Full Stack or Full Stop: The New Reality of Cybersecurity

​Modern security demands mastery from wire to deploy. It’s not just about breaking in,  it’s about understanding everything from packet capture to pipeline hardening.

​Milot Shala – Cybersecurity Director, ANIMARUM

Milot Shala is the Cybersecurity Director at ANIMARUM and currently serves as Cybersecurity Lead Architect at Ericsson. With over 25 years of experience across offensive security, secure systems design, threat simulation, and software engineering, Milot brings a rare combination of deep technical expertise, a blend of software engineering discipline and cybersecurity, and leadership in high-assurance environments.

At ANIMARUM, Milot leads strategic cybersecurity initiatives for clients operating in complex, cloud-native, and regulated environments. He specializes in red teaming, adversary emulation, operational technology (OT) security, and cloud security, as well as integrating offensive insights into development and architecture workflows. His operational experience spans AWS, Kubernetes, CI/CD pipelines, and advanced adversary TTPs, supported by tools like Cobalt Strike, Caldera, Mythic, and custom-built implants.

At TechArena 2026, Milot represents the offensive security perspective from the front lines, sharing how today’s red teams must operate across the entire technology stack, and why full-spectrum technical fluency is now essential for both attack and defense in modern enterprises.

​Summary:

​Cybersecurity has shifted from isolated control points to interconnected systems, where a single weak link can compromise the entire chain. Attackers today move fluidly between layers, chaining together vulnerabilities across mobile applications, exposed APIs, misconfigured cloud services, CI/CD pipelines, and third-party code dependencies. Defending against these threats requires more than surface level security testing. It demands full stack understanding.

​ This session explores red teaming through the lens of technical depth. Traditional approaches that focus only on endpoint access or simulated phishing no longer reflect the complexity of modern attack paths. Effective red teams must operate with fluency across the entire technology stack, from low-level packet inspection and API abuse to cloud privilege escalation and software supply chain compromise.

​ We will examine what real adversary simulation looks like today and highlight key gaps in how organizations structure their security programs. Topics include cross-domain attack chaining, weaknesses in mobile and backend integrations, vulnerable pipeline configurations, and where common detection efforts fall short. Real-world case studies and chained exploitation scenarios will demonstrate how attackers build paths through multiple layers of infrastructure and application logic.

​Security without full-stack visibility is incomplete.

​Please note:

​This is an on-site side event at TechArena 2026 that requires a ticket to enter Strawberry Arena.

​The side event is independently organized and run by the host of the side event.

​Please direct any questions (or praise!) to the event organizers.