Tokenless

Supply chain security

State of the Art of Container Security • Adrian Mouat & Charles Humble • GOTO 2026

State of the Art of Container Security • Adrian Mouat & Charles Humble • GOTO 2026

Adrian Mouat from Chainguard discusses the evolution of container security, highlighting the flaws of traditional Linux distributions for modern container workflows. He explains how Chainguard's approach of building minimal, 'distroless' images from source using Wolfi addresses the noise from vulnerability scanners, and delves into the importance of SBOMs, attestations, and a 'defense in depth' strategy, contextualized by recent major security incidents like the XZ Utils backdoor and Shai-hulud attacks.

Security & DevEx: Can We Have Both? • Abby Bangser, Adrian Mouat & Holly Cummins • GOTO 2025

Security & DevEx: Can We Have Both? • Abby Bangser, Adrian Mouat & Holly Cummins • GOTO 2025

In this panel discussion, Holly Cummins, Abby Bangser, and Adrian Mouat explore the inherent conflict between security and developer experience. They argue that traditional security, often driven by fear and restrictive policies, can lead to 'Shadow IT' and greater insecurity. The solution proposed is a platform engineering approach, which centralizes security expertise to provide secure defaults, infrastructure guardrails, and a clear shared responsibility model, thus enabling development teams to deliver value quickly and safely without needing to become security experts themselves.

AI slop in cybersecurity, OT security fails and lessons from the Louvre heist

AI slop in cybersecurity, OT security fails and lessons from the Louvre heist

Experts discuss the significant gap in patching rates between IT and OT systems, the rise of cyberattacks with physical consequences like cargo theft, the novel threat of time-delayed logic bombs, the sensationalism surrounding AI-powered malware, and the critical need for fundamental cybersecurity hygiene.

Ex-DeepMind: How To Actually Protect Your Data From AI

Ex-DeepMind: How To Actually Protect Your Data From AI

Dr. Ilia Shumailov, former DeepMind AI Security Researcher, explains why traditional security fails for AI agents. He details the unique threat model of agents, the dangers of supply chain attacks and architectural backdoors, and proposes a system-level solution called CAML to enforce security policies by design, separating model reasoning from data execution.

AI ransomware, hiring fraud and the end of Scattered Lapsus$ Hunters

AI ransomware, hiring fraud and the end of Scattered Lapsus$ Hunters

Experts from IBM X-Force discuss the alleged retirement of the Scattered Lapsus$ Hunters cybercrime gang, the ethics and implications of AI-powered ransomware, critical software supply chain vulnerabilities exposed by the recent npm hack, growing threats to Operational Technology (OT), and the emergence of AI-driven hiring fraud.