Sept 10th and 11th, 2025
Venue#
The conference will be held at the Appian Conference Center in McLean, VA.
7950 Jones Branch Dr McLean, VA 22102
Hotels#
Recommended Hotels (Discounted for ACOD Attendees)#
Recommended hotels (Discounted for ACoD Attendees)#
| Hotel | Address | Booking Link |
|---|
| Residence Inn Tysons | 8400 Old Courthouse Road Vienna, Virginia, USA, 22182 | Click here |
| Hyatt Regency Tysons Corner Center | 7901 Tysons One Place, Tysons, Virginia 22102 | Click here |
Other Hotels#
| Hotel Name | Address | Booking Link |
|---|
| Hilton McLean Tysons Corner | 7920 Jones Branch Dr, McLean, VA 22102 (Walking distance to conference) | Click here |
| Courtyard Tysons McLean | 1960-A Chain Bridge Rd, McLean, VA 22102 | Click here |
| Extended Stay America - Tysons Corner | 8201 Old Courthouse Rd, Vienna, VA 22182. | Click here |
Event Summary#
| Start Date | End Date | Last Day to Book |
|---|
| September 10, 2025 | September 11, 2025 | August 22, 2025 |
Ops Track#
Day 1 - September 10#
| Topic | Speaker | Start | End |
|---|
| Opening | Sounil Yu | 8:45 | 9:00 |
| Keynote | Andrew Cunje | 9:00 | 9:40 |
| Transition to Tracks | | 9:40 | 9:50 |
| LLMs as a Force Multiplier: Practical Patterns for Security Teams | Dylan Williams | 9:50 | 10:15 |
| The Challenges of AI Logging | Jeremy Snyder | 10:15 | 11:00 |
| DFIR-as-Code: Scaling Incident Response Beyond Human Limits | Justin Borland | 11:00 | 11:45 |
| Lunch | | 11:45 | 12:50 |
| Ghosts In The Wild: Hunting the Unseen in the Internet Noise | Towne Besel | 12:50 | 13:15 |
| JA4+ Network Fingerprints vs. Threat Actors | John Althouse | 13:15 | 14:00 |
| Cloud Guardrails: A Practical Field Guide to Success | Adeel Khurshid | 14:00 | 14:25 |
| Break | | 14:25 | 14:40 |
| CHA vs. PTA: A Defender’s Guide to Smarter Static Analysis | Roy Gottlieb | 14:40 | 15:05 |
| FIDO2: you can too | Jason Craig | 15:05 | 15:50 |
| Stopping the Next Zero Day: Taking ROP Attacks Off the Table | Doug Britton | 15:50 | 16:35 |
| Wrap Up | | 16:35 | 16:50 |
| Happy Hour | | 16:50 | 18:50 |
Day 2 - September 11#
| Topic | Speaker | Start | End |
|---|
| Opening | John Althouse | 9:00 | 9:10 |
| Keynote | Richard Thieme | 9:10 | 9:50 |
| Transition to Tracks | | 9:50 | 10:00 |
| DPRK Threats to Defense Sector | Daniel Gordon | 10:00 | 10:25 |
| Unseen in the Stack: Mapping Hidden Dependencies for Operational Defense | Roy Gottlieb | 10:25 | 11:10 |
| Lunch Keynote | Chris Inglis | 11:10 | 11:50 |
| Lunch | | 11:50 | 12:50 |
| Threats Don’t Wait—Neither Should You! Automating Threat Response | Naman Shah | 12:50 | 13:35 |
| Where Else? Solving the CISO’s Nightmare with Nuclei at Scale | Rob “mubix” Fuller | 13:35 | 14:20 |
| Break | | 14:20 | 14:35 |
| For the Internet Points? Red Team vs Blue Team vs Threat Intel - A debate over the hard questions | Mubix (Red), Althouse (Blue), Stikk (TI), Malcomb (Moderator) | 14:35 | 16:15 |
| Wrap Up | | 16:35 | 16:50 |
Philosophy Track#
Day 1 - September 10#
| Topic | Speaker | Start | End |
|---|
| Opening | Sounil Yu | 8:45 | 9:00 |
| Keynote | Andrew Cunje | 9:00 | 9:40 |
| Transition to Tracks | | 9:40 | 9:50 |
| Mental Models for AI and Agentic AI | Sounil Yu | 9:50 | 10:30 |
| The Liberty Lenses: a cyber organizational risk assessment methodology | Amanda Draeger | 10:30 | 11:10 |
| Does DoD Level Security Work in the Real World? | Jeff Man | 11:10 | 11:50 |
| Lunch | | 11:50 | 12:50 |
| Improving Threat Detection Resilience | Augusto Barros | 12:50 | 13:35 |
| Embracing Your Villain Era. Or: How Teaching CTI Has Taught Me To Stop Worrying and Love The Bomb | April Lenhard | 13:35 | 14:20 |
| Break | | 14:20 | 14:40 |
| Turn your SOC into Minority Report | Daniel Goldenberg | 14:40 | 15:20 |
| The Long and Winding Road: Communication Frameworks for Threat Hunters and Incident Responders | Dallas Moore | 15:20 | 16:00 |
| Platform vs. Point Solution: What Are We Actually Optimizing For? | Valerie Z | 16:00 | 16:40 |
| Wrap Up | | 16:40 | 16:50 |
| Happy Hour | | 16:50 | 18:50 |
Day 2 - September 11#
| Topic | Speaker | Start | End |
|---|
| Opening | John Althouse | 9:00 | 9:10 |
| Keynote: Thinking Like a Hacker in the Age of AI | Richard Thieme | 9:10 | 9:50 |
| Transition to Tracks | | 9:50 | 10:00 |
| Non-Security Metrics for Cybersecurity Assessments: Defense Edition | JC Herz | 10:00 | 10:35 |
| Product Security Incident Response at a Fortune 500 SaaS | Garrett McNamara | 10:35 | 11:05 |
| Transition to Lunch Keynote | | 11:05 | 11:10 |
| Lunch Keynote | Chris Inglis | 11:10 | 11:50 |
| Lunch | | 11:50 | 12:50 |
| Control Efficacy - “not a thing” but it should be! | Pete Lindstrom | 12:50 | 13:35 |
| ACoD: Elevating Heroes | Chris Cooley | 13:35 | 14:20 |
| Break | | 14:20 | 14:35 |
| “Its the Economics Stupid”, How The AI Economics Will Change Cybersecurity | Chip Block | 14:35 | 15:15 |
| Diseconomies of Scale: Re-examining our assumptions about scale in the Age of AI | Sounil Yu | 15:15 | 15:55 |
| Recap of Major Themes | Sounil Yu | 15:55 | 16:35 |
| Wrap Up | | 16:35 | 16:50 |