The Rapid7 Global Cybersecurity Summit 2026: the roadmap for security operations
The full program of the Rapid7 Global Cybersecurity Summit 2026 reveals how the industry is redefining security operations, with a particular focus on early decisions, clear priorities, and effective risk management. The two-day event explores the evolution of threats and practical strategies for detection, response, and risk management.
Day 1: The evolution of threats and operational responses
The first day begins with the keynote "Defense Starts Earlier Than You Think," where Brian Castagna and Craig Robinson of IDC analyze how complexity has become the main obstacle to effective security. The speech focuses on how organizations can start intervening earlier, simplifying their environments and focusing on concrete results rather than routine activities.
In "The Reality of Running a SOC in 2026," Raj Samani, Rachel Tobac of SocialProof Security, and Graham Cluley examine the beginning of attacks, from identity abuse to cloud misconfigurations. The session underscores why defenders often fall behind as attacks evolve, highlighting the need for a more proactive approach.
Simplification and vulnerability management
The panel "Customer Panel: How Clarity Beats Complexity" brings together leaders like Debby Briggs of Netscout Systems, Raheem Daya of Target RWE, and Will Lambert of Culligan International to discuss how they are simplifying their security environments. The discussion focuses on how organizations can shift from activity-based metrics to measurable results that reflect business impact.
The session "Beyond the Vulnerability List" shifts the focus to exposure management, showing how organizations are using exposure as an early signal to guide detection and response. This dynamic approach replaces the traditional static tracking of vulnerabilities, enabling a more timely and targeted response.
The importance of red teaming and MDR
In "Using Red Teaming to Power Preemptive MDR," it is explored how continuous red teaming can be used to test and improve detection and response capabilities before an incident occurs. This practice allows organizations to validate their detection coverage and refine response workflows proactively.
The day concludes with "Persistence Under Pressure," where Jason Fox, former special forces operator, shares his field experiences. Fox explores preparation, understanding the adversary, and how teams make decisions under unpredictable conditions, offering valuable insights for security professionals.
Day 2: Strategy for leaders, execution for practitioners
The second day is divided into two dedicated tracks: one for security leaders and one for practitioners. The track for leaders begins with "The CISO’s Role in Enterprise Transformation," where Craig Robinson and Horst Moll of Miltenyi Biotec discuss the evolution of the CISO role, which goes beyond technical leadership to influence the entire organization.
In "How Exposure Insights Reframe Risk and Security Decisions," leaders explore how to set priorities and align teams when exposure data is closely tied to real risk. The session "A CISO’s Guide to MDR Accountability and Outcomes" focuses on how to measure the effectiveness of MDR, shifting the focus from activity-based metrics to results that reflect business impact.
Field experiences and detection techniques
The track for practitioners begins with "Hunt or Be Hunted: Frontline Tales of Detection," which analyzes a real incident to show how analysts decide what to investigate and how to correlate signals across different environments. In "The New Rules of Detection Engineering," Steve Edwards of Rapid7 shares insights on detection-as-code and how teams prioritize signals in practice.
The session "From Cloud Exposure to Runtime Attack" by Shauli Rozen and Ben Hirschberg of ARMO explores a cloud attack scenario to show how risks escalate and how they can be interrupted early. The event concludes with "IR in Practice: Tools, Tradecraft, and Adversary-Informed Investigation," where Shanna Battaglia and Michael Cohen demonstrate how open-source tools and real workflows integrate during incident response.
A paradigm shift in security operations
The summit agenda reflects a clear trend: security operations are evolving towards earlier decisions, better prioritization, and a clearer understanding of what matters at the moment. This paradigm shift is evident in every session, from threat analysis to risk management, from detection to response.
The Rapid7 Global Cybersecurity Summit 2026 offers a unique platform to explore these transformations and discover how organizations can adapt to an ever-evolving threat landscape. The event will take place on May 12-13 and promises to be an unmissable opportunity for security professionals at all levels.
Expected results and impacts of the summit
The Rapid7 Global Cybersecurity Summit 2026 is not just about presenting theoretical concepts but aims to generate concrete results for participants. Practical sessions, such as "Hunt or Be Hunted: Frontline Tales of Detection" and "IR in Practice: Tools, Tradecraft, and Adversary-Informed Investigation," offer the opportunity to learn techniques immediately applicable in corporate SOCs. These practical workshops will enable professionals to return to their organizations with advanced tools and methodologies to improve their incident detection and response capabilities.
Another crucial aspect of the summit is the focus on measuring the effectiveness of security operations. The session "A CISO’s Guide to MDR Accountability and Outcomes" underscores the importance of shifting the focus from activity-based metrics to results that reflect business impact. This approach is essential to demonstrate the value of security operations to corporate leadership and to make informed decisions.
The importance of continuous training
The summit also emphasizes the importance of continuous training for security professionals. Sessions like "The New Rules of Detection Engineering" and "From Cloud Exposure to Runtime Attack" offer insights into emerging techniques and tools that participants can use to improve their skills. Continuous training is essential in a sector where threats evolve constantly and technologies change rapidly.
Additionally, the summit offers the opportunity to learn from industry experts and colleagues facing similar challenges. This exchange of knowledge and experiences is invaluable for professionals seeking to stay updated on the latest trends and best practices in the field of cybersecurity.
The Rapid7 Global Cybersecurity Summit 2026 represents an unmissable opportunity for security professionals at all levels to explore the latest trends and innovations in the field of cybersecurity. The summit offers a unique combination of practical sessions, strategic discussions, and technical insights covering a wide range of topics, from AI integration to security operations, risk management, and incident response.
The event will take place on May 12-13 and promises to be a valuable occasion for security professionals to network, learn new skills, and discover how organizations can adapt to an ever-evolving threat landscape. Do not miss the opportunity to participate in this fundamental event for the future of cybersecurity.
Editorial Note and Disclaimer
The guides and content published on GoYou are the result of independent research and analysis activities, for informational, educational, and in-depth purposes.
GoYou does not constitute a journalistic publication or an editorial product pursuant to Law No. 62/2001 and does not provide real-time information.
The GoYou project does not provide professional, technical, legal, or financial advice and disclaims any liability for the improper use of the information published.
In the Crypto sector, every investment involves risks: readers are invited to always inform themselves independently before making any decision.