Our 2026 Event Sponsors
FIRST would like to gratefully acknowledge the following organizations and individuals for their support!
Co-Host
Co-Host
CVE
The mission of the CVE® Program is to identify, define, and catalog publicly disclosed cybersecurity vulnerabilities. There is one CVE Record for each vulnerability in the catalog. The vulnerabilities are discovered then assigned and published by organizations from around the world that have partnered with the CVE Program. Partners publish CVE Records to communicate consistent descriptions of vulnerabilities. Information technology and cybersecurity professionals use CVE Records to ensure they are discussing the same issue, and to coordinate their efforts to prioritize and address the vulnerabilities.
Platinum Sponsor
Platinum
DevArmor
DevArmor automates threat modeling, design reviews, and control enforcement in one platform. It helps engineering teams mitigate design risks early, get real-time security feedback and remediation suggestions, and ship faster without sacrificing coverage.
Platinum
Intigriti
Intigriti is a rapidly growing cybersecurity company that specializes in crowdsourced security services to help organizations protect themselves from cybercrime. Our industry-leading bug bounty platform connects our customers with 125,000+ ethical hackers worldwide, ensuring proactive cybersecurity protection in a pay-for-impact model, meaning you only pay for valid vulnerability submissions. For more information, follow us on LinkedIn
Platinum
Lumida
Lumida is an agentic platform that works alongside your team to automate exposure management at scale. Lumida consolidates data from existing scanners and enterprise tools, actively engages with users and business platforms across the organization to fill information gaps, and provides intelligent recommendations for remediation actions. Operating continuously in the background, Lumida augments security teams by automating triage workflows, validating ownership, assessing exploitability, and orchestrating the entire remediation process - transforming manual, weeks-long processes into automated, intelligent workflows.
Platinum
Manifest
Manifest is the leading platform securing the entire AI and software supply chain—from source code to models to third-party software. We empower product security and third-party risk teams to operate critical systems and applications with confidence by detecting and managing hidden software supply chain and AI risks at scale. The Manifest Platform provides end-to-end visibility and control across Product Security, AI Risk, and Supplier Risk, helping teams build secure, trusted software without losing velocity. Trusted across defense, healthcare, automotive, and other regulated industries to enhance product & AI security, third-party risk, and compliance.
Platinum
Nucleus Security
Nucleus Security is the leader in unified vulnerability management, helping enterprises prioritize and remediate vulnerabilities faster by unifying data, automating workflows, and scaling operations with built-in intelligence and business context.
Platinum
Phoenix Security
Phoenix Security is ASPM , UVM, and Attack Exposure Management driven, with a focus on agentic remediation and a laser attribution system to prioritize the right vulnerability in the right context. We take fragmented scanner output across code, containers, cloud, and runtime, attribute them, prioritize, and turn them into one fix backlog per team. Attribution comes first. Our agents maintain a living ownership graph so every issue lands with the right team and repo, not in a shared queue. Prioritization is tied to runtime reality, reachability, exposure, and business impact, so effort goes to what can actually hurt you. Remediation is the output. Our agents generate minimum impact fix plans, pinpoint where the change belongs (build file, Dockerfile, base image, dependency, or config), and can create opt-in pull requests to apply upgrades and patches at scale. Security sets targets and runs campaigns, engineering gets clean next actions, and progress is measured in vulnerabilities removed and risk reduced.
Platinum
Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings. The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices.
Platinum
Securin
Securin is an AI-powered Adversarial Exposure cybersecurity company that is disrupting the exposure management space. Securin incorporates adversarial intelligence with validation of exposures, controls, and remediations. We call this approach Securin Adversarial Exposure Validation Operations (AEVOps).
Platinum
Seemplicity
Seemplicity is your agentic Exposure Action Platform™ that closes the gap between findings and fixing. Beyond just noise reduction, Seemplicity AI agents are the first to proactively analyze business risk while applying automation to the aggregation, prioritization and remediation workflows across your entire exposure and vulnerability management process.
Platinum
Tenable
Tenable® is the exposure management company, exposing and closing the cybersecurity gaps that erode business value, reputation and trust. The company’s AI-powered exposure management platform radically unifies security visibility, insight and action across the attack surface, equipping modern organizations to protect against attacks from IT infrastructure to cloud environments to critical infrastructure and everywhere in between. By protecting enterprises from security exposure, Tenable reduces business risk for approximately 44,000 customers around the globe.
Platinum
VulnCheck
VulnCheck is the vulnerability intelligence company helping enterprises, government organizations, and cybersecurity vendors solve the vulnerability prioritization challenge. Trusted by some of the world's largest organizations responsible for protecting hundreds of millions of systems and people, VulnCheck helps organizations outpace adversaries by providing the most comprehensive, real-time vulnerability intelligence that is autonomously correlated with unique, proprietary exploit and threat intelligence. Follow the company on LinkedIn, Mastodon, or Twitter.
Platinum
Zafran
Zafran Security is the first AI-native end-to-end Threat Exposure Management platform to help security teams stop vulnerability exploitation everywhere. Zafran uses your existing security tools to prove that 90% of critical vulnerabilities are not exploitable, then quickly remediates and mitigates the 10% that are most likely to cause an incident.
Platinum
ZEST Security
ZEST Security’s Agentic Exposure Management platform helps organizations resolve the millions of vulnerabilities and misconfigurations across cloud and on-prem environments. Our AI agents deliver sharp prioritization through exploitation analysis, mobilize mitigating controls, and map the most effective remediation pathways to reduce exposure. Security teams can remediate, mitigate, and prevent critical exposures, finally matching the pace of modern attacks and zero-day threats.
Platinum
Zscaler
The Zscaler Security Operations portfolio simplifies the flood of exposure and alert data from disjointed tools, allowing teams to reduce critical risk and minimize threats efficiently. With solutions built on the industry’s first Data Fabric for Security, SecOps teams can transform limitless security data into actionable insights to identify critical gaps and vulnerabilities, group and prioritize active threats, and streamline response workflows to close the window on attackers. Reimagine SecOps with a unified approach to managing exposures and reducing threats.
https://www.zscaler.com/products-and-solutions/security-operations
Networking Reception
Networking Reception
Qualys
Qualys, Inc. (NASDAQ: QLYS) is a pioneer and leading provider of disruptive cloud-based security, compliance and IT solutions with more than 10,000 subscription customers worldwide. Qualys helps organizations streamline and automate their security and compliance solutions onto a single platform for greater agility, better business outcomes, and substantial cost savings. The Qualys Cloud Platform leverages a single agent to continuously deliver critical security intelligence while enabling enterprises to automate the full spectrum of vulnerability detection, compliance, and protection for IT systems, workloads and web applications across on premises, endpoints, servers, public and private clouds, containers, and mobile devices.
Supporting Sponsor
Tote Bag
Phoenix Security
Phoenix Security is ASPM , UVM, and Attack Exposure Management driven, with a focus on agentic remediation and a laser attribution system to prioritize the right vulnerability in the right context. We take fragmented scanner output across code, containers, cloud, and runtime, attribute them, prioritize, and turn them into one fix backlog per team. Attribution comes first. Our agents maintain a living ownership graph so every issue lands with the right team and repo, not in a shared queue. Prioritization is tied to runtime reality, reachability, exposure, and business impact, so effort goes to what can actually hurt you. Remediation is the output. Our agents generate minimum impact fix plans, pinpoint where the change belongs (build file, Dockerfile, base image, dependency, or config), and can create opt-in pull requests to apply upgrades and patches at scale. Security sets targets and runs campaigns, engineering gets clean next actions, and progress is measured in vulnerabilities removed and risk reduced.
Lanyard
Red Hat
Red Hat is the world's leading provider of enterprise open source solutions—including Linux, cloud, container, and Kubernetes. We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.