About
About Security BSides
BoD & Staff
Speakers
Talks
Press
CoC & Photo Policy
Sponsors
Year-round Support
Media
Archive
Participate
Registration
Call for Volunteers
Call for Papers
Corporate Sponsorship
Individual Donors
Events
Schedule
Silent Auction & Raffle
Proving Ground
Training Ground
Evening Entertainment
Daytime Events
Pros vs Joes CTF
Venue
Covid Information
Room Block
Conference Map
Shuttles Info
Middle Ground
Breaking Ground
Common Ground
Ground Floor
Ground Truth
Hire Ground
I Am The Cavalry
PasswordsCon
Proving Ground
Training Ground
Skytalks
Find us on
HackerTracker
Tuesday
August 6th
Wednesday
August 7th
Middle Ground
Breaking Ground
Common Ground
Ground Floor
Ground Truth
Hire Ground
I Am The Cavalry
PasswordsCon
Proving Ground
Training Ground
Skytalks
07:30-19:30
Registration, Day 1
08:30-09:30
Breakfast, Day 1
12:30-14:00
Lunch, Day 1
16:00-17:00
Happy Hour, Day 1
19:00-21:00
Daemon Tamer
BSides Organizers Meet-Up
20:00-21:30
Friends Of Bill W Meet-Up, Day 1
09:00-09:20
Daemon Tamer
Opening Remarks - Day One
09:30-10:15
Sven Cattell
Keynote, Day 1
10:30-11:15
Guy Barnhart-Magen
From Drone Strike to File Recovery, outsmarting a nation state
11:30-12:15
Allyn Stott
The Fault in Our Metrics: Rethinking How We Measure Detection & Response
14:00-14:45
Fabricio Bortoluzzi
Insights on using a Cloud Telescope to observe internet-wide botnet propagation activity
15:00-15:20
Liv Matan
My Terrible Roommates: Discovering the FlowFixation Vulnerability & the Risks of Sharing a Cloud Domain
15:30-15:50
Nick Frost
Chrome Cookie Theft on macOS, and How To Prevent It
17:00-17:45
Ryo Minakawa
,
Atsushi Kanda
,
Kaichi Sameshima
Operation So-seki: You Are a Threat Actor. As Yet You Have No Name.
18:00-18:45
Elad Pticha
,
Oreen Livni Shein
Redis or Not: Argo CD & GitOps from an Attacker's Perspective
10:30-11:15
Kirill Efimov
,
Eitan Worcel
Don’t Make This Mistake: Painful Learnings of Applying AI in Security
11:30-12:15
K Melton
DivergeNET: Calling All Neurodivergent, Disabled Rebels to Join the Cyberpunk Resistance!
14:00-14:45
Kyle Shockley
,
Caleb Davis
How We Accidentally Became Hardware Hackers
15:00-15:20
Yaron Avital
Raiders of the Lost Artifacts: Racing for Hidden Treasures in Public GitHub Repositories
15:30-15:50
dade
Free Your Mind: Battling Our Biases
17:00-17:45
Laura Johnson
Cyber Harassment: Stop the silence, save lives
18:00-18:45
Harriet Farlow
On Your Ocean's 11 Team, I'm the AI Guy (or Girl)
10:30-11:15
David French
Detection Engineering Demystified: Building Custom Detections for GitHub Enterprise
11:30-11:50
Sherman
,
Adi
Adversaries Also Lift & Shift: Cloud Threats Through the Eyes of an Adversary
12:00-12:20
Josh Kamdjou
EHLO World: Spear-Phishing at Scale using Generative AI
14:00-14:45
Ignacio Navarro
Insert coin: Hacking arcades for fun
15:00-15:20
Amit Srour
Prepare for the Appocalypse - Exposing Shadow and Zombie APIs
15:30-15:50
Will Vandevanter
WHOIS the boss? Building Your Own WHOIS Dataset for Reconnaissance
17:00-17:45
Angel Gamboa
Tactics of a Trash Panda
18:00-18:45
Fabricio Gimenes
Windows EventLog Persistence? The Windows can help us
10:30-11:15
Douglas McKee
Seek out new protocols, and boldly go where no one has gone before
11:30-12:15
Fred Heiding
,
Simon Lermen
Devising and detecting spear phishing using data scraping, large language models, and personalized spam filters
14:00-14:45
Wendy Hou-Neely
Navigating the Changing Cyber Landscape: Trends, Costs, and Risk Mitigation Strategies
15:00-15:20
Emily Austin
Defensive Counting: How to quantify ICS exposure on the Internet when the data is out to get you
15:30-15:50
Ariana Mirian
What Do We Learn When We Scan the Internet every hour?
17:00-17:45
Brandon Pinzon
Looking for Smoke Signals in Financial Statements, for Cyber
18:00-18:20
Preeti Ravindra
AI in the human loop: GenAI in security service delivery
18:30-19:30
Security Data Science Meet-Up
10:30-11:20
Munish Walther-Puri
Cultivating Resilience: How to Succeed in a Role that Didn’t Exist
11:30-12:20
Jason Fredrickson
Behavioral Interviewee-ing: Inverting the Corporate Interview to Get You Hired
13:00-13:50
Ricki Burke
Brute Force Your Job Application
14:00-14:50
Kirsten Renner
,
Ricki Burke
,
Kris Rides
,
Silvia Lemos
What Goes Bump in the Night? Recruiter Panel About Job Search and Other Scary Things
15:00-16:00
Kris Rides
Root To CISO
15:00-16:00
Ricki Burke
Trick or Treat: The Tricks and Treats of Job Search
15:00-16:00
Munish Walther-Puri
How to Stop Looking for a Job, and Start Looking for Culture
10:30-11:00
Josh Corman
,
David Batz
Getting Serious (Un)-Resilience of Lifeline Critical Infrastructure.
11:00-11:45
Raymond Sheh
Cybersecurity and Artificial Intelligence Risk Management Challenges for the Next Generation of Public Safety Systems
11:45-12:30
Ira Victor
Security Trek: The Next Generation
14:00-15:00
Sick.Codes
,
Casey John Ellis
Hungry, Hungry Hackers
15:00-16:00
Dean Ford
Blood in the Water: Preparing For the Feeding Frenzy
17:00-18:00
Christian Dameff
Health Care is in Intensive Care
18:00-19:00
Dr. Emma Stewart
Living With the Enemy – How to protect yourself (and Energy Systems)
10:30-10:50
Aldo Salas
We removed passwords, now what?
11:00-11:20
Dr. Sanchari Das
Enhancing Digital Authentication in Remote Indian Markets
11:30-12:15
John-André Bjørkhaug
All your badge are belong to me
14:00-14:45
Troy Defty
,
Kathy Zhu
Detecting Credential Abuse
15:00-15:45
Kenton McDonough
Zero downtime credential rotation
17:00-17:45
jeff deifik
Passwords 101
18:00-18:20
Per Thorsheim
Standardizing Password Surveys
18:30-18:50
Actuator
CVE Hunting: Wi-Fi Routers, OSINT & 'The Tyranny of the Default'
10:30-10:55
Craig Lester
An adversarial approach to Airline Revenue Management
11:00-11:25
Larissa Fonseca
And what if it was hacked? Tactics and Impacts of Adversarial Machine Learning
11:30-11:55
Tessa Mishoe
Disinform your Surroundings: AI and disinformation campaigns
12:00-12:25
Carrie Randolph
Hacking Trust Establishment
14:00-14:25
Max Arnold
PCR 9: How a simple misconfiguration can break TPM full disk encryption
14:30-14:55
Michelle Eggers
The Immortal Retrofuturism of Mainframe Computers and How to Keep Them Safe
15:00-15:25
Lenin Alevski
A Quick Story Of Security Pitfalls With Exec Commands In Software Integrations
15:30-15:55
Eiji Mori
,
Norihide Saito
Are you content with our current attacks on Cotent-Type?
17:00-17:25
Troy Bowman
Threat Modeling at Scale: More than shifting left
17:30-17:55
Harini Ramprasad
,
Krity Kharbanda
Demystifying SBOMs: Strengthening cybersecurity defenses
Reservations via Eventbrite
are required.
10:30-14:30
Ryan O’Donnell
Modifying Impacket for Better OpSec
10:30-19:00
Josh Kamdjou
Email Detection Engineering and Threat Hunting
10:30-19:00
Kerry Hazelton
Cloud Forensics Workshop - AI Edition - Day 1
10:30-14:30
Eoin Wickens
,
Travis Smith
AI Insecurity - An introduction to attacking AI and machine learning models.
10:30-14:30
Stryker
Career Campaigns: Re-Specing Your Professional Class for an InfoSec Role [Tabletop RPG Workshop]
10:30-14:30
Lenin Alevski
Kubernetes Security: Hands-On Attack and Defense
15:00-19:00
Alex Lynd
Solder Your Own Cat-Themed Wardriving Tool! (with DevKitty)
15:00-17:00
Tal Folkman
Trust or Bust: Unveiling Vulnerabilities in Developer Trust
15:00-19:00
Paul McCarty
Red Teaming the Software Supply Chain
15:00-19:00
James Hawk
,
Brian Burnett
Hide your kids, turn off your Wi-Fi, they Rogue APing up in here; 101
Tokens required for entry. Don't forget to pick up your Skytalks token in Middle Ground.
10:30-11:15
Zitterbewegung
Psychic Paper: Cloning RFID badges and the Photo ID on them.
11:30-11:50
Kindness is Punk
Microsoft fucked it up
11:55-12:15
@g1a55er
SteamOS: Literally Anyone With A Keyboard Can Pwn This
14:00-14:45
Edward Farrell
Theranos 2.0- Vapourware inside
15:00-15:45
Alex Thines
,
Brad “Sno0ose” Ammerman
Weaponizing Drones and Where To Find Them
17:00-17:45
Ryan English
How to lose 600,000 routers in 3 days (and almost get away with it)
18:00-18:20
J
Law Enforcement and IMSI catchers – A privacy nightmare
18:25-18:45
evan
Confessions of an Exploit Broker - How to Efficiently Sell Your Research