BSidesSF 2025: Full Schedule

arrow_back View All Dates

11:15am PDT

Not Every Groundbreaking Idea Needs to Become a Billion-Dollar Startup

Sunday April 27, 2025 11:15am - 11:45am PDT

The cybersecurity industry has 5,000+ startups yet many key problems are overlooked for not being "venture scale." This talk explores alternative paths (bootstrapping, Silicon Valley Small Businesses) and why niche markets and smaller ideas can drive impactful solutions without unicorn pressure.

Speakers

Ross Haleliuk

Co-founder, Stealth

Sunday April 27, 2025 11:15am - 11:45am PDT
AMC IMAX AMC at Metreon

Presentation, General

11:15am PDT

The Four Tribes of Security Champions

Sunday April 27, 2025 11:15am - 11:45am PDT

AMC Theatre 07

“The Four Tribes of Security Champions” is a framework to describe successful security champion programs. The tribes include: The Apprentices, The Fan Club, The Learners, and The Sentinels. We’ll explore a benchmarking tool for each tribe to pick which approach is right for you!

Speakers

Marisa Fagan

Head of Product, Katilyst

Marisa Fagan is Head of Product at a “security champions as a service” startup called Katilyst. She works on building security into the SDLC and empowering developers to own secure code. Previously, she has worked as a security culture expert at places like Atlassian, Salesforce... Read More →

Sunday April 27, 2025 11:15am - 11:45am PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

11:15am PDT

The Growing Crisis in CVE Data Quality

Sunday April 27, 2025 11:15am - 11:45am PDT

AMC Theatre 09

Explore the escalating issues in CVE data: inconsistent reporting, low-quality submissions, and outdated info. Learn why these threaten cybersecurity and what solutions can restore trust in this critical database.

Speakers

Jerry Gamblin

Cisco

Sunday April 27, 2025 11:15am - 11:45am PDT
AMC Theatre 09 AMC at Metreon

Presentation, General

11:30am PDT

Don’t Sh*t-Left: How to Actually Shift-Left

Sunday April 27, 2025 11:30am - 12:15pm PDT

AMC Theatre 14

Shift-left sounds great — catch issues early, save time, empower devs — but too often it backfires, creating noise and chaos. Learn from real-world fails, laugh at sh*t-left stories, and discover practical strategies to make shift-left work. Let’s fix AppSec, one bug at a time.

Speakers

Ahmad Sadeddin

CEO, Corgea

Ahmad is the CEO at Corgea. He's a 3x founder with 1 exit. He's been coding since he was 12 and loves building software solutions to solve deep customer problems. In his spare time (very little of), he loves to BBQ and spend time with family and friends.

Sunday April 27, 2025 11:30am - 12:15pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

11:30am PDT

Effective Handling of Third-Party Supplier Incidents

Sunday April 27, 2025 11:30am - 12:15pm PDT

AMC Theatre 06

Discover efficient incident handling strategies for third-party supplier incidents. Learn the importance of a predefined process and collaboration between risk management and incident response teams. Gain insights into key decision-making considerations and elevate your IR capabilities.

Speakers

Kasturi Puramwar

Information Security Manager, Equinix

Sunday April 27, 2025 11:30am - 12:15pm PDT
AMC Theatre 06 AMC at Metreon

Presentation, Deep Dive

11:30am PDT

When AI Goes Awry: Responding to AI Incidents

Sunday April 27, 2025 11:30am - 12:15pm PDT

AMC Theatre 11

This talk details challenges in incident response for AI systems, including insufficient logging, visibility, and accountability, as well as the risks of data exposure and prompt injection. We examine a case of RAG-enabled LLM and propose triaging strategies and improved IR practices for mitigation.

Speakers

Eoin Wickens

Director of Threat Intelligence, HiddenLayer

Eoin Wickens is the Technical Research Director - Field at HiddenLayer, where he both researches and speaks about security for artificial intelligence and machine learning. He has previously worked in threat research, threat intelligence and malware reverse engineering and has been... Read More →

Marta Janus

Principal Researcher, HiddenLayer

Marta is a Principal Researcher at HiddenLayer, focused on investigating adversarial machine learning attacks and the overall security of AI-based solutions. Prior to HiddenLayer, Marta spent over a decade working as a researcher for leading anti-virus vendors. She has extensive experience... Read More →

Sunday April 27, 2025 11:30am - 12:15pm PDT
AMC Theatre 11 AMC at Metreon

Presentation, Deep Dive

12:00pm PDT

Preparing for Dragons: Don’t Sharpen Swords. Set Traps, Gather Supplies!

Sunday April 27, 2025 12:00pm - 12:30pm PDT

AMC IMAX

Most people aren’t dragon slayers. There are dragon slayers out there, but they’re not us. EDR isn’t a dragon slayer. Neither is the SOC. That’s okay — when the dragon comes, the goal should be *survival,* not going out in a blaze of glory.

Speakers

Adrian Sanabria

Principal Researcher, Defenders Initiative

Adrian is a successful generalist with over two decades of experience hacking, fixing, breaking, building, and teaching in InfoSec. He’s always trying to see the big picture and figure out the best security strategies. Despite all these years in the industry, he is still optimistic... Read More →

Sunday April 27, 2025 12:00pm - 12:30pm PDT
AMC IMAX AMC at Metreon

Presentation, General

12:00pm PDT

The Product Security Imperative: Lessons from CISA

Sunday April 27, 2025 12:00pm - 12:30pm PDT

AMC Theatre 09

Policymakers worldwide have recently taken up product security, making topics like memory safety prominent. In this talk, hear from former CISA Senior Advisor Jack Cable on lessons learned leading CISA's Secure by Design initiative, and what a shift towards product security means for the industry.

Speakers

Jack Cable

CEO & Co-Founder, Corridor

Jack Cable is the CEO and Co-Founder of Corridor. Corridor is the AI-powered Secure by Design platform and is backed by Conviction, Alex Stamos, and Christina Cacioppo. Prior to starting Corridor, Jack served as a Senior Technical Advisor at CISA, where he led the agency’s Secure... Read More →

Sunday April 27, 2025 12:00pm - 12:30pm PDT
AMC Theatre 09 AMC at Metreon

Presentation, General

12:00pm PDT

Trust Engineering: Building Security Leadership at Early-Stage Startups

Sunday April 27, 2025 12:00pm - 12:30pm PDT

AMC Theatre 07

Being the first security leader at a startup is a wild ride. This talk explores "Trust Engineering," a hands-on approach to earn trust, navigate chaos, and build a security foundation with limited resources. Learn how to handle executive expectations and support fast-paced growth.

Speakers

Mike Privette

Cybersecurity Economist, Return on Security

Mike Privette is a former CISO turned cybersecurity economist and the creator of Return on Security, a weekly market intelligence newsletter read by thousands of cybersecurity leaders, founders, and investors.He previously led security at Passport Labs, served as a Divisional CISO... Read More →

Sunday April 27, 2025 12:00pm - 12:30pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

1:15pm PDT

AI's Bitter Lesson for SOCs: Let Machines Be Machines

Sunday April 27, 2025 1:15pm - 2:00pm PDT

AMC Theatre 11

We've been forcing AI to imitate human analyst workflows, but what if that's holding both machines and humans back? Through real-world experiments at Anthropic, we'll show how letting AI tackle security problems its own way can allow humans to focus on the nuanced work machines can't do (yet).

Speakers

Jackie Bow

Technical Staff, Anthropic

A Jackie-of-all- trades, master of some, Jackie seems to be physically unable to stop returning to threat detection and response. Her 15 years in the industry have been spent across multiple disciplines including malware analysis, reverse engineering, infrastructure and product security... Read More →

Peter Sanford

Sunday April 27, 2025 1:15pm - 2:00pm PDT
AMC Theatre 11 AMC at Metreon

Presentation, Deep Dive

1:15pm PDT

Confidential Computing: Protecting Customer Data in the Cloud

Sunday April 27, 2025 1:15pm - 2:00pm PDT

AMC Theatre 14

Ever wonder how your data is really handled in the cloud? Confidential Computing gives you an answer by isolating your data and cryptographically proving what code was run. This talk dives into the hardware and software behind Confidential Computing, and how to ship it in real-world cases.

Speakers

Jordan Mecom

Sunday April 27, 2025 1:15pm - 2:00pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, Deep Dive

1:15pm PDT

CyberCAN: A Roadmap for Municipal Support of Nonprofit Cybersecurity in SF

Sunday April 27, 2025 1:15pm - 2:00pm PDT

AMC Theatre 06

UC Berkeley studied 68 San Francisco nonprofits to assess their cybersecurity needs, resources, and adoption of protective controls. Our findings include actionable recommendations for the City of San Francisco to improve support for nonprofits and boost resilience against growing cyber threats.

Speakers

Sarah Powazek

UC Berkeley CLTC

Sarah Powazek is the Program Director of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity (CLTC), where she leads flagship policy and research work to help under-resourced public interest organizations improve their defenses. Sarah co-leads the Consortium... Read More →

Shannon Pierson

Senior Fellow of Public Interest Cybersecurity, UC Berkeley Center for Long-Term Cybersecurity

Shannon Pierson is a senior fellow of Public Interest Cybersecurity at the UC Berkeley Center for Long-Term Cybersecurity (CLTC), where she leads research initiatives focused on strengthening the cybersecurity of organizations that often fall through the cracks of cyber defense—namely... Read More →

Sunday April 27, 2025 1:15pm - 2:00pm PDT
AMC Theatre 06 AMC at Metreon

Presentation, Deep Dive

1:30pm PDT

Iron-Clad PKI: Crypto Agility for the Quantum Era

Sunday April 27, 2025 1:30pm - 2:00pm PDT

AMC Theatre 07

Quantum computing is breaking RSA/ECC; your PKI is at risk! Learn strategies to align with NIST PQC standards and secure your cryptographic resilience for the post-quantum era.

Speakers

Prasanth Sundararajan

Head of Product Security, Appviewx Inc

Sunday April 27, 2025 1:30pm - 2:00pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

1:30pm PDT

Lessons from Running a Product Security-Focused Cybersecurity Clinic

Sunday April 27, 2025 1:30pm - 2:00pm PDT

AMC Theatre 09

We established Stanford's product security clinic in 2023 to help community organizations secure the software services they offer, diverging from traditional university cybersecurity clinics that focus on corporate security. Here's what we learned from our first two years of operation.

Speakers

Aditya Saligrama

Joey Holtzman

Sunday April 27, 2025 1:30pm - 2:00pm PDT
AMC Theatre 09 AMC at Metreon

Presentation, General

1:30pm PDT

The Power of Persuasion: Better Security Through... Manipulation?

Sunday April 27, 2025 1:30pm - 2:00pm PDT

AMC IMAX

Security’s weakest link comes with ten fingers, ten toes and an uncanny ability to find ways past your thoughtfully implemented controls. Learn well-tested psychology principles that drive positive security outcomes. From social proof to reciprocity, small changes in approach bring outsized results.

Speakers

Nate Lee

Sunday April 27, 2025 1:30pm - 2:00pm PDT
AMC IMAX AMC at Metreon

Presentation, General

2:15pm PDT

Don't Trust, Verify! - How I Found a CSRF Bug Hiding in Plain Sight

Sunday April 27, 2025 2:15pm - 2:45pm PDT

AMC Theatre 14

This talk explores the discovery of a long-standing CSRF (Cross-Site Request Forgery) vulnerability in the popular gorilla/csrf Go library. The goal is to encourage the audience to perform vulnerability research experiments in their own commonly used tools.

Speakers

Patrick O'Doherty

Member of Technical Staff, Tailscale

Sunday April 27, 2025 2:15pm - 2:45pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, General

2:15pm PDT

Mapping the SaaS Attack Surface

Sunday April 27, 2025 2:15pm - 2:45pm PDT

AMC Theatre 07

In this presentation, attendees will be introduced to the concept of SaaS attack surface mapping. We will conduct an analysis of current techniques while also unveiling novel approaches that have not been previously disclosed. We will release an open-source tool designed to implement this.

Speakers

Jaime Blasco

Cofounder / CTO, Nudge Security

Jaime Blasco is known for his security research and efforts to enable more collaborative threat-intelligence sharing. He is CTO and co-founder of Nudge Security. Using a patented, network-less approach to SaaS discovery and governance, Nudge Security drives meaningful behavioral change that strengthens SaaS security postures without disrupting the pace of work. Previously, he led the threat intelligence and data science unit at AT&T Alien Labs. Pr... Read More →

Sunday April 27, 2025 2:15pm - 2:45pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

2:15pm PDT

Radical Results: A Security Org's Version of Radical Candor

Sunday April 27, 2025 2:15pm - 2:45pm PDT

AMC IMAX

Security practitioners are put in tough positions whether you're new to security or an experienced CISO. Based on "Radical Candor", you'll leave this talk with new perspective on the way security teams are perceived by their peers and how to optimize the good and minimize the unavoidable bad.

Speakers

Evan Johnson

CEO, RunReveal

Sunday April 27, 2025 2:15pm - 2:45pm PDT
AMC IMAX AMC at Metreon

Presentation, General

2:15pm PDT

Third-party Risk Management: SOC 2s, Security Questionnaires, and Psychosis

Sunday April 27, 2025 2:15pm - 2:45pm PDT

AMC Theatre 09

Condemning “check-box” vendor risk management and security questionnaires is a hot talking point nowadays. This talk will discuss the related but distinct problems in the TPRM space and offer practical, creative solutions to help deliver high-value outcomes via third-party risk management.

Speakers

Eleanor Mount

Security Risk and Compliance Manager, Asana

Eleanor is a Security Risk and Compliance Manager at Asana, where she has helped build and scale GRC programs from the ground up, including risk management, customer trust, and the implementation of new security compliance frameworks. Prior to Asana, she worked in the health technology... Read More →

Sunday April 27, 2025 2:15pm - 2:45pm PDT
AMC Theatre 09 AMC at Metreon

Presentation, General

2:15pm PDT

Compliance Without the Chaos: Building It Right Into Your DevOps Pipeline

Sunday April 27, 2025 2:15pm - 3:00pm PDT

AMC Theatre 06

Compliance often feels like the party crasher in the DevOps world- unwanted, and slowing everyone down. But what if compliance could be an insider, seamlessly fitting into your CI/CD pipeline without breaking a sweat? In this talk, we’ll tackle the age-old battle between engineers and compliance.

Speakers

Varun Gurnaney

Staff Security Engineer, GRC Engineering

Security Engineer in of San Francisco. Previously held security roles at Robinhood, Zendesk and EY. I didn’t watch the eclipse

Sunday April 27, 2025 2:15pm - 3:00pm PDT
AMC Theatre 06 AMC at Metreon

Presentation, Deep Dive

2:15pm PDT

Securing AI Agents: Exploring Critical Threats and Exploitation Techniques

Sunday April 27, 2025 2:15pm - 3:00pm PDT

AMC Theatre 11

Our talk will focus on securing autonomous AI agents by addressing their unique threats. We will dive into threat modeling of real-world autonomous AI systems, model poisoning attacks with hacking demos, and then explore advanced prompt injection techniques and mitigation strategies.

Speakers

Naveen Konrajankuppam Mahavishnu

Mohankumar Vengatachalam

Sunday April 27, 2025 2:15pm - 3:00pm PDT
AMC Theatre 11 AMC at Metreon

Presentation, Deep Dive

3:00pm PDT

A Deep Dive into the Triad Nexus Pig Butchering & Money Laundering Network

Sunday April 27, 2025 3:00pm - 3:30pm PDT

AMC IMAX

The presentation will cover research into pig butchering scams connected to FUNNULL CDN-hosted money laundering, retail phishing campaigns targeting luxury brands, and more. Technical analysis steps will be provided and explained in-depth as we cover this threat which we have dubbed “Triad Nexus."

Speakers

Zach Edwards

Sunday April 27, 2025 3:00pm - 3:30pm PDT
AMC IMAX AMC at Metreon

Presentation, General

3:00pm PDT

Care and Feeding of HSMs: Key Management in Hard Mode

Sunday April 27, 2025 3:00pm - 3:30pm PDT

AMC Theatre 14

Cryptography's dirty secret: your security is only as strong as your key management. Dive into the treacherous world of HSMs, which promise salvation but deliver operational nightmares and hidden costs. HSMs: not for the faint of heart!

Speakers

Nick Pelis

Security Engineering Manager, Verkada

Sunday April 27, 2025 3:00pm - 3:30pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, General

3:00pm PDT

Intro to Privacy-Enhancing Technologies (PETs)

Sunday April 27, 2025 3:00pm - 3:30pm PDT

AMC Theatre 07

Privacy-Enhancing Technologies (PETs) are transforming data handling by ensuring privacy and security throughout the data lifecycle. This talk explores the latest advancements in PETs, focusing on Secure Multiparty Computation (MPC), Homomorphic Encryption (HE), and their real-world applications.

Speakers

Harshal Shah

Sr. Software Engineer, Visa Research

Sunday April 27, 2025 3:00pm - 3:30pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

3:00pm PDT

There and Back Again: Discovering OT Devices Across Protocol Gateways

Sunday April 27, 2025 3:00pm - 3:30pm PDT

AMC Theatre 09

Operational Technology (OT) describes devices that control things in the real world, like factories and generators. This talk discusses the security implications of the convergence of IT and OT, with deep dives into OT protocols and device discovery — even behind legacy protocol gateways.

Speakers

Rob King

Sunday April 27, 2025 3:00pm - 3:30pm PDT
AMC Theatre 09 AMC at Metreon

Presentation, General

3:15pm PDT

How to Tame Your Dragon: Productionizing Agentic Apps Reliably and Securely

Sunday April 27, 2025 3:15pm - 4:00pm PDT

AMC Theatre 11

Taming dragons is risky—so is deploying agentic apps. Like dragons, they’re unpredictable, with threats like hallucinations, non-determinism, vast input spaces, and attacker prompt injections. We show how open-source tools tame the beast, so you can confidently deploy AI agents in production.

Speakers

Thomas Vissers

Blue41 | KU Leuven

Thomas Vissers specializes in the dynamic intersection of cybersecurity and AI. He packs 10 years of experience in developing and operating production-grade AI security systems. Previously at Cloudflare, he served as an engineering leader for data-driven security products, scaling... Read More →

Tim Van hamme

co-lead Blue41, PostDoc, Blue41, DistriNet, KU Leuven

Tim Van hamme is a computer scientist specialized in AI security and behavioral analysis, leading research at KU Leuven's DistriNet on secure and trustworthy AI adoption. As co-lead of Blue41, he bridges rigorous academic research with industry applications, helping organizations... Read More →

Sunday April 27, 2025 3:15pm - 4:00pm PDT
AMC Theatre 11 AMC at Metreon

Presentation, Deep Dive

3:15pm PDT

Slaying the Dragons: A Security Professional’s Guide to Malicious Packages

Sunday April 27, 2025 3:15pm - 4:00pm PDT

AMC Theatre 06

This session reveals how attackers exploit typosquatting, author impersonation, and innovative malware campaigns to infiltrate software supply chains. Learn practical threat hunting methodologies and gain step-by-step guides to detect, analyze, and defend against these software supply chain dragons.

Speakers

Kirill Boychenko

Sunday April 27, 2025 3:15pm - 4:00pm PDT
AMC Theatre 06 AMC at Metreon

Presentation, Deep Dive

3:45pm PDT

Follow the Trace: How Traditional AppSec Tools Have Failed Us

Sunday April 27, 2025 3:45pm - 4:15pm PDT

AMC Theatre 09

Join the journey of an application data trace as it navigates runtime application security. Follow a trace through an application, uncovering how tools like RASP provide real-time insights, detect threats, and block attacks. Learn how traces enhance security by revealing vulnerabilities in action.

Speakers

Kennedy Toomey

Application Security Researcher & Advocate, Datadog

Kennedy Toomey is an Application Security Researcher & Advocate at Datadog. Previously she was an Application Security Engineer where she spent her time working with developers to help fix vulnerabilities and write more secure code.

Sunday April 27, 2025 3:45pm - 4:15pm PDT
AMC Theatre 09 AMC at Metreon

Presentation, General

3:45pm PDT

Is Vulnerability Management Dead? A Security Architect’s Survival Guide

Sunday April 27, 2025 3:45pm - 4:15pm PDT

AMC Theatre 07

This session discusses the necessary shift from traditional vulnerability management and explores a security architect's journey in building a robust cloud risk remediation program. We will outline best practices for risk prioritization & triage, navigating IaC & cloud-native mitigating controls.

Speakers

Snir Ben Shimol

CEO | CSO, ZEST Security

Sunday April 27, 2025 3:45pm - 4:15pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

3:45pm PDT

Scalably Securing Third-party Dependencies in Heterogeneous Environments

Sunday April 27, 2025 3:45pm - 4:15pm PDT

AMC IMAX

Learn how Anthropic automates dependency security at scale across diverse infrastructure and environments while still letting engineers use the tools and dependencies they need. We'll explore Dependant, our tool to enforce our dependency posture at the network level, and how users interact with it.

Speakers

Ziyad Edher

Software Engineer, Anthropic

Chris Norman

Member of Technical Staff, Anthropic

Sunday April 27, 2025 3:45pm - 4:15pm PDT
AMC IMAX AMC at Metreon

Presentation, General

3:45pm PDT

Shadow IT Battlefield: The CyberHaven Breach and Defenses That Worked

Sunday April 27, 2025 3:45pm - 4:15pm PDT

AMC Theatre 14

Discover how the Cyberhaven breach case exposed critical Shadow IT risks — and the proactive allowlist strategy that minimized business disruption. The proactive controls saved our 40M+ users from being impacted. Gain insights, metrics, and a blueprint for continuous monitoring.

Speakers

Rohit Bansal

Zach Pritchard

Sunday April 27, 2025 3:45pm - 4:15pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, General

4:15pm PDT

The Silent Breach: Security Threats in Google Workspace

Sunday April 27, 2025 4:15pm - 4:45pm PDT

AMC Theatre 06

Google Workspace enables enterprise productivity, but attackers exploit logging gaps to escalate privileges, exfiltrate data, and evade detection. This talk reveals real-world attacks that bypass monitoring and shares techniques to investigate these threats, even without sufficient logs.

Speakers

Rex Guo

Khang Nguyen

Sunday April 27, 2025 4:15pm - 4:45pm PDT
AMC Theatre 06 AMC at Metreon

Presentation, General

4:15pm PDT

GenAI Application Security: Not Just Prompt Injection

Sunday April 27, 2025 4:15pm - 5:00pm PDT

AMC Theatre 11

As generative AI adoption grows, its interconnected components — agents, vector databases, and LLMs — introduce complex security risks. This session examines these concerns, offering actionable strategies to secure agent interactions, protect models, and fortify data workflows.

Speakers

Ahmed Abugharbia

Cyberdojo

Sunday April 27, 2025 4:15pm - 5:00pm PDT
AMC Theatre 11 AMC at Metreon

Presentation, Deep Dive

4:30pm PDT

Fireproof Your Castle with Risk-First GRC

Sunday April 27, 2025 4:30pm - 5:00pm PDT

AMC Theatre 07

GRC teams can be more than just gridlock, red tape, and checklists. By prioritizing a risk-first approach, leveraging both quantitative and qualitative methodologies, and adopting principles-based compliance, GRC becomes a proactive force that empowers organizations to effectively combat security.

Speakers

Aakash Yadav

Lindsey Pilver

Sunday April 27, 2025 4:30pm - 5:00pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

4:30pm PDT

How to Pull Off a Near Undetectable DDoS Attack (And How to Stop It)

Sunday April 27, 2025 4:30pm - 5:00pm PDT

AMC IMAX

What happens when a bad actor has access to millions of browsers? They can pull off a massive attack.

Speakers

Simon Wijckmans

Sunday April 27, 2025 4:30pm - 5:00pm PDT
AMC IMAX AMC at Metreon

Presentation, General

4:30pm PDT

Round and Around We Go: Interviews, What Do You Know?

Sunday April 27, 2025 4:30pm - 5:00pm PDT

AMC Theatre 09

In this talk, I’ll discuss hiring trends for Security Engineers and Leaders in 2024, covering metrics like time to hire, interview rounds, formats, and rejection trends. Data comes from 30+ placements at 10+ tech startups, mainly in SF, offering insights into the cybersecurity hiring landscape.

Speakers

Erin Barry

Sunday April 27, 2025 4:30pm - 5:00pm PDT
AMC Theatre 09 AMC at Metreon

Presentation, General

4:30pm PDT

Understanding IRSF Fraud: Protecting Against SMS Exploitation

Sunday April 27, 2025 4:30pm - 5:00pm PDT

AMC Theatre 14

Attackers making money from MY 2FA? It's more likely than you think! SMS is a common 2FA method but creates risk: International Revenue Share Fraud, inflating SMS traffic to siphon revenue. Attendees will learn how to detect and mitigate IRSF with Cloudflare, OpenAI, and Datadog.

Speakers

Vien Van

Gusto

Senthil Sivasubramanian

Eng Leader, Gusto

Sunday April 27, 2025 4:30pm - 5:00pm PDT
AMC Theatre 14 AMC at Metreon

Presentation, General