Zero Trust World 2026 is just a few short weeks away, and the sixth edition of ThreatLocker's annual conference March 4-6 in Orlando is shaping up to be equal parts practitioner training, threat-intelligence reality check and community gathering — all wrapped in Florida sunshine and capped with an afterparty that ThreatLocker promises will be out of this world.Beneath the fun, the mission is straightforward and serious: To help defenders understand the threats they're up against and to let them leave with tactics they can use to protect modern IT environments.The emphasis on practicality is intentional, according to ThreatLocker VP of Experiential Marketing Heather Hartland, who says that Zero Trust World's goal is to build real skills through experience."It isn't just listen and learn," Hartland says. "We want to go even further and make sure that people get that hands-on experience in those hacking labs so that they can fully understand and then apply those techniques."
Default deny and hands-on learning
Hartland explains that the conference centers on the "default deny" mindset that underpins ThreatLocker's approach to zero trust. The sessions aim to connect zero-trust theory to implementation for attendees who help run traditional perimeter-based networks as well as those accustomed to hybrid, cloud-heavy organizations.As today's ecosystems grow ever more complex, Hartland said Zero Trust World is "enlisting more experts" to address the realities of defending in modern environments."Our mission is to make sure that people understand what they're up against and how they can defend against it," she says. "It's the deep understanding of those cyber threats that is the foundational approach to being able to defend against them using the default-deny cybersecurity posture."Hands-on learning remains a signature feature of Zero Trust World. Fan-favorite hacking labs like the Rubber Ducky Lab and Metasploit Lab are returning, but conference organizers are adding new wrinkles that reflect where attackers as well as defenders spend their time."We're adding some additional twists," says Hartland. "Things like web hacking, SQL injections and prompt-engineering malware, which is a pretty hot topic right now."
Cybersecurity stars
The speaker lineup is heavy on recognizability and real-world credibility. Marcus Hutchins, famous for stopping the WannaCry ransomware outbreak in 2017 and for his ongoing malware analysis, will deliver a keynote that organizers are keeping under wraps for now."Marcus is going to be bringing a special surprise," Hartland says.Two other featured sessions aim squarely at the practical and the provocative. Chase Cunningham, aka Dr. Zero Trust, will bring a new talk titled "From 8K to Alpha," focused on the "buy the breach" phenomenon of cybercrime as a service.Cunningham will look at the modern cybercrime economy, in which organizations often get hit by unskilled affiliates who rent malware and other intrusion tools from distributors."There's an entire ecosystem where you don't have to do the breach yourself," Hartland says. "You can buy the service. We're going to hear a little bit more about that."Spencer Alessi, a veteran penetration tester and cybersecurity strategist, is going even more hands-on with a keynote address bluntly titled "How to Lose a Domain in 45 Minutes," the length of his keynote session.As Hartland puts it, this will be an "Active Directory Hacking Lab," a format likely to resonate with enterprise defenders who know that Microsoft Active Directory is still a top target for attackers and can be a weak point in many environments.Beyond the famous names, the event is also stacking sessions with familiar voices from security media and practitioner communities, including The PC Security Channel, Linus Tech Tips, and the CISO Series. Zero Trust World brings these influencers together in a single venue, with deeper demonstrations and context than a video or podcast can provide.
Space, hope and charity
Organizers expect more than 1,800 practitioners this year and around 30 vendors in the expo hall, representing a range of products and services for security teams. And as in past years, Zero Trust World will donate proceeds from the Cyber Hero Swag Store to Ronald McDonald House Charities of Central Florida, supporting families who must travel for a child's medical care.To cap off the conference, the afterparty will beam attendees into a retro-futurist alternate reality, looking back at the optimism of the 1960s space race and the pop culture that grew out of it. So get out those Star Trek uniforms and dust off that NASA space helmet.As before, Zero Trust World 2026 is built for practitioners seeking hands-on competence, clear understanding of current threats, and actionable strategies for applying default deny in the real world — plus a few surprises along the way.
Paul Wagenseil is a custom content strategist for CyberRisk Alliance, leading creation of content developed from CRA research and aligned to the most critical topics of interest for the cybersecurity community. He previously held editor roles focused on the security market at Tom’s Guide, Laptop Magazine, TechNewsDaily.com and SecurityNewsDaily.com.
