In today’s dynamic cloud landscape, organizations face an ever-expanding array of security challenges that span from development environments to full-scale cloud deployments. This session will explore the evolution of cloud security by examining how traditional Cloud-Native Application Protection Platforms (CNAPP) are being enhanced with advanced Cloud Application Detection and Response (CADR) capabilities. Attendees will gain insights into how these integrated frameworks provide comprehensive, end-to-end protection—bridging the gap between proactive risk management and real-time threat mitigation.
The 1st Cloud Runtime Security Summit
CADR:CON
April 23, 2025 - Chicago, IL
Visionaries
Tom Croll
Advisor & Former Gartner Analyst
Lionfish Tech Advisors
Gokula Mishra
VP of Data Science
Direct Supply
Michael LaRue
Deputy Director of Software Delivery & Data
University of Illinois at Chicago
Vijay Jakka
Global Data Governance Leader
MetLife
Abhay Shah
Head of Technology, Infosec Risk & Compliance
DoorDash
Custom Speaker
Dynamic and results-driven IT and Cybersecurity professional with a proven track record in risk management, compliance assurance, third-party security, and governance. Adept at building high-performing teams and implementing innovative technology compliance programs. Experienced in leading audits for global organizations, ensuring adherence to industry standards and regulations such as PCI DSS, SOC1, SOC2, ISO 27001, ITSOX, and GDPR. Skilled in developing information security policies, risk management, third-party security, and driving positive change. Holds certifications including CISA, CDPSE, and PCI Internal Self Assessor. Currently serving as Head of Technology & Cybersecurity Risk and Compliance Assurance at DoorDash, driving impactful decision-making and building scalable programs.
Russ Felker
CTO
Trinity Logistics
Ebenezer Arumai
Director, IT Infrastructure & Security
Inogen
Steve Zalewski
Former CISO
Levi Strauss & Co.
Custom Speaker
Mr. Zalewski currently provides CISO, security consulting and security advisory services. These include: • International cybersecurity advisor and trainer. • Executive advisory board member for security startups, providing guidance on security market direction and product requirements. • CISO advisory board member for venture capital firms internationally. • vCISO for companies requiring temporary or part-time CISO expertise. Services also include guidance and solutions to address incident response, security program design, security assessment, security due-diligence, vendor/supplier due-diligence, security architecture review, board reporting and other key security leadership requirements. Operational experience in Healthcare, Utilities and International Retail verticals. Key Strengths: •Organizational Management •Strategic Planning & Execution •Enterprise Security Architecture/Strategy •Executive and BOD Security Governance/Reporting •Cybersecurity Incident Response •Security Risk & Compliance Management Additionally, I co-hosts the CISOSeries Defense-in-Depth Podcasts and am a frequent speaker and panel moderator at industry events.
Sabrykrishnan Loganathan
Director of Digital & Gen-AI Strategy
Regal Rexnord
April 23, 2025
Attend this event
Agenda
All times Central Time
8:30 AM-9:00 AM
Welcome & Registration
9:00 AM-9:15 AM
Opening Remarks
9:15 AM-9:40 AM
Vision Voices
Bridging the Gap: From CNAPP to CADR – Securing Cloud-Native Applications End-to-End
Tom Croll
Advisor & Former Gartner Analyst
Lionfish Tech Advisors
9:45 AM-10:20 AM
Keynote
A New Era in Cloud Runtime Security: Cloud Application Detection & Response
Detecting and responding to cloud attacks has never been more challenging. Modern attacks and the ever-changing nature of cloud infrastructure and applications make security teams' lives more difficult than ever.
A new approach is needed - one that can provide a fully traceable & explainable runtime security story spanning the entire cloud technologies stack.
10:20 AM-10:40 AM
Networking Break
10:40 AM-11:25 AM
Panel
The Modern CISO Strategy and Priorities: Protecting Cloud Infrastructures and Applications Against Modern Attacks
In recent years, we have added more and more tools to protect our cloud infrastructures and applications , but are we really more secure?
Traditionally, we started with the cloud security posture, but was that the right move?
The cloud security market has grown and changed significantly - from CSPM, to ASPM and CNAPP. It seems that every few months a new category is popping up. But what is still missing? Where should we focus next? posture or runtime? shift left or protect right?
Panelists
Tom Croll
Advisor & Former Gartner Analyst
Lionfish Tech Advisors
Abhay Shah
Head of Technology, Infosec Risk & Compliance
DoorDash
Dynamic and results-driven IT and Cybersecurity professional with a proven track record in risk management, compliance assurance, third-party security, and governance. Adept at building high-performing teams and implementing innovative technology compliance programs. Experienced in leading audits for global organizations, ensuring adherence to industry standards and regulations such as PCI DSS, SOC1, SOC2, ISO 27001, ITSOX, and GDPR. Skilled in developing information security policies, risk management, third-party security, and driving positive change. Holds certifications including CISA, CDPSE, and PCI Internal Self Assessor. Currently serving as Head of Technology & Cybersecurity Risk and Compliance Assurance at DoorDash, driving impactful decision-making and building scalable programs.
Sabrykrishnan Loganathan
Director of Digital & Gen-AI Strategy
Regal Rexnord
11:30 AM-12:30 PM
Executive Roundtable Lunch
12:30 PM-1:00 PM
Closing Remarks
Brought to You By
