Loading…
Venue: AMC IMAX clear filter
Saturday, April 26
 

10:00am PDT

Opening Remarks
Saturday April 26, 2025 10:00am - 10:15am PDT
AMC IMAX
Welcome to Day One of BSidesSF 2025!
Saturday April 26, 2025 10:00am - 10:15am PDT
AMC IMAX AMC at Metreon

10:15am PDT

Sharing Vulnerabilities
Saturday April 26, 2025 10:15am - 11:00am PDT
AMC IMAX
In security, we share a lot about vulnerabilities—but rarely our own. In his keynote, Clint Gibler reflects on the personal side of working in this high-pressure field, and what it means to show up as a whole human in this community. Through personal experiences, lessons and stories, Clint invites us to think about what really matters—and how being vulnerable is a strength.
Speakers
avatar for Clint Gibler

Clint Gibler

Head of Security Research, Semgrep
Clint Gibler (@clintgibler) is the Head of Security Research for Semgrep, a startup building modern AppSec tools that security teams and developers love. Previously, Clint was a Research Director at NCC Group, received a PhD in Computer Science from UC Davis, and has spoken at conferences... Read More →
Saturday April 26, 2025 10:15am - 11:00am PDT
AMC IMAX AMC at Metreon
  Keynote

11:15am PDT

Let's Talk About the AI Apocalypse
Saturday April 26, 2025 11:15am - 11:45am PDT
AMC IMAX
What's it look like when someone spends hours fine-tuning llama 3.1 to be the most destructive hacking robot the world has ever seen, with a pure goal of causing damage, with no safeguards? Are we ready for that? Not a pentesting bot with guardrails; a harbinger of chaos, tasked only with spreading.
Speakers
avatar for Dylan Ayrey

Dylan Ayrey

CEO, TruffleHog
Dylan is the original author of the open source version of TruffleHog, which he built after recognizing just how commonly credentials and other secrets were exposed in Git. Coming most recently from the Netflix security team, Dylan has spoken at a number of popular information security... Read More →
Saturday April 26, 2025 11:15am - 11:45am PDT
AMC IMAX AMC at Metreon
  Presentation, General

12:00pm PDT

Navigating the Unknowns: Fraud Mitigation for Netflix Live Events
Saturday April 26, 2025 12:00pm - 12:30pm PDT
AMC IMAX
As Netflix enters live streaming, fraud prevention stakes rise significantly. This talk offers an insider's view of strategies and challenges in tackling fraud during live events, focusing on preparing for the unpredictable and maintaining robust defenses amidst this unpredictability.
Speakers
avatar for Aditi Gupta

Aditi Gupta

Engineering Manager, Netflix
Aditi Gupta is currently leading the Trust Services & Enforcements team within Security Engineering at Netflix, where her team is responsible for mitigating threats such as DDoS, Account Fraud, Games abuse, and Content theft by building and operating scalable systems to automatically... Read More →
avatar for Yue Wang

Yue Wang

Staff Security Analytics Engineer, Netflix
Yue is a Staff Security Analytics Engineer in the Trust and Safety team at Netflix. Yue is deeply passionate about creating and improving anti-fraud and abuse metrics, along with data analytics. She likes leveraging data to craft and narrate compelling anti-fraud stories. Beyond her... Read More →
Saturday April 26, 2025 12:00pm - 12:30pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

1:30pm PDT

Charting the SSH Multiverse
Saturday April 26, 2025 1:30pm - 2:00pm PDT
AMC IMAX
The Secure Shell (SSH) is the most commonly exposed dedicated management protocol, second only to HTTP in terms of internet-wide exposure, and it’s had a rocky year. This presentation explores the multitude of SSH implementations, their specific weaknesses, and real-world exposures.
Speakers
avatar for HD Moore

HD Moore

Founder, runZero
HD Moore is a pioneer of the cybersecurity industry who has dedicated his career to vulnerability research, network discovery, and software development since the 1990s. He is most recognized for creating Metasploit and is a passionate advocate for open-source software and vulnerability... Read More →
Saturday April 26, 2025 1:30pm - 2:00pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

2:15pm PDT

Versus Killnet
Saturday April 26, 2025 2:15pm - 2:45pm PDT
AMC IMAX
The Russian hacktivist group Killnet was a cyber army directed by a few to cause harm. With a checkered history and inconsistent behaviors, deciphering who is behind this group was challenging, but we’ll lift this veil and share a personal story of disrupting and unbalancing Killnet into chaos.
Speakers
avatar for Alex Holden

Alex Holden

Hold Security
Alex Holden is the founder and CISO of Hold Security, LLC. Under his leadership, Hold Security played a pivotal role in information security and threat intelligence, becoming one of the most recognizable names in its field. Holden is credited with the discovery of many high-profile... Read More →
Saturday April 26, 2025 2:15pm - 2:45pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

3:00pm PDT

Tracking the World's Dumbest Cyber Mercenaries
Saturday April 26, 2025 3:00pm - 3:30pm PDT
AMC IMAX
For the last 6 years, we have been tracking the activities of the cyber mercenaries Dark Caracal. In this time, we have observed them make hilarious mistakes, which have allowed us to gain insights into their activities and targets, and see just how effective they actually are despite it all.
Speakers
avatar for Cooper Quintin

Cooper Quintin

Sr. Staff Technologist, Electronic Frontier Foundation
Cooper is a Senior Security Researcher at the EFF Threat Lab. He has worked on projects such as Privacy Badger, Canary Watch, and analysis of state sponsored malware, IMSI catchers, and other digital attacks on activists, journalists, and human rights defenders. He has also performed... Read More →
avatar for Eva Galperin

Eva Galperin

Director of Cybersecurity, Electronic Frontier Foundation
Eva Galperin is the Director of Cybersecurity at the Electronic Frontier Foundation (EFF) and technical advisor for the Freedom of the Press Foundation. She is noted for her extensive work in protecting global privacy and free speech and for her research on malware and nation-state... Read More →
Saturday April 26, 2025 3:00pm - 3:30pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

3:45pm PDT

Trawling for IOCs: Catching C2 in a Sea of Data
Saturday April 26, 2025 3:45pm - 4:15pm PDT
AMC IMAX
In the vast sea of security data, how do we efficiently find malicious activity and turn it into actionable intelligence? This presentation introduces data-driven detection engineering, showcasing a data-first approach to building detection rules and threat feeds.
Speakers
avatar for Moses Schwartz

Moses Schwartz

Google
I'm a security engineer who does a lot of software engineering– or maybe it's the other way around? My team builds rules for Google Security Operations (SecOps) Curated Detections and threat feeds. My Passions: eliminating toil, unit testing, stopping bad guys.
Saturday April 26, 2025 3:45pm - 4:15pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

4:30pm PDT

BSidesSF Plays Incident Response
Saturday April 26, 2025 4:30pm - 5:00pm PDT
AMC IMAX
INCIDENT DECLARED! As Incident Commander, team up with your product and privacy leads to navigate the response. Will you launch a forensics investigation? Draft a customer notice? You decide in this choose-your-adventure talk.
Speakers
avatar for Maya Kaczorowski

Maya Kaczorowski

CEO, Oblique
Maya is a founder at Oblique. She is driven to make enterprise security tools that people actually want to use and that genuinely improve security.Maya was previously CPO at Tailscale, building zero trust networking that doesn't suck. Prior to that, she led product for software supply... Read More →
avatar for Whitney Merrill

Whitney Merrill

Head of Global Privacy, Cybersecurity Legal, and Regulatory Compliance and the Data Protection Officer
Whitney Merrill is Head of Global Privacy, Cybersecurity Legal, and Regulatory Compliance and the Data Protection Officer at Asana. Previously, she was at a fintech company building their privacy program from scratch. Before that she was Privacy, eCommerce & Consumer Protection Counsel... Read More →
Saturday April 26, 2025 4:30pm - 5:00pm PDT
AMC IMAX AMC at Metreon
  Presentation, General
 
Sunday, April 27
 

10:00am PDT

Opening Remarks
Sunday April 27, 2025 10:00am - 10:15am PDT
AMC IMAX
Welcome to day two of BSidesSF 2025!
Sunday April 27, 2025 10:00am - 10:15am PDT
AMC IMAX AMC at Metreon

10:15am PDT

Fire, Brimstone, and Bad Security Decisions
Sunday April 27, 2025 10:15am - 11:00am PDT
AMC IMAX
An important facet of resilience in cybersecurity has to do with recovery from making wrong decisions, such as a strategic choice in policy, design, architecture, or even procurement. How do you back out of something that seemed like a good idea at the time, but that you now realize is creating problems? And how can we stay curious in the face of being wrong, as well as design security for the future to make redirection easier? This session covers the need to plan for human fallibility – and may itself be wrong …
Speakers
avatar for Wendy Nather

Wendy Nather

Senior Research Initiatives Director, 1Password
Wendy Nather is the Senior Research Initiatives Director at 1Password. She was previously the Director of Advisory CISOs at Duo Security, Research Director at the Retail ISAC, and Research Director of the Information Security Practice at 451 Research. Wendy led IT security for the... Read More →
Sunday April 27, 2025 10:15am - 11:00am PDT
AMC IMAX AMC at Metreon
  Keynote

11:15am PDT

Not Every Groundbreaking Idea Needs to Become a Billion-Dollar Startup
Sunday April 27, 2025 11:15am - 11:45am PDT
AMC IMAX
The cybersecurity industry has 5,000+ startups yet many key problems are overlooked for not being "venture scale." This talk explores alternative paths (bootstrapping, Silicon Valley Small Businesses) and why niche markets and smaller ideas can drive impactful solutions without unicorn pressure.
Speakers
avatar for Ross Haleliuk

Ross Haleliuk

Co-founder, Stealth
Sunday April 27, 2025 11:15am - 11:45am PDT
AMC IMAX AMC at Metreon
  Presentation, General

12:00pm PDT

Preparing for Dragons: Don’t Sharpen Swords. Set Traps, Gather Supplies!
Sunday April 27, 2025 12:00pm - 12:30pm PDT
AMC IMAX
Most people aren’t dragon slayers. There are dragon slayers out there, but they’re not us. EDR isn’t a dragon slayer. Neither is the SOC. That’s okay — when the dragon comes, the goal should be *survival,* not going out in a blaze of glory.
Speakers
avatar for Adrian Sanabria

Adrian Sanabria

Principal Researcher, Defenders Initiative
Adrian is a successful generalist with over two decades of experience hacking, fixing, breaking, building, and teaching in InfoSec. He’s always trying to see the big picture and figure out the best security strategies. Despite all these years in the industry, he is still optimistic... Read More →
Sunday April 27, 2025 12:00pm - 12:30pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

1:30pm PDT

The Power of Persuasion: Better Security Through... Manipulation?
Sunday April 27, 2025 1:30pm - 2:00pm PDT
AMC IMAX
Security’s weakest link comes with ten fingers, ten toes and an uncanny ability to find ways past your thoughtfully implemented controls. Learn well-tested psychology principles that drive positive security outcomes. From social proof to reciprocity, small changes in approach bring outsized results.
Speakers
avatar for Nate Lee
Sunday April 27, 2025 1:30pm - 2:00pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

2:15pm PDT

Radical Results: A Security Org's Version of Radical Candor
Sunday April 27, 2025 2:15pm - 2:45pm PDT
AMC IMAX
Security practitioners are put in tough positions whether you're new to security or an experienced CISO. Based on "Radical Candor", you'll leave this talk with new perspective on the way security teams are perceived by their peers and how to optimize the good and minimize the unavoidable bad.
Speakers
avatar for Evan Johnson

Evan Johnson

CEO, RunReveal
Sunday April 27, 2025 2:15pm - 2:45pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

3:00pm PDT

A Deep Dive into the Triad Nexus Pig Butchering & Money Laundering Network
Sunday April 27, 2025 3:00pm - 3:30pm PDT
AMC IMAX
The presentation will cover research into pig butchering scams connected to FUNNULL CDN-hosted money laundering, retail phishing campaigns targeting luxury brands, and more. Technical analysis steps will be provided and explained in-depth as we cover this threat which we have dubbed “Triad Nexus."
Speakers
ZE
Sunday April 27, 2025 3:00pm - 3:30pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

3:45pm PDT

Scalably Securing Third-party Dependencies in Heterogeneous Environments
Sunday April 27, 2025 3:45pm - 4:15pm PDT
AMC IMAX
Learn how Anthropic automates dependency security at scale across diverse infrastructure and environments while still letting engineers use the tools and dependencies they need. We'll explore Dependant, our tool to enforce our dependency posture at the network level, and how users interact with it.
Speakers
avatar for Ziyad Edher

Ziyad Edher

Software Engineer, Anthropic
avatar for Chris Norman

Chris Norman

Member of Technical Staff, Anthropic
Sunday April 27, 2025 3:45pm - 4:15pm PDT
AMC IMAX AMC at Metreon
  Presentation, General

4:30pm PDT

How to Pull Off a Near Undetectable DDoS Attack (And How to Stop It)
Sunday April 27, 2025 4:30pm - 5:00pm PDT
AMC IMAX
What happens when a bad actor has access to millions of browsers? They can pull off a massive attack.
Speakers
SW
Sunday April 27, 2025 4:30pm - 5:00pm PDT
AMC IMAX AMC at Metreon
  Presentation, General
 
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Saturday, April 26
Sunday, April 27
AMC Concessions
AMC IMAX
AMC Mezzanine
AMC Theatre 01
AMC Theatre 02
AMC Theatre 03
AMC Theatre 06
AMC Theatre 07
AMC Theatre 09
AMC Theatre 11
AMC Theatre 13
AMC Theatre 14
City View at Metreon
City View Lobby
City View Tent
City View Terrace
Coat Check
Participant Hall
Participant Hall / City View Tent
Participant Hall / Twin Peaks
  • Birds of a Feather
  • Community Organization
  • Food & Drink
  • General
  • Keynote
  • Meetup
  • Panel
  • Presentation
  • Village
  • Village/AI
  • Village/Demo
  • Workshop
  • Popular