Blue Team Con Announces Full 2026 Agenda Featuring Cybersecurity Training and Expert Talks

Blue Team Con has announced that cybersecurity expert Ian Coldwater will deliver the keynote address at Blue Team Con 2026, with the event also revealing its lineup of training sessions, talks and hands-on experiences for defenders.
Ian Coldwater will deliver the keynote address “We Keep Us Safe” at Blue Team Con 2026.

Ian Coldwater will deliver the keynote address “We Keep Us Safe” at Blue Team Con 2026.

Blue Team Con has announced that Ian Coldwater, cochair of the Security Special Interest Group for the Kubernetes project, will deliver the keynote address at this year’s conference, taking place September 10–13 at the Swissôtel Chicago. The cybersecurity conference also released its full lineup of training sessions and talks scheduled for the event.

Coldwater’s keynote, titled “We Keep Us Safe,” will focus on lessons from neighborhood organizing and how blue teams can apply those concepts to their cybersecurity work.

“My talk is about taking lessons from neighborhood organizing and how blue teams can apply them to the work we do,” Coldwater said. “Blue Team Con’s welcoming, community-oriented vibe makes it one of my favorite conferences, and I’m really excited to bring this talk about what our communities can learn from each other there!”

Coldwater is an independent security consultant, longtime community organizer and expert in container and Kubernetes security. They have presented research on hacking and hardening cloud native infrastructure at conferences including DEF CON, Black Hat, RSAC and KubeCon. Coldwater previously served as an ambassador for the Cloud Native Computing Foundation and on the governing board of the Open Source Security Foundation.

“We are extremely excited to have Ian as our keynote speaker this year — their talk is particularly relevant as teams make do with fewer resources while battling increasingly sophisticated attackers,” said Tillery, Blue Team Con head of training and advisory board member. “The mission of Blue Team Con is to give every defender the tools they need to do their job and the community they need to back them up, and Ian's experience in community building is a powerful message to our attendees and industry.”

Blue Team Con 2026 programming will feature talks from speakers representing organizations including Amazon, Nationwide, Liberty Mutual, REI, Semperis and the Cybersecurity and Infrastructure Security Agency (CISA). Topics will include AI incident response, detection engineering for agentic attacks, credential reset process defense and identifying malicious code in GitHub repositories.

The conference will also feature topic-specific villages designed to provide hands-on experiences and deeper exploration of cybersecurity areas. The Wellness Village, curated by Mental Health Hackers, will focus on educating technology professionals about cybersecurity-related mental health risks and strategies for managing their effects.

A Capture the Flag competition will give attendees an opportunity to test their skills through a learning challenge designed for both newcomers and experienced professionals.

Attendees can earn up to 32 continuing professional education (CPE) credits during the four-day event. The conference will include five two-day training sessions on September 10–11 and 56 talks on September 12–13.

Training sessions include:

  • Building Fort Knox: A Practical Bootcamp for Cyber-Physical Defense! — A hands-on course covering physical and wireless perimeter defense, access control handling, physical auditing, wireless defense, rogue infrastructure tracking and airspace defense.
  • CQURE Masterclass: System Forensics, Incident Handling & Threat Hunting — A training course focused on system forensics, incident handling and threat hunting through case studies, practical labs and real-world examples.
  • Defending Enterprises – 2026 Edition — A detection engineering course where participants work in a Microsoft Sentinel cloud-based lab to identify indicators of attack and indicators of compromise from a live enterprise breach.
  • Exploring AI Visibility: Shedding Light on Shadow AI, Attack Surface, Telemetry and LLM Proxies — A workshop focused on detecting, auditing and securing AI usage within environments using existing network and endpoint logs.
  • Offense for Defense — A course designed for blue team professionals, systems administrators, SOC analysts, threat hunters and incident responders that explores attacker tactics, tools and approaches to improve defenses, detections and responses.

Tickets to Blue Team Con 2026 are now available for reservation.

Sign up for our eNewsletters
Get the latest news and updates