The Impact of AI on Security

Session 1

Security Is Not Where You Think It Is

Nidhi Aggarwal, Chief Product Officer, HackerOne

A direct opening on what has actually changed in security over the last six months. Submission volumes are surging, engineering teams are tuning out the queue, and time-to-exploit is collapsing. Discovery is no longer the constraint — exposure time is.

Session 2

Has AI Broken the Security Model?

Omar Santos, CoSAI Board Co-Chair, Cisco

AI agents now act, decide, and spawn further agents at machine speed across identity boundaries built for humans. This keynote covers what every security leader should plan for: agentic identity, MCP security, AI-generated code risk, and where the human-paced security model is breaking down.

Session 3

The Exposure Debt: Your Backlog is Your Quantifiable Risk

Alex Rice, Co-Founder and CTO, HackerOne

HackerOne platform data reveals where enterprise programs are structurally breaking: submission growth, signal degradation, and backlog dynamics. Alex Rice shows what the queue has become as an exposure surface, and what programs holding the line are doing differently.

Session 4

The Researcher's AI Stack and Tradecraft

Michiel Prins, Co-Founder, HackerOne  ·  Tom Anthony and Douglas Day, HackerOne Researchers

Top researchers share how they're actually using frontier AI models in their offensive toolkit today — what works, what's hype, and where adversarial intuition still matters most. A practical answer to whether AI can really break into your company.

Session 5

Defending AI Workloads at Cloud Scale

CJ Sturgess, AWS

A fireside conversation on what defending AI workloads at cloud scale actually requires — patterns AWS sees across customer environments, and how shared responsibility shifts when the workload itself is non-deterministic. Part of the HackerOne and AWS strategic alliance.

Session 6

The AI Security Gap: From Coverage to Confidence

Austin Schlessinger, HackerOne

89% of organizations reported an AI-related attack or vulnerability in the past year. This session explores the AI Security Gap and how security leaders can improve visibility, expand coverage across the AI lifecycle, and prioritize exploitable risk.

Session 7

What Changed, What Held: A Security Leader's Year in AI

Alex 'Jay' Balan, CISO, Super Technologies  ·  Connie Lewis, HackerOne (Moderator)

A candid fireside with Jay Balan, CISO from Super on operationalizing AI inside a real security program — what's on the priority list, what's paused, how they rebuilt engineering trust, and how they make budget decisions in a program changing faster than annual planning allows.

Session 8

Closing the Loop: Verified Findings, Confirmed Resolutions

Josh Linder, Team Lead Partner Engineering, Armis

Discovery is no longer the constraint — remediation is. This session addresses the three failure modes causing most exposure: ownership routing errors, context loss between security and engineering, and verification gaps that close tickets without confirming the fix actually holds.

Session 9  ·  Closing

What Today Demands of Tomorrow's Security

Kara Sprague, CEO, HackerOne

Vulnerability exploitation has overtaken phishing as the leading initial access method. Kara Sprague closes the summit by naming the three decisions that separate the programs getting ahead from those that will spend the next 12 months reacting.

Kara Sprague

CEO, HackerOne

Nidhi Aggarwal

Chief Product Officer, HackerOne

Alex Rice

Co-Founder and CTO, HackerOne

Michiel Prins

Co-Founder, HackerOne

Austin Schlessinger

Senior Solutions Engineer, HackerOne

Connie Lewis

Director, Customer Success Management, HackerOne

Josh Linder

Team Lead, Partner Engineering, Armis

Omar Santos

CoSAI Board Co-Chair, Cisco

CJ Sturgess

Partner Solutions Architect, AWS

Alex 'Jay' Balan

CISO, Super Technologies

Tom Anthony

Security Researcher, HackerOne

Douglas Day

Security Researcher, HackerOne