Ready for the Next Threat? JSAC2026 Gathers Global Cyber Defenders in Tokyo

Cyberattacks are no longer a headline—they are a daily reality. As threat actors evolve their tactics with relentless speed, the security community's only recourse is to continuously sharpen its defense. This is the core mission of JSAC (Japan Security Analyst Conference), the premier annual event hosted by JPCERT/CC, dedicated to the technical exchange of expertise on incident analysis and response.

Set to take place from January 21-23, 2026 at the Akasaka Intercity Conference Center in Tokyo, JSAC2026 is an essential gathering for the world's most diligent security analysts, from malware specialists and forensics experts to SOC analysts and incident handlers.

Why JSAC is a Critical Summit for Cyber Resilience

The philosophy behind JSAC is simple: collective strength through shared knowledge. By providing a free, high-capacity forum for security professionals who handle incidents every day, JPCERT/CC facilitates a crucial exchange of information necessary to keep pace with the ever-evolving threat landscape.

The three-day event kicks off on January 21st with a Training Day (conducted in Japanese only) followed by two robust Conference Days (January 22nd & 23rd), featuring in-depth presentations, workshops, and lightning talks. With a capacity of 400 attendees and no participation fee, the event breaks down barriers for analysts seeking world-class technical insights.

Key topics for the conference include:

• Malware (analysis methods, case studies, detection tools)
• Forensics (investigation techniques, analysis tools)
• Incident Response (handling cases, methods of attack)
• Threat Intelligence (attack campaigns, OSINT)

Featured Technical Deep-Dives to Expect

The speaker lineup for JSAC2026 is packed with leading researchers presenting new, high-value intelligence on sophisticated threats:

Gateway Surveillance & MitM Frameworks: Chi-en “Ashley” Shen (Cisco Talos) will present "Knife Cutting the Edge: Dissecting A Gateway Surveillance & MitM Framework." This talk will reveal a sophisticated toolset linking mobile/desktop malware with gateway-based man-in-the-middle attacks, focusing on TTPs for traffic inspection and covert delivery via edge devices.

Unmasking Evolving APTs: Threat attribution remains a vital and complex task.

• Joseph Chen explores resurfacing threats in "The Return of Old Forces: Revealing New Campaigns Connected to A Missing Cyber Mercenary Firm."
• Hiroaki Hara and Doel Santos (Unit 42) will dive into the challenges of linking multiple threat actors in a single breach in "Attribution in Action: A Case Study of an Incident Involving Multiple Activity Clusters."
• Sunny W Lu (Trend Micro) provides a deep-dive into a secretive data-exfiltration group in "Ghost in Your Network: How Earth Kurma Stays Hidden and Exfiltrates Your Data," detailing their use of legitimate services like Cisco Webex for C&C.

IoT Botnets and DDoS: Hideyuki Furukawa (NICT) presents never-before-seen details on the massive RapperBot operation in "A deep-dive into RapperBot C2 operation and DDoS attacks," sharing analysis methods and findings from the five months leading up to the suspect's arrest.

Phishing-as-a-Service (PhaaS) Ecosystems: Albert Song and team will shed light on a secretive operation targeting Japan in "Unmasking the CoGUI Phishing Kit, the Major Chinese Phishing-as-a-Service Targeting Japan," providing the first public, detailed analysis of the elusive FishingMaster platform.

For those attending, JSAC2026 promises a dense concentration of highly relevant, technical information to better secure their organizations against contemporary and future cyber threats.

From Past Events