About
About Security BSides
BoD & Staff
Speakers
Talks
Press
CoC & Photo Policy
Sponsors
Year-round Support
Media
Archive
Participate
Registration
Call for Volunteers
Call for Papers
Corporate Sponsorship
Individual Donors
Events
Schedule
Silent Auction & Raffle
Proving Ground
Training Ground
Evening Entertainment
Daytime Events
Pros vs Joes CTF
Venue
Covid Information
Room Block
Conference Map
Shuttles Info
Middle Ground
Breaking Ground
Common Ground
Ground Floor
Ground Truth
Hire Ground
I Am The Cavalry
PasswordsCon
Proving Ground
Training Ground
Skytalks
Find us on
HackerTracker
Tuesday
August 6th
Wednesday
August 7th
Middle Ground
Breaking Ground
Common Ground
Ground Floor
Ground Truth
Hire Ground
I Am The Cavalry
PasswordsCon
Proving Ground
Training Ground
Skytalks
20:00-02:00
Volunteer Appreciation Poolside Karaoke
08:00-08:05
Registration Re-Opens
08:30-09:30
Breakfast, Day 2
12:30-14:00
Lunch, Day 2
16:00-17:00
Happy Hour, Day 2
20:00-21:00
Friends Of Bill W Meet-Up, Day 2
22:00-04:00
BSides Las Vegas Pool Party
09:00-09:20
Daemon Tamer
Opening Remarks - Day Two
09:30-10:15
Andrea M. Matwyshyn
Keynote, Day 2
10:30-11:15
Jay Chen
,
Ravid Mazon
BOLABuster: Harnessing LLMs for Automating BOLA Detection
11:30-12:15
Matthew Sullivan
,
Dominic Zanardi
JIT Happens: How Instacart Uses AI to Keep Doors Open and Risks Closed
13:00-13:45
Daemon Tamer
,
Phil Young
,
Grant Dobbe
14 Years Later, Proving Ground is Proving Out
14:00-14:20
Dave Bailey
Hell-0_World | Making Weather Cry
14:30-14:50
Elysee Franchuk
,
Mohnish Dhage
LOLS: LO Level Shells
15:00-15:45
Patrick Kiley
Introducing Serberus - a multi headed serial hardware hacking tool
17:00-17:45
Brian Reilly
Modern ColdFusion Exploitation and Attack Surface Reduction
18:00-18:20
Christophe Tafani-Dereeper
From keyless to careless: Abusing misconfigured OIDC authentication in cloud environments
18:30-18:50
Brendan O’Leary
Fuzzing Frontiers: Exploring Unknown Unknown Vulnerabilities
19:00-19:45
Daemon Tamer
Closing Ceremony
10:30-11:15
Mike Larkin
101 Things Your Application is Doing Without Your Knowledge
11:30-12:15
Emma Fang
Securing Your Cloud-Native DevOps: A Zero Trust Approach
14:00-14:20
James Ringold
Quantum Computing: When will it break Public Key cryptography?
14:30-14:50
Hubert Lin
One Port to Serve Them All - Google GCP Cloud Shell Abuse
15:00-15:45
Chloé Messdaghi
Security for AI Basics - Not by ChatGPT
17:00-17:45
Yotam Perkal
Beyond Whack-a-Mole: Scaling Vulnerability Management by Embracing Automation
18:00-18:45
Grey Fox
Introduction to Software Defined Radio – For Offensive and Defensive Operations
10:30-11:15
Blake Hudson
Pipeline Pandemonium: How to Hijack the Cloud and Make it Rain Insecurity
11:30-12:15
John Evans
Building Data Driven Access with the tools you have
14:00-14:20
Sing Ambikapathi
The road to developers' hearts
14:30-14:50
Glenn Thorpe
Discover the Hidden Vulnerability Intelligence within CISA's KEV Catalog
15:00-15:45
0DDJ0BB
Nothing Went to Plan..... Because You Didn't Have a Plan
17:00-17:45
George Polivka
,
Aarav Balsu
Rolling out the C2: A Take on Modern Red Team Infrastructure
18:00-18:45
Cybelle Olivera
,
Mauro Eldritch
The B-side that no one sees: the ransomware that never reached mainstream popularity
10:30-11:15
Suha Sabi Hussain
Incubated Machine Learning Exploits: Backdooring ML Pipelines Using Input-Handling Bugs
11:30-12:15
Matthew Canham
Hacking Things That Think
14:00-14:45
Emanuel Valente
DoH Deception: Evading ML-Based Tunnel Detection with Black-Box Attack Techniques
15:00-15:45
Bobby Filar
PhishDefend: A Reinforcement Learning Framework for Measuring AI-Augmented Phishing Detection and Response
17:00-17:45
Ezz Tahoun
ZERO-RULES Alert Contextualizer & Correlator
18:00-18:45
arun vishwanath
I won't allow my child to have a smartphone: Why Smart parents make not so smart children
10:30-11:20
Anthony Hendricks
You Need a Jay-z and a Beyoncé: How Sponsors and Mentors Can Supercharge Your Career in Cybersecurity
11:30-12:20
Phillip Wylie
Penetration Testing Experience and How to Get It
13:30-14:20
Leif Dreizler
,
Misha Yalavarthy
Tracking and hacking your career
14:30-15:20
Mea Clift
How Living and Quilting History made me a better Cybersecurity Professional
10:30-11:00
Josh Corman
,
David Batz
Introduction to I Am The Cavalry - Day Two - Preparing for 2027
11:00-12:30
Andrea M. Matwyshyn
Difficult Conversations
14:00-16:00
Josh Corman
Time is up. You have three years, 3 months, 3 weeks, to protect your Stuff. What do you do?
17:00-19:00
Beau Woods
,
Karl Holmqvist
Wars and Rumors of Wars - What are the implications for Domestic Critical Infrastructure?
10:30-11:15
Filipi Pires
Cloud Attack: Dissecting Attack Paths with Graph-Mode
11:30-11:50
Rohit Bansal
Practical Perimeter-less authentication solutions for Startups using AWS native solutions
12:00-12:20
Bård Aase
That's not my name
14:00-14:45
Ron Nissim
Is PAM Dead?! Long live Just-in-time Access!
15:00-15:45
Elonka Dunin
,
Klaus Schmeh
Breaking Historical Ciphertexts with Modern Means
17:00-17:45
Dwayne McDaniel
Long Live Short Lived Credentials - Auto-rotating Secrets At Scale
18:00-18:45
Cecilie Wian
Picking a fight with the banks
10:30-10:55
Mário Leitão-Teixeira
CVSS v4 – A Better Version of an Imperfect Solution
11:00-11:25
Charissa Kim
GEN-Z Critique on SOC 2
11:30-11:55
George Wang
Building a Security Audit Logging System on a Shoestring Budget
12:00-12:25
Randall Wyatt
You can be neurodivergent and succeed in InfoSec
14:00-14:25
HexxedBitHeadz
A New Host Touches the Beacon
14:30-14:55
Jason Odoom
Unleashing the Future of Development: The Secret World of Nix & Flakes
15:00-15:25
Paul Wortman
Taking D-Bus to Explore the Bluetooth Landscape
15:30-15:55
Carlos Gonçalves
Intel-Driven Adversary Simulation for A Holistic Approach to Cybersecurity
Reservations via Eventbrite
are required.
10:30-14:30
Abhijith “Abx” B R
Kickstarting adversary emulation engagements in your organization
10:30-19:00
Troy Defty
Linux Privilege Escalation
10:30-19:00
Kerry Hazelton
“Cloud Forensics Workshop - AI Edition - Day 2"
10:30-14:30
Stryker
Career Campaigns: Re-Specing Your Professional Class for an InfoSec Role [Tabletop RPG Workshop] Session 2
10:30-19:00
Jose Fernandez
Using containers to analyze malware at scale
10:30-14:30
Shota Shinogi
How (not) to Build a Vulnerable LLM App: Developing, Attacking, and Securing Applications
15:00-19:00
Andy Dennis
,
William Reyor
DevSecOps and Securing your SDLC
15:00-17:00
Mike Larkin
,
Rizwan Merchant
Workshop: Vulnerability Reachability Analysis Using OSS Tools
15:00-19:00
Matt Cheung
Introduction to Cryptographic Attacks
Tokens required for entry. Don't forget to pick up your Skytalks token in Middle Ground.
10:30-11:15
John O. THORNE
Insider Threat: The Unwilling Watchman
11:30-12:15
Bluescreenofwin
How the police use, misuse, and abuse your data
14:00-14:45
Jeff Man
The State of Information Security Today
15:00-15:45
Ignacio Navarro
Insert coin: Hacking arcades for fun (Extended version)
17:00-17:45
Guy Barnhart-Magen
From Drone Strike to File Recovery, the full story (some profanity included)
18:00-18:45
Alexis Hancock
,
Hannah Zhao
,
Rory Mir
Ask the EFF