UniCon 2025
Join us for a day of exclusive keynotes and sessions!
Sponsored by:
Picnic

Opening Keynote

Ron Gula,

GjnrS6_f_400x400

Acclaimed Speaker Lineup

Ron Gula
Ron Gula
President & Co-founder, Gula Tech Adventures
Bryson Bort
Bryson Bort
Founder & CEO, SCYTHE
Sounil Yu
Sounil Yu
CTO, Knostic
Jackson Wells
Jackson Wells
Breach & Attack Simulation Lead, Toyota
Ian Anderson
Ian Anderson
Director of Enterprise Security, OG&E
Trey Bilbrey
Trey Bilbrey
Lead Adversary Emulation Engineer, SCYTHE
UniCon 2025 (Instagram Post) (2)
Danny Akacki,
Client Security Strategy Director, Coalfire
9
Phil Gardner,
Founder & CEO, IANS
10
Olivia Rose,
CISO & Founder, Rose CISO Group
11
Richard Seewald,
Founder & Managing Partner at Evolution Equity Partners
TriciaSchulz
Tricia Schulz,
Section Head, Resilient Cyber Physical Systems, Oak Ridge National Labs

UniCon '25 Lineup 

 SPEAKER  COMPANY  TALK

 TIMES (ET)

TBC SCYTHE

MORNING SESSION: Event Kickoff & Welcome

Focus: Introduction to UniCon 2025

 10: 00 AM - 10:10 AM
Ron Gula

Keynote: Strategic Insights on Evolving Cyber Threats and Defensive Postures

 10: 10 AM - 11:00 AM
Sounil Yu

CTO at Knostic

IANS Faculty

Debunking AI: The Real vs Hyped Impact on Security

Focus: AI/LLM's evolving role in cybersecurity - where it helps and where it falls short.

 11:05 AM - 11:45 AM
Jackson Wells
Breach and Attack Simulation Lead at Toyota

Building an Autonomous BAS Program

Focus: How security teams can merge automation with breach and attack simulation (BAS) for stronger defenses.

 11:50 AM - 12:40 PM
BREAK  12:40 - 12:50 PM 
Ian Anderson Director of Enterprise Security at OG&E

Cyber Resilience Readiness: Lessons from the Field

Focus: Red vs Blue hybrid exercises, bridging simulations and tabletop drills for better cyber readiness.

12:50 PM - 1.30 PM
Bryson Bort   Founder & CEO of SCYTHE

Building Effective CTEM Programs

Focus: Continuous Threat Exposure Management (CTEM) and how to measure and close security gaps

1:35 PM - 2:15 PM
BREAK 2:15 PM - 2.30 PM
DEMO By Picnic
Tricia Schulz Section Head, Resilient Cyber Physical Systems at Oak Ridge National Laboratory

Securing Critical Infrastructure: Why Technology Isn’t Enough

Focus: Practical experience and lessons learned from building the Southeast Region Cybersecurity Collaboration Center

 2:30 PM - 3.10 PM

Panel:

Moderator: Jim Webster
Panelists:

  • Phil Gardner, Founder & CEO of
  • Olivia Rose, CISO and Founder of
  • Richard Seewald, Founder and Managing Partner at
 

Leadership in Cybersecurity: A CISO Roundtable

Focus: Insights from top CISOs on leadership, risk management, and navigating today's cyber challenges

3:15 PM - 3:55 PM 
Danny Akacki Client Security Strategy Director at Coalfire  Closing Session: Cybersecurity Game Show
A fun interactive cybersecurity challenge to wrap up UniCon 2025!
 4:00 PM - 4:30 PM
Event Ends  4:30 PM

 

UniCon FAQ

unicorn outline

 

What is UniCon?
UniCon is a free, virtual, purple teaming conference. This year’s theme is Adversary-Informed Defense: Evolving Threats, Evolving Strategies.
When did UniCon start?
Drumroll, please! This year marks our 6th annual UniCon conference! Shoutout to the thought leaders & community volunteers who make it possible!

By the end of this workshop, attendees will:

 

Unicorn Trio with blur - large

 

  • Learn the basics and use Command and Control (C2)

  • Consume Cyber Threat Intelligence from a known adversary

  • Extract adversary behaviors/TTPs and map to MITRE ATT&CK

  • Play the Red Team by creating and executing adversary emulation plans

  • Emulate the adversary behaviors in a small environment consisting of a domain controller, member server, and a Linux system

  • Play the role of the Blue Team and look for Indicators of Compromise and Behaviors

  • Use Wireshark to identify heartbeat and jitter

  • Enable Sysmon configurations to detect adversary behavior

  • Have FUN!

GENERAL AGENDA

 (90 minutes total)
5 minutes of kickoff / introduction
10 minutes of lecture / background information
50 minutes of lab time
10 minutes of SCYTHE familiarization / set up test
40 minutes of Test / Detection Engineering / Re-run to validate
10 minutes of executive briefing / reporting / metrics
15 minutes of Q&A