Every security expert faces three dragons: the voice that whispers 'not expert enough,' the shadow that hides achievements, and the fear of claiming recognition. Ready to step out of the shadows and into your power as a security leader? The dragons await—will you answer the call?
See registration to determine current session availability. Event filled in Sched to limit confusion. YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2025 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched) ----- Capture the Flag events are exciting and competitive. But, they can be scary to developers and security practitioners who have never participated in them.
In this session, I introduce CTFs, discuss their benefits to developers, and examine an easy and medium-difficulty CTF challenge in depth.
See registration to determine current session availability. Event filled in Sched to limit confusion. YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2025 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched) ----- Threat modeling is vital for secure systems but often seems daunting. In Practical Threat Modeling, you'll explore core concepts, frameworks, and tools, adopt an attacker's mindset, and tackle real-world scenarios. Learn to integrate threat modeling into Agile workflows and apply skills to enhance
See registration to determine current session availability. Event filled in Sched to limit confusion. YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2025 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched) ----- Join us in this workshop to engage in hands-on attacks to identify weaknesses in AI-driven chatbots. If you’re interested in learning about getting started in red teaming generative AI systems, this is the workshop for you.
See registration to determine current session availability. Event filled in Sched to limit confusion. YOU ARE REQUIRED TO REGISTER AT https://bsidessf.regfox.com/2025 TO ATTEND THIS WORKSHOP (i.e. this session cannot be reserved with Sched) ----- This hands-on workshop equips participants to emulate real-world threat actors in a controlled lab with enterprise-grade defenses (AV, EDR, web proxies). Topics include threat intelligence, adversary emulation planning, threat hunting, custom simulations, and assessing security controls.
