Adversary Village at RSAC 2026

Join us for Adversary Village at RSAC 2026!
Adversary Village is a community initiative focused on adversary simulation, offensive cyber security tradecraft and purple teaming. The sandbox will feature talks, live demos, gamified table-top exercises, adversary/ransomware simulator, guided breach simulation, panels, and hands-on activities.

Adversary Village Sandbox timings:

Tuesday, March 24, 09:30 AM - 03:15 PM | 04:15 - 06:00 PM

Wednesday, March 25, 09:30 AM - 04:30 PM

Thursday, March 26, 9:30 AM - 02:30 PM

Panel Discussion: AI and the New Offensive Playbook of State Sponsored Cyber threat Actors

VLG-W02 | March 25, 2026 09:40 AM PDT

Threat actors quickly folding generative AI into their attacks, AI often stands for Adversarial Intelligence. This panel will unpack how adversaries use AI to build sophisticated tooling, phishing campaigns, automate exploitation, and craft malware on the fly to evade defenses. The discussion will focus on attacker tactics and incidents, highlighting how AI is impacting and changing the game.

Adam Pennington

MITRE ATT&CK Lead, MITRE Corporation.

Seeyew Mo

Director of Training at DEF CON Communications Inc.

Paul McCarty

Resercher

‌

Abhijith

Founder and Lead at Adversary Village

Hands-on activity
Choose-your-own-Adversary-Adventure Tabletop Game

Adversary Village Area | 24-26 March, 20256| 09:30 to 03:30 PM PT

Adversary adventure is a story-scenario based, interactive, cyber war-gaming, choose-your-own adventure model interactive game. This is a gamified version of table-top exercises which is presented to the participants as they can choose to play as an attacker, post exploitation OR a Defender who is defending against an attacker group-threat actor OR even play as a CISO who is dealing with an adversarial situation such as a ransomware incident.

Hands-on activity
Guided Breach and Attack Simulation exercises

Adversary Village Area | 24-26 March, 2026 | 09:30 to 03:30 PM PT

This area will feature guided breach simulation exercises for participants to engage with. There will be two activities, "Breach-the-Hospital" and "Breach-the-Office," based on two LEGO sets. A simulated cyber range will be available for each scenario, providing an exact replica of an enterprise production environment. We will provide a detailed walkthrough of the attack scenarios, including Tools-Techniques-and-Procedures (TTPs) commands and how-to guides, demonstrating how to attack and breach the hospital's infrastructure or the office environment.
The participants who complete the exercises and come to the top place will be rewarded with exciting goodies.

Hands-on activity
Adversary Simulator and Purple Teaming hands-on booth

Adversary Village Area | 24-26 March, 2026 | 09:30 to 03:30

Adversary Simulator booth has hands-on adversary emulation plans specific to a wide variety of threat-actors, ransomware; these are meant to provide the participant/visitor with a better understanding of the Adversary tactics. This is a volunteer assisted activity where anyone, both management and technical folks can come in and experience different categories of simulation, emulation and purple scenarios.

Adversary Simulator booth will be having a lab environment focused on recreating enterprise infrastructure, aimed at simulation and emulating various adversaries. Visitors will be able to view, simulate and control various TTPs used by adversaries. The simulator is meant to be a learning experience, irrespective of whether one is hands-on with highly sophisticated attack tactics or from the management.

Adversary Village
RSAC 2026

Moscone Center, San Francisco
23-26 March, 2026.