This track focuses on understanding adversaries and human-centric attack vectors that enable modern ransomware and cyber intrusions. Participants will learn how threat actors operate, how campaigns are planned and monetized, and how human behavior is exploited at scale. Topics include open-source intelligence (OSINT), adversary profiling, initial access brokers (IABs), social engineering, phishing operations, deepfake and AI-assisted deception, and leak-site monitoring.

The track also covers practical threat intelligence workflows: collecting, enriching, analyzing, and operationalizing intelligence to support detection, prevention, and incident response. Through hands-on exercises and realistic scenarios, participants will learn how to anticipate attacks, disrupt early access paths, and reduce human risk across the organization.