Each year, CypherCon brings cybersecurity professionals from around the world to Milwaukee, Wisconsin, for one of the community’s most unique events. Blending deep technical learning with hacker culture and creative experimentation, the conference has become a staple for practitioners who want more than slide decks and vendor booths.
The 2026 conference is held April 1-2 at the Baird Center in Milwaukee. Sprocket Security is once again sponsoring CypherCon. We will have a booth located just off the escalators on the second floor of the venue.
If you are attending, stop by and say hello. Our team will be there to discuss how offensive security programs are evolving and why many organizations are moving toward Continuous Penetration Testing to keep pace with constantly changing attack surfaces.
We value conversations with practitioners who are focused on real-world security challenges and measurable outcomes, not just tools and reports
We are also having a happy hour the night before the conference on 3/31 at the Miller Time Pub & Grill in the Milwaukee Hilton, lower lobby (hotel connected to Baird Center). You can sign up for that here.
Key Activities and What to Expect
CypherCon is not a typical security conference. While there are technical talks and research presentations, the event is built around a mix of hands-on learning and community-driven activities. Here is the schedule to see what might interest you.
Some of the highlights include:
Technical Security Talks
CypherCon always delivers a strong lineup of technical talks that explore attacker techniques, emerging threats, and real-world security lessons. A few sessions this year stand out as particularly relevant for practitioners focused on offensive security and exposure validation.
Invisible Gateways: How Threat Actors Exploit IoT to Breach Organizations – Wednesday
IoT devices often introduce unexpected entry points into corporate networks. This talk explores how attackers exploit insecure devices and pivot deeper into environments, highlighting why organizations must validate their full attack surface.
WarGames for Defenders: Playing Threats with MITRE ATT&CK Navigator – Wednesday
Using MITRE ATT&CK to model adversary behavior can help organizations better understand realistic attack paths. This session focuses on how structured threat modeling can strengthen detection strategies and defensive planning.
Red Team Lessons from Copilot Deployments – Thursday
As AI assistants become more common in enterprise environments, they introduce new attack paths. This talk examines red team findings from Copilot deployments, including prompt injection and data exposure risks.
What Attackers Automate First (And Why You Should Care) – Thursday
Modern attackers rely heavily on automation for reconnaissance and exploitation. Understanding what they automate first provides insight into which exposures security teams should prioritize testing.
Capture the Flag (CTF)
Participants can test their skills in hands-on hacking challenges that span web exploitation, cryptography, reverse engineering, and more.
Villages and Hands-On Labs
Interactive villages give attendees the opportunity to explore topics like lockpicking, hardware hacking, social engineering, and other practical skills.
Why Attend CypherCon?
CypherCon is valuable because it combines technical depth with a strong community focus.
Attendees often walk away with:
- Practical security techniques they can apply immediately
- Exposure to emerging research and attacker tradecraft
- Hands-on experience through challenges and labs
- Connections with practitioners who face the same security problems
Whether you are a seasoned security professional or just getting started in the field, CypherCon provides a space to learn, experiment, and engage with the broader cybersecurity community.
Get Your Ticket
If you are planning to attend and haven’t bought your tickets yet, you can purchase them here.
