BSidesSF 2025

Uncover the hidden risks of AI! Join this BoF session to explore frameworks for identifying system failures, understand new safety harm categories with Gen AI, possible mitigations and practical ways to govern, build and respond to AI Safety threats. Don't let what you don't know hurt you!

See registration to determine current session availability. Event filled in Sched to limit confusion.
YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2025 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched)
-----
This two hour workshop on Shifting Left guides BSides SF participants through integrating security tooling into a GitHub Actions based DevSecOps CI/CD pipeline.

BSides SF attendees will learn about setting up basic CI/CD processes that incorporate security using both open source and commercial tool

See registration to determine current session availability. Event filled in Sched to limit confusion.
YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2025 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched)
-----
Frustrated with your current security toolset and ready to build a better solution? You can—but it's harder than it looks! Join us to learn how to scope and design cybersecurity MVPs that attract customers, solve security problems, and draw VC interest.

During the session, we'll explore how AI systems can pose risks to organizational security and user safety. Attendees will gain insights on AI's role in modern security and actionable strategies to safeguard organizations. Join us to learn about AI threats and ways to secure digital ecosystems.

See registration to determine current session availability. Event filled in Sched to limit confusion.
YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2025 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched)
-----
In this hands-on workshop we will show attendees how to onboard Okta logs into a SIEM and write detections as well as test them using open source adversary emulation tools. A basic understanding of YAML and writing detections is helpful but not required.

See registration to determine current session availability. Event filled in Sched to limit confusion.
YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2025 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched)
-----
As adversary tactics evolve, detection must keep pace. This workshop shows how GenAI generates high-fidelity detection rules, automates TTP analysis, and translates threat intel into platform-agnostic detections. Learn to optimize rules, analyze threat data, and identify threats with precision.