About
About Security BSides
BoD & Staff
Speakers
Talks
Press
CoC & Photo Policy
Sponsors
Year-round Support
Media
Archive
Participate
Registration
Call for Volunteers
Call for Papers
Corporate Sponsorship
Individual Donors
Events
Schedule
Silent Auction & Raffle
Proving Ground
Training Ground
Evening Entertainment
Daytime Events
Pros vs Joes CTF
Venue
Health Information
Room Block
Conference Map
Shuttles Info
Events
Breaking Ground
Common Ground
Ground Truth
Hire Ground
I Am The Cavalry
Training Ground
Skytalks
Unprompted
Monday
August 3rd
Tuesday
August 4th
Wednesday
August 5th
Events
Breaking Ground
Common Ground
Ground Truth
Hire Ground
I Am The Cavalry
PasswordsCon
Proving Ground
Training Ground
Skytalks
Unprompted
08:30-09:00
Middle Ground opens
09:00-09:30
Skytalks token drop
12:30-13:00
Skytalks token drop
13:00-17:00
Proving Ground Pre-game
16:00-17:00
Happy Hour
19:00-22:30
Board Game Night
19:30-22:00
Recovery Hackers
22:00-23:59
DEFCON Furs + Queercon Mixer
10:00-10:30
Jie Wu
The Keyless Backdoor: Detecting GCP Workload Identity Federation Abuse
10:30-11:00
Hala Ali
,
Andrew Case
Beyond Static Analysis: Memory Forensics for Go Malware
11:00-11:30
Tobias Mueller
ACME for S/MIME and the S/MIME ecosystem
14:00-14:45
Jai Sharma
,
Thomas McCarthy
,
Akhil Sharma
Ghost Records: Killing a Vulnerability Class at Enterprise Scale
15:00-15:45
Priyank Nigam
Open Relays in 2026: Red Team Initial Access Vectors
17:00-17:45
Ali Kabeel
Low Severity, High Impact: The Bugs Companies Ignore
18:00-18:45
Vitaly Simonovich
C(2)YA: Inside the Adversary's Inbox
10:00-10:45
Reynaldo Vasquez Garcia
How to Ransomware USB Devices
11:00-12:00
Cindy Cohn
Privacy's Defenders: How Hackers Helped and Can Do So Again
14:30-15:00
Aldo Salas
Came for the AppSec scans, stayed for the flaky tests
15:00-15:45
James Ringold
Building a Quantum Safe Test Lab
17:00-17:45
Greg Albrecht
Your Airspace Has a Security Problem: A Field Guide to Counter-UAS
18:00-18:45
Paulo Sarrin
One Package, One Backdoor: Can AI Stop the Next Supply Chain Attack Before It Reaches You?
10:00-10:45
Fred Heiding
,
Simon Lermen
Devising and Detecting Voice Phishing: Large AI Voice Models (ElevenLabs, Gemini, Sesame) vs. Traditional Human Scam Techniques
11:00-11:30
Ariana Mirian
Victim as a Service: Engaging with Trust Based Scams using AI
14:00-15:00
Jay Jacobs
The Timing of Exploitation Evidence and Prediction
15:00-15:45
Adarsh Kyadige
CerBERTus: A Three-Headed Approach to Prompt Security
17:00-17:45
Divyesh Batra
,
Dustin Niehues
The Shadow IT Leak: Solving Silent Data Loss in Vulnerability Pipelines
18:00-18:45
Rachel Benson
Watching Agents Work: A Behavioral Audit of 189 Offensive-Security LLM Runs
11:00-11:25
Anshu Gupta
Building and Leading High-Performing Security Teams: A Practitioner's Playbook
14:00-14:55
Kris Rides
,
Jeff Bryner
,
Yonesy Nunez
Root To CISO – Just AIsk
15:00-15:55
Ricki Burke
Come With Me If You Want a Job
17:00-17:55
John Stoner
,
Joshua Mason
Cyber Jobs Dumpster Fire: Honest Advice from 2 Veterans
18:00-18:55
Rupinder pal Singh
,
Morgan Hess
How to Stand Out in Cybersecurity's Most Competitive Job Market
10:00-11:30
Joshua Corman
,
David Batz
Do Not Go Gentle Into the Night Disrupting the disrupters of UnDisruptable27
14:00-16:00
Dean Ford
,
Virginia Wright
,
Cole Dutton
The Water Must Flow
17:00-18:00
Christian Dameff
,
Jeff Tully
No Water: No Hospitals : Continuity of Care under Crisis
18:00-18:30
David Batz
Food for Thought: Concentration , Cold Chain, & Consequences
18:30-19:00
Michael Razeeq
,
Bridget Chan
A Whole-of-Society Plan to Save the Country… or at Least Make Friends at Happy Hour
Reservations via Eventbrite
are required.
10:30-14:30
George Bilbrey
,
Tyler Casey
Purple Teaming in Practice: Emulate, Detect, Adapt
10:30-14:30
Hannah Law
,
Adrian Barclay
Burp, But Yours: Hands-On Extension and Bambda Development
10:30-14:30
Glen Sorensen
Burn the Trail: Why Your Personal Digital Exhaust Is An Organizational Problem (And What To Do About It)
10:30-14:30
Marcelle Lee
,
Will Thomas
Threat Actors: Gotta Catch Them All
10:30-14:30
Joshua Connolly
Binary Jiujitsu: White Belt and Blue Belt Fundamentals
15:00-19:00
Peter Manev
,
Jeff Lucovsky
,
Lukas Sismis
Engineering the Hunt: Developing AI SKILLs for Network Security Monitoring
15:00-19:00
Robert Mitera
Root Access to Reality — A Project Management Bootcamp for Hackers
15:00-17:00
Florian Noeding
Ace Your AppSec Interview: Hands-on Practice and Insights
15:00-19:00
K. Melton
Reality Pentesting in Practice: Hands-On Cognitive Red-Teaming
Tokens required for entry. Don't forget to pick up your Skytalks token in Middle Ground.
Click here for more info
.
10:00-10:45
Fred Mack
The Holy Grail of Election Security: Serious Quest or Theater of the Absurd?
11:00-11:30
Guy Barnhart Magen
Your Next Breach Won't Have an Attacker
14:00-14:45
Olivier Bilodeau
S.L. Confidential: The Dirty Secrets of InfoStealers
15:00-15:45
Blu3 Bird
Selective Defense: When Blue Teams Choose Who Matters
17:00-17:45
ryan english
It bleeds...but we can't kill it: how IPIDEA's weak opsec allowed us to see the inner workings behind the botnet's resilience.
18:00-18:30
Brian Waite
GobRAT: Deeper Into the Abyss
18:30-18:45
James Utley
To catch a PseudoScientist
10:00-10:45
Or Eshed
Abusing Agentic AI Browsers: An Exploit-Based Approach
11:00-11:45
Leo Meyerovich
Breaking BOTS II: How frontier AI cheats evals
14:00-14:45
Noelle Murata
Prompt Injection Is an Auth Bug: The Case Against Bearer Tokens in an Agentic World
15:00-15:30
Emily Choi-Greene
Nullify Prompt Injection Attacks
17:00-17:30
Kane Narraway
Paved Roads, AI Potholes: Security Platform Engineering in 2026
17:30-18:00
Mackenzie Jackson
,
Rein Daelman
Turning GitHub Issues Into RCE: Exploiting AI Agents in CI/CD Pipelines
18:00-18:30
Fred Heiding
Mapping the AI Security Landscape: A Comprehensive Analysis of Research Clusters, Disciplinary Gaps, and Defense-Attack Misalignment