SecureChainCon 2026 - Run Free, Run Safe: Defend Post-Deployment in the Age of AI

Software supply chain security is evolving rapidly. Attackers are no longer waiting for weaknesses to appear during development; they are targeting what’s already running in production, often within days of disclosure. At the same time, AI is accelerating software development and the adoption of open-source software, expanding the attack surface, while hackers are using AI to speed up the time to attack.

SecureChainCon, hosted by the Ortelius open-source community, is a free half-day virtual conference focused on post-deployment threat detection, Continuous Threat Exposure Management (CTEM), deployment visibility, and AI-assisted remediation workflows.

We are seeking speakers who want to help teams move beyond build-time scanning toward continuous defense of deployed systems. If you’re working on the next generation of runtime-aware security, SBOM operations, deployment intelligence, or AI-driven remediation, we want to hear from you.

Suggested Topics:

We welcome technical talks, practitioner case studies, architecture deep dives, research insights, and open-source demonstrations in areas including:

• Demos for Ortelius V.12
• Resources and Tooling for Post Deployment Vulnerability Detection/Remediation
• Sense, Reason, Act AI Models for Vulnerability Management
• Continuous Threat Exposure Management
• Meeting CRA and CISA vulnerability response requirements

Speaking at SecureChainCon gives you the opportunity to:

Speaking at SecureChainCon gives you the opportunity to share innovations shaping the future of post-deployment vulnerability defense while influencing emerging practices around Continuous Threat Exposure Management (CTEM). You’ll help define how AI is transforming remediation workflows and connect with platform engineers and security practitioners working to solve real exposure problems in production environments. Presenters also contribute to the growing movement toward continuous runtime visibility across the software supply chain and engage directly with the Ortelius open-source security community, advancing the next generation of deployment intelligence and software supply chain defense.

Talk Formats

• 20-minute technical talks
• 10-minute lightning talks

Vendor product pitches without technical depth are discouraged. Practitioner experience and architecture insight are strongly preferred.

Who Should Submit

• Platform Engineers
• DevOps Engineers
• Security Engineers
• Application Developers
• Open-source maintainers
• Researchers
• CISO-level practitioners
• Software supply chain security leaders

Submission Guidance:

Both experienced speakers and first-time presenters are welcome.  Strong proposals typically include:

• A clearly defined post-deployment security problem
• A practical solution or architecture pattern
• Lessons learned from real environments
• Open standards or community alignment where possible
• Actionable takeaways for attendees
• Help Shape the Future of Supply Chain Defense

SecureChainCon is not about shifting security earlier in the pipeline. It’s about defending what’s already deployed. If you are building solutions for runtime visibility, SBOM intelligence, AI-assisted remediation, or deployment-aware vulnerability prioritization, we invite you to share your work with the community.