Rob “mubix” Fuller is a cybersecurity leader and red team veteran specializing in offensive operations, vulnerability management, and enterprise cyber engineering. He has built and led high-performing security teams, created industry-recognized training programs, and helps organizations mature their defenses through practical approaches grounded in real-world adversary tradecraft.
Mike Saunders is Red Siege Information Security’s Principal Consultant. Mike has over 25 years of IT and security expertise, having worked in the ISP, banking, insurance, and agriculture businesses. Mike gained knowledge in a range of roles throughout his career, including system and network administration, development, and security architecture. Mike is a highly regarded and experienced international speaker with notable cybersecurity talks at conferences such as DerbyCon, Circle City Con, SANS Enterprise Summit, and NorthSec, in addition to having more than a decade of experience as a penetration tester. You can find Mike’s in-depth technical blogs and tool releases online and learn from his several offensive and defensive-focused SiegeCasts. He has been a member of the NCCCDC Red Team on several occasions and is the Lead Red Team Operator for Red Siege Information Security.
Artificial intelligence is rapidly transforming vehicles into highly connected, autonomous systems—but with this innovation comes new and complex security challenges. From adversarial AI attacks on perception models to vulnerabilities in vehicle-to-everything (V2X) communications, product security must evolve to keep pace with emerging threats. At the same time, regulators are beginning to establish frameworks that will define how manufacturers design, test, and secure vehicles of the future. This session will explore the intersection of AI, regulation, and product security in autonomous and connected vehicles, providing insights into current risks, evolving compliance requirements, and strategies to build security into products from the ground up.
Hemanth Tadepalli serves as the Senior Cybersecurity & Compliance Subject Matter Expert (SME) at May Mobility, a company revolutionizing transportation through advanced autonomous vehicle mobility. His career spans notable roles at prestigious organizations, including management consulting firm AlixPartners, cybersecurity leader Mandiant, tech giant Google, and Michigan-based cybersecurity startup SensCy. Hemanth’s research focuses on advancing cybersecurity in critical areas such as autonomous vehicle security, Internet of Things (IoT) security, threat intelligence, risk management, API security, and election security. He was appointed by Michigan Secretary of State Jocelyn Benson to the Advisory Task Force overseeing statewide election security and integrity. In addition to his technical contributions, Hemanth has published numerous articles on cybersecurity and emerging technologies, showcasing his thought leadership. He is a sought-after speaker, invited to present at prominent cybersecurity conferences, serve as a distinguished panelist, and share insights on technology-focused podcasts. His impactful work has earned him accolades, including the 40 Under 40 recognition from Oakland County, Michigan, and the Governor’s Service Award for his philanthropic efforts and community service in the field of cybersecurity. He was also named one of the 2025 Top 20 Voices in Automotive. Hemanth also serves on the oversight committee for the University of Michigan’s Michigan Translational Research and Commercialization (MTRAC) program, specifically for the Advanced Transportation Innovation Hub, a statewide initiative that supports translational research projects with high commercial potential, aiming to launch new technologies into the mobility and transportation sectors.
Hemanth earned his bachelor’s degree in Computer Science from Kettering University, concentrating in cybersecurity and minoring in Pre-Law, Innovation, and Entrepreneurship. He went on to earn his master’s degree in Cybersecurity and Information from the University of California, Berkeley, where he was honored as the student commencement speaker. He is currently a Ph.D. candidate at Dakota State University, specializing in cyber defense. In addition to his academic pursuits, Hemanth serves in public office for the City of Troy and sits on the Board of Directors for Kettering University. In his free time, Hemanth is a violist for the Troy Metro Symphony Orchestra
Modern GenAI research has raced ahead in scale, speed, and model size. Yet for all the progress, the algorithmic behavior of large language models remains an open question, a system that answers everything while explaining almost nothing. In this talk, we shift the spotlight from scalability to interpretability, highlighting findings from our research on “Searching for Search in LLMs,” where we examined the hidden search processes inside GPT, LLaMA, and other models. We will share our methodology for uncovering these patterns, and why understanding these internal algorithms matters not only for information science but also for information security.
From there, we move to multi-agent systems built on LLMs and explore the new vulnerabilities that emerge when models collaborate, negotiate, or reinforce one another’s errors. To address these risks, we introduce PromptShield, our secure-by-design framework that mitigates prompt injection and representation drift while simultaneously improving task performance. Attendees will leave with concrete methodologies, a reusable security framework, and printed takeaways. We will also demonstrate how PromptShield is being applied to secure GenAI pipelines in cloud security and forensics across AWS and Azure, offering a practical bridge from theory to deployment.
Dr. Dalal Alharthi is an Assistant Professor at the University of Arizona whose research bridges artificial intelligence, cloud computing, cybersecurity, and digital forensics. Drawing on extensive experience across academia and industry in the United States and abroad, she develops intelligent, secure, and explainable systems for multi-cloud environments. Her work integrates deep reinforcement learning, generative AI, and zero-trust principles to strengthen digital resilience and advance interdisciplinary innovation at the intersection of technology, policy, and society. She holds a Ph.D. in Computer Science and dual M.S. degrees in Computer Science and Public Administration.
"Come to group therapy with a red teamer who’s spent the last year breaking into AWS, Azure, and (very soon) GCP accounts the way most people check their email—quietly, repeatedly, and usually because someone trusted the wrong principal again. This talk is one part war-story confession and one part practical intervention. Through real (anonymized) engagements we’ll walk through the trust relationships that still get customers compromised. For every story you’ll get the attacker’s exact steps followed immediately by the blue-team controls that would have stopped it cold—often simple things like scoped trust policies, required IMDSv2, conditional access, or a single CloudTrail/Defender query nobody thought to enable. Leave with a grab-bag of scripts, detection rules, and a “Trust Issues Checklist” you can run against AWS, Azure, or GCP tomorrow morning. No vendor slides, no zero-days, just the boring misconfigurations that still own companies—and the equally boring fixes that actually work. Bring your own cloud trauma; sharing is encouraged."
Husband to Amanda, father to twins Bennett and Ruby, born-again Christian, drummer, and Bitcoiner. By trade he’s a penetration tester and red team operator who spends his days chaining misconfigurations and finding vulnerabilities across environments, then pouring that pain into detailed reports and remediation guidance that actually help defenders win. Dakota State University alum, Georgia native, but South Dakotan at heart, and DakotaCon regular. When he’s not hacking, you’ll find him with family and friends, swinging a hammer on some physical project, serving in the community, at church, or lost down the next research rabbit hole.
Discover how North Dakota’s Cyber Operations Center leverages custom machine learning to stop phishing attacks. This session will walk you through training and deploying your own phishing detection model in a Security Operations Center, including practical tips for tuning and optimization. We’ll also cover complementary tools and techniques for a defense-in-depth approach to email security.
I have been working for State government since 2017, starting at Bank of North Dakota, and with IT unification with North Dakota Information Technology Department, I started working there in 2021 in the Network Engineering team until 2022, when I started with NDIT's security team as a Cybersecurity Automation Engineer. I am now a Senior Cybersecurity Automation Engineer with NDIT, and I love it! Our team essentially tries to automate as much of Cybersecurity operations as possible by creating automation systems to be used by the Cybersecurity Operations Center to help get their work done faster. I have experience with programming, security, networking, and general IT. My broad experience in the field helps greatly when we work with other teams throughout the organization to integrate systems with data and functionality needed to accomplish our goals.
As modern systems transition into complex, software-defined environments, traditional security approaches often struggle with fragmented documentation and late-stage vulnerability discovery. This presentation advocates for Model-Based Systems Engineering (MBSE) as a common tool throughout the system lifecycle. By moving from static documents to dynamic digital models, organizations can integrate security as a foundational architectural requirement rather than an afterthought.
For the Blue Team, MBSE provides a powerful engine for defensive operations and compliance automation. By maintaining a ""Single Source of Truth"" within the system model, defenders can perform proactive threat modeling to identify attack surfaces before deployment. MBSE enables the direct mapping of security controls to specific architectural elements, facilitating automated verification and validation against rigorous standards like NIST SP 800-53 or the DoD Risk Management Framework (RMF). This traceability significantly simplifies compliance auditing by providing a clear, model-based record of security decisions, change history, and evidence for Authorization-to-Operate (ATO) submissions.
For the Red Team, MBSE serves as a strategic roadmap for offensive cyber operations and adversary emulation. Rather than relying solely on episodic testing, Red Teams can use high-fidelity system models or build system models to systematically identify mission-critical weaknesses and vulnerabilities. By introducing an ""attacker"" element into the MBSE environment, operators can model sophisticated attack vectors, such as spoofing or denial-of-service, to see how they propagate through interconnected subsystems. This approach allows for the discovery of complex vulnerabilities at the data-link or functional layers that traditional scanners might miss, providing actionable intelligence to refine the system’s overall cyber survivability.
As a doctoral candidate in the Doctor of Philosophy in Cyber Defense at The Beacom College of Computer and Cyber Sciences at Dakota State University, Mr. Bonar focuses his research on the intersection of Digital Engineering, Information Assurance Architecture, and IT Service Management within the Defense Industrial Base. His scholarship is conducted on a technical track closely aligned with his applied engineering practice, bridging academic rigor with operational security requirements in classified and program-sensitive environments. Mr. Bonar holds seven degrees and certifications from Dakota State University, including a Master of Science in Cyber Defense, Bachelor of Science in Cyber Operations (Summa Cum Laude), Associate of Science in Network and Security Administration (Highest Honors), Graduate Certificate in Bank Security, and three undergraduate certificates. His industry certifications include (ISC)² CISSP, CompTIA Security+, VMware Certified Professional – Data Center Virtualization 2023, and VMware Certified Technical Associate – Network Virtualization 2023. With over 25 years of Information Technology experience, Mr. Bonar has dedicated the past 15 years to Information Assurance Technical roles within the Defense Industrial Base at Collins Aerospace, part of RTX. In his current role as Lead Solutions Engineer for Digital Technology, Program Work Environments, he architects and delivers enterprise-level solutions across classified and special category computing environments. Mr. Bonar additionally serves as Infrastructure Discipline Chief, and appointed Information System Security Engineer for multiple programs. Mr. Bonar is a recognized NSA Commercial Solutions for Classified (CSfC) Trusted Integrator. Mr. Bonar's current research examines Digital Engineering methodologies applied to Information Assurance and IT Service Management frameworks, with particular emphasis on Risk Management Framework (RMF)-based information systems, Secure Networking, and Cross Domain Solutions. His work explores how model-based and data-driven engineering practices can strengthen governance, accelerate accreditation cycles, and improve service continuity within the Defense Industrial Base, contributing to an emerging body of knowledge at the intersection of systems engineering, Information Technology Service Management, and Information Assurance.
Dakota Conquest is a purple team cybersecurity competition where every team is simultaneously a defender and an attacker, and has their own mock city. In this talk, the creators of DakotaConquest walk through three years of building, breaking, and rebuilding a unique cybersecurity competition. From the design philosophy that drives the competition's rules and scoring, to the engineering headaches, unexpected bloopers, and moments of pure chaos that come with running live physical infrastructure at a conference. Whether you are a competitor, an educator, or just someone who likes to tinker, this talk is your invitation to go make something fun and share it.
Tristan is a passionate security researcher and lifelong learner. As recent grad from Dakota State University, he is delighted to get a chance to visit while also giving back through the volunteer effort of hosting cyber competitions. While still early in his career, he has found great joy in vulnerability research and loves the puzzle of hunting down bugs in code and the game of building exploits. He hopes at some point to return to school for his PhD. and pursue a role as a professor of Cyber Security and/or Computer Science.
Dakota Conquest is a purple team cybersecurity competition where every team is simultaneously a defender and an attacker, and has their own mock city. In this talk, the creators of DakotaConquest walk through three years of building, breaking, and rebuilding a unique cybersecurity competition. From the design philosophy that drives the competition's rules and scoring, to the engineering headaches, unexpected bloopers, and moments of pure chaos that come with running live physical infrastructure at a conference. Whether you are a competitor, an educator, or just someone who likes to tinker, this talk is your invitation to go make something fun and share it.
Gaelin is a cybersecurity nerd from the mountains of Colorado, holding a Master's in Cyber Defense from DSU (2023). He is currently working as a vulnerability researcher, and spends his free time bulding things, breaking things, and scanning the internet for fun. He has been a member of the season III, IV, and V US Cyber Team. When he is not in cyberspace, you can find him bouldering or taking a hike.
As off-the-shelf AI capabilities increase, entry-level jobs are being dissolved, stripped for parts, and redefined across many industries. The traditional first career step of “junior whatever” is now in jeopardy.
The technology sector has cut over 500,000 jobs since 2022 and that’s just the beginning of a complete paradigm shift. Regardless of if you want to be an army of one, assemble a small indie team, or join an established megacorp, everyone needs to eventually make money with their craft.
This talk will discuss what has so rapidly changed and how things currently look from inside the industry. Contrary to popular belief, we’re likely at the beginning, not the end, of a golden age of software creation.
Buckle up!
Michael is a South Dakota native and DSU alum with over 20 years of telecom engineering experience.
After completing his studies in Germany in 2005, he has remained overseas, working on everything from proof-of-concept projects to finished products for Volkswagen, Siemens, Ubiquiti Networks, Range Networks and most recently AMN.
He is currently responsible for shipping the 2G/3G/4G radio node firmware running on ultra-rural cell towers in Sub-Saharan Africa. This network of about 3000 towers carries 11,000,000 voice minutes and 26 TB of data per day for more than 8,000,000 previously unconnected people. And like most telecom people, he hates phone calls.
As off-the-shelf AI capabilities increase, entry-level jobs are being dissolved, stripped for parts, and redefined across many industries. The traditional first career step of “junior whatever” is now in jeopardy.
The technology sector has cut over 500,000 jobs since 2022 and that’s just the beginning of a complete paradigm shift. Regardless of if you want to be an army of one, assemble a small indie team, or join an established megacorp, everyone needs to eventually make money with their craft.
This talk will discuss what has so rapidly changed and how things currently look from inside the industry. Contrary to popular belief, we’re likely at the beginning, not the end, of a golden age of software creation.
Buckle up!
Sebastian is a German entrepreneur and computer scientist with over 15 years of experience building and scaling companies, spanning telecommunications, augmented reality, human identification, AI, and even organic vegetable farming.
For the past decade, he has been based on the Atlantic coast of northern Spain, where he is co-founder and CMO of Panacea Cooperative Research. He leads the commercial operations for AI-based law enforcement and Disaster-Victim-Identification products, collaborating with institutions around the world. He also claims to have perfected the art of surviving long-haul flights to destinations most people wouldn’t consider for a holiday.
Every incident for every organization starts the same way: a critical asset is either broken or missing, and the clock is already running. This session walks through real, anonymized incidents from small and mid-sized businesses across South Dakota over the past 18 months, covering ransomware, business email compromise, and the chaos that follows. You will see what went wrong, what responders found when they got on scene, and the decisions that shaped each outcome. Walk away with practical lessons on what could have prevented these incidents and how to respond effectively when prevention fails.
Jordan Arndt is a proud alum who is a Cyber Security engineer-turned business owner out of Sioux Falls, South Dakota. He and his company, Cerulean Cyber Consulting, provides comprehensive Incident Response services to those businesses that have been affected by malicious cyber events.