The live sessions may be over, but with every talk now available on demand, it’s the perfect time to reflect on the biggest takeaways from this year’s summit—and how they can help security teams move faster, act smarter, and take control of their attack surface.
From red teaming tactics to regulatory readiness, here are some of the standout lessons and ideas shared by speakers across the day.
1. Red Teaming Isn’t Just About Getting In—It’s About What Happens Next
In Outpacing the Adversary, Aaron Herndon, Senior Director, Sales Engineering at Rapid7 and Will Hunt, Co-Founder of In.security, reminded us that red teaming isn’t just about proving a breach is possible. It’s about helping teams understand how attackers think, where they’re likely to go, and whether detection and response controls actually work in practice.
From creative simulations to critical discussions on ethical boundaries and scope, the message was clear: red teaming is most valuable when it drives real organizational learning.
2. You Can’t Prioritize What You Can’t See
In Risk Revolution: Proactive Strategies for Exposure Management, panelists from Rapid7 and ESG made it clear that visibility remains the top challenge for most teams. Fragmented data, sprawling assets, and misaligned priorities are slowing teams down.
The solution? A unified, risk-aware approach to exposure management—one that considers cloud, identity, data, and application ri ..
Support the originator by clicking the read the rest link below.
