Security

IT Security Summit Berlin 2026

I

T Security Summit Berlin 2026 is a hands-on conference covering cloud, DevSecOps, web, API, and AI-driven security. Attendees will explore key topics such as cutting-edge cybersecurity strategies, practical solutions for security challenges, advanced threat detection, and AI-powered defense. The event features four days of workshops and conference sessions,…

Visit the official site
45Voices
32Underwriters
0Exhibitors
18On the bill · sessions
47Companies · in total
§I

The Voices

Programmed at IT, in alphabetical order.
Anna Lavrova
Expert for Agile Leadership & Human Systems · Wemanity Belgium
Aurélien Svevi
Expert in Application Security, Team Integration, DevSecOps & Security Education
Bea Hughes
Infrastructure Security Expert · Color
Ben Linders
Expert in team and organizational improvement, collaboration, gamification, and psychological safety.
Boaz Barzel
Field CTO Specializing in Shift-Left Innovation, Risk Management, and DevSecOps · OX Security
Boris Cipot
Expert in Application Security
Brian Vlootman
Expert in Cybersecurity & Resilience Strategist for Digital Banking
Christian Salzmann-Jäckel
Linux Architect and Kubernetes Expert · Zuse Institute Berlin
Christian Schneider
Application & AI Security Architect · Schneider IT-Security
Christian Wenz
Web veteran and expert in web security · Actition GmbH
Constanze Roedig
Expert in Cyberresilience via eBPF, CloudNative & OSS Research
Dr. Renato Samperio
Expert IT Professional, Roboticist and Software Engineer
Erkan Yanar
Linux and DevOps Consultant Focused on MySQL and Containers
Ivan Kovačević
Expert in Cyber range trainings, Cybersecurity exercises
James Eastham
Expert in modern software architecture · Datadog
Jay Shah
Cyber Security, DevSecOps & Gen AI Professional. Global Speaker & Community Builder
John Willis
DevOps & IT Risk Researcher, Author & Governance Expert
Julian Iavarone
Expert in Web- and API-Security
Julius Mischok
Expert for software quality
Kris Buytaert
DevOps pioneer: Building resilient, collaborative infrastructures
Marcel Claassen
Cloud Security Expert
Marcus Bointon
PHPMailer Maintainer & Open-Source Author · Devalps

— and 23 more, by name unsung —

§II

Underwritten By

The houses behind the program. Tiers as disclosed.
DatadogGold
Amazon Web Services, Inc.Silver
digital.aiSilver
HygroundSilver
KomodorSilver
New Relic, Inc.Silver
PulumiSilver
SplunkSilver
SysElevenSilver
VonageSilver
CoralBronze
FlagsmithBronze
adesso
Black Duck SoftwareDevSecOpsDays
braintec
BWI GmbHDevSecOpsDays
cid
CoralogixDevSecOpsDays
devmioConference Organizer
Digital ExpertMedia Partner
dvz
German Tech JobsMedia Partner
goldbeck
hermes
inpro engineering
ipt
LGT Private Banking
mgm
Ox SecurityDevSecOpsDays
rewe digital
UNITE AIMedia Partner
zpid
§III

The Programme

Selected from 18 sessions on the bill.
  • 10:30 - 11:15

    AI-Accelerated Delivery: Predicting Release Risk Before Production

    Modern software delivery is entering a high-velocity phase driven by AI-assisted development and platform engineering. While CI/CD pipelines allow teams to ship faster than ever, c…

    AI-Powered Security Automation
  • 10:30 - 11:15

    Latest is not a strategy

    Modern software isn't just the code we write — it's a constantly shifting collection of dependencies, build tools, containers, and services, all with their own versions. This talk …

    Secure Coding & Software Development Lifecycle (SDLC)
  • 10:45 - 11:30

    It's just a jump to the left: the Time Warp of DevSecOps

    It's just a jump to the left: the Time Warp of DevSecOps. We bought into the Emperor's New DevOps, so we're secure now, right? Well, maybe, maybe not. Let's talk about what securit…

    DevSecOps
  • 10:45 - 11:30

    Security HTTP Headers: The Good, the Bad and the Ugly

    A while ago, web browsers were considered the #1 security risk on the web. Today, they are the last line of defense. Modern, secure web applications leverage such headers for two r…

    Secure Coding & Software Development Lifecycle (SDLC)
  • 11:45 - 12:30

    Digital sovereignty with OpenStack on Kubernetes – a GitOps approach for managing OpenStack clouds with operators

    Organizations are increasingly seeking ways to maintain control over their infrastructure and data. This talk presents an approach to achieving digital sovereignty by deploying Ope…

    Cloud, API & Identity Security
  • 11:45 - 12:30

    Threat Modeling Agentic AI Systems Across Five Threat Zones

    EchoLeak (CVE-2025-32711) in Microsoft Copilot showed what happens when prompt injection hits an agentic system: a single malicious email, no click required, cascaded through retri…

    AI-Powered Security Automation
  • 12:00 - 12:45

    Taming LLMs: Observability, Tracing, and Security in the Wild

    LLMs don't play by the rules. Their inputs and outputs are inherently unpredictable – and when you deploy them in customer-facing applications like chatbots, that unpredictability …

    AI-Powered Security Automation
  • 12:00 - 12:45

    There Is No "Left" Left: Building a Self-Pentesting Pipeline

    Shift left was a nice idea. In a world where AI ships hundreds of changes a day, there is no 'left' to shift to, and your quarterly pentest is out of date the moment it lands. So I…

    Pentesting, Vulnerability Management & Forensics
  • 14:45 - 15:30

    Data sovereignty - what it really means?

    When we talk about “where data lives,” it’s not just about the storage location. It’s also about where the data is processed, transformed, and governed, and which jurisdiction ulti…

    Cloud, API & Identity Security
Intermission
Part the Second · For the Buyer

What does it mean when 47 companies show up — and 3 bet on three roles at once?

47 companies. three are betting more than once.

The numbers below are derived from the speakers, sponsors, and exhibitors on this page — cross-referenced into one ledger. They are the only thing here that 10times.com cannot tell you.

01Fig. 01 — Composition of the House
3All threespeak · spons · exh
29Sponsoringsponsor only
0Exhibitingexhibitor only
15Companies Speakingspeaker only

The Triple-Threat

Datadog·Digital.ai·OX Security

02Fig. 02 — The Voices, by Seniority

2% of the speakers carry senior titles — C-suite, Founder, VP, or Director-level.

  • C-suite12%
  • Engineer · IC920%
  • Research / Science12%
  • Other roles3476%

Of 45 on the bill · classified by free-text title

03Fig. 03 — The Heaviest in the Room
  1. 01DatadogSp·G1V
  2. 02Digital.aiSp·S1V
  3. 03OX SecuritySp·D1V
  4. 04adessoSp
  5. 05AWSSp·S
  6. 06Black Duck SoftwareSp·D
  7. 07braintecSp
  8. 08BWISp·D
  9. 09CIDSp
  10. 10CoralSp·B
  11. 11CoralogixSp·D
  12. 12devmioSp·C
  13. 13Digital ExpertSp·M
  14. 14dvzSp
04Fig. 04 — By Tier
gold1
3% of 32
silver9
28% of 32
bronze2
6% of 32
conference organizer1
3% of 32
devsecopsdays4
13% of 32
media partner3
9% of 32
unspecified12
38% of 32
05Fig. 05 — The Missing · who's at peer events but not here

These companies sponsored two or more peer events recently, but aren't on this program. For an organizer, that's a list of warm prospects.

06Fig. 06 — Adjacent Convocations · by shared underwriters

In the same series

Prior and forthcoming editions