resources in the form of interactive webinars and videos and ask questions of expert GRC professionals.

IT Governance, Risk and Compliance

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

Securing DevOps Pipelines with Real-Time Threat Intelligence

Presented by

About this talk

Information Security

Related topics