BSidesSF 2025: Full Schedule

11:15am PDT

The Hidden Access Paths to Smaugs Cavern

Saturday April 26, 2025 11:15am - 11:45am PDT

In this talk I'll explore hidden access patterns to the "crown jewels", including most-common access patterns, hidden paths, and popular backdoors left by engineers to get their jobs done. We will discuss practical tips to understand access behavior and remediating hidden access paths.

Speakers

Ben Arent

Director of Product, Teleport

Saturday April 26, 2025 11:15am - 11:45am PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

12:00pm PDT

One SOC, The Whole SOC, and Nothing But The SOC, So Help Me

Saturday April 26, 2025 12:00pm - 12:30pm PDT

AMC Theatre 07

I’ve been working in security ops for 20 years. Most SOCs struggle because of one big mistake: don’t let this happen to you. I will step you through how to organize a SOC: what should go in it, what should probably stay out, and what your SOC will look like if you get it right.

Speakers

Carson Zimmerman

SOC Nerd, Microsoft

Carson Zimmerman has been working in and around security operations centers (SOCs) for over 20 years. Carson is a Principal Security Operations Engineer at Microsoft, he leads the Solutions Architecture team in Microsoft's SOC, Cyber Defense Operations. He co-authored 11 Strategies... Read More →

Saturday April 26, 2025 12:00pm - 12:30pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

1:30pm PDT

Centralizing Egress Access Controls Across a Hybrid Environment at Block

Saturday April 26, 2025 1:30pm - 2:00pm PDT

AMC Theatre 07

Hybrid environments complicate network egress. Learn how Block is centralizing network egress policies to ensure consistent deployment of rules across diverse enforcement endpoints—regardless of type or location—enabling secure, scalable, and streamlined outbound traffic management.

Speakers

Ramesh Ramani

Security Engineer, Block Inc.

Network Security, Kubernetes, Cloud Security, AI, RPG video games!

Saturday April 26, 2025 1:30pm - 2:00pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

2:15pm PDT

Saturday April 26, 2025 2:15pm - 2:45pm PDT

AMC Theatre 07

Imagine a cybercriminal accessing your network with credentials bought on the dark web — they walk in unnoticed. Attackers aren't breaking in — they're logging in. With 80% of attacks involving stolen credentials, discover how Automated Credential Threat Monitoring (ACT) keeps you ahead of threats.

Speakers

Barath Subramaniam

Sr Product Security AI & Data Engineer, Adobe

Saturday April 26, 2025 2:15pm - 2:45pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

3:00pm PDT

From LOL to LOC: LOLBins Are No Laughing Matter

Saturday April 26, 2025 3:00pm - 3:30pm PDT

AMC Theatre 07

LOL - a lot less funny than it sounds - (living off the land) attacks have been around for several years, now it is time for LOC (living off the cloud) attacks. With cloud services becoming a core part of engineering today, it is no wonder attackers see this as a high-value attack vector.

Speakers

Matan Mittelman

Team Leader for Threat Prevention Team, Cato

Matan Mittelman is the team leader for Cato's Threat Prevention team. He's responsible for analyzing, researching and developing protections against emerging threats and CVEs. Matan brings more than seven years of experience leading cyber security teams.

Saturday April 26, 2025 3:00pm - 3:30pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

3:45pm PDT

Something’s Phishy: See the Hook Before the Bait

Saturday April 26, 2025 3:45pm - 4:15pm PDT

AMC Theatre 07

If you see a phishing email or domain that’s a public IoC, it’s already too late. Our research team’s approach to threat detection finds more DNS artifacts and adversary infrastructure as they are created and maps intent before it can be weaponized. This session will show how you can do the same.

Speakers

Malachi Walker

Security Advisor, DomainTools

Malachi Walker, DomainTools Security Advisor, has experience in information security, from DNS to crime and conflict in cyberspace to cybersecurity governance and cybersecurity program and design. At DomainTools, he applies this background to help organizations understand the threat... Read More →

Saturday April 26, 2025 3:45pm - 4:15pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

4:30pm PDT

Blank Space: Filling the Gaps in Atomic and Behavioral Cloud-Specific IoCs

Saturday April 26, 2025 4:30pm - 5:00pm PDT

AMC Theatre 07

As cloud adoption grows, attackers exploit its unique attack surface. This talk explores atomic IOCs (e.g. IAM metadata, container IDs) and behavioral IOCs (e.g. API activity), featuring real-world examples like threat actor "Bapak" and insights to enhance cloud detection, hunting, and response.

Speakers

Merav Bar

Gili Tikochinski

Malware Researcher, Wiz

Saturday April 26, 2025 4:30pm - 5:00pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

11:15am PDT

The Four Tribes of Security Champions

Sunday April 27, 2025 11:15am - 11:45am PDT

AMC Theatre 07

“The Four Tribes of Security Champions” is a framework to describe successful security champion programs. The tribes include: The Apprentices, The Fan Club, The Learners, and The Sentinels. We’ll explore a benchmarking tool for each tribe to pick which approach is right for you!

Speakers

Marisa Fagan

Head of Product, Katilyst

Marisa Fagan is Head of Product at a “security champions as a service” startup called Katilyst. She works on building security into the SDLC and empowering developers to own secure code. Previously, she has worked as a security culture expert at places like Atlassian, Salesforce... Read More →

Sunday April 27, 2025 11:15am - 11:45am PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

12:00pm PDT

Trust Engineering: Building Security Leadership at Early-Stage Startups

Sunday April 27, 2025 12:00pm - 12:30pm PDT

AMC Theatre 07

Being the first security leader at a startup is a wild ride. This talk explores "Trust Engineering," a hands-on approach to earn trust, navigate chaos, and build a security foundation with limited resources. Learn how to handle executive expectations and support fast-paced growth.

Speakers

Mike Privette

Cybersecurity Economist, Return on Security

Mike Privette is a former CISO turned cybersecurity economist and the creator of Return on Security, a weekly market intelligence newsletter read by thousands of cybersecurity leaders, founders, and investors.He previously led security at Passport Labs, served as a Divisional CISO... Read More →

Sunday April 27, 2025 12:00pm - 12:30pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

1:30pm PDT

Iron-Clad PKI: Crypto Agility for the Quantum Era

Sunday April 27, 2025 1:30pm - 2:00pm PDT

AMC Theatre 07

Quantum computing is breaking RSA/ECC; your PKI is at risk! Learn strategies to align with NIST PQC standards and secure your cryptographic resilience for the post-quantum era.

Speakers

Prasanth Sundararajan

Head of Product Security, Appviewx Inc

Sunday April 27, 2025 1:30pm - 2:00pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

2:15pm PDT

Mapping the SaaS Attack Surface

Sunday April 27, 2025 2:15pm - 2:45pm PDT

AMC Theatre 07

In this presentation, attendees will be introduced to the concept of SaaS attack surface mapping. We will conduct an analysis of current techniques while also unveiling novel approaches that have not been previously disclosed. We will release an open-source tool designed to implement this.

Speakers

Jaime Blasco

Cofounder / CTO, Nudge Security

Jaime Blasco is known for his security research and efforts to enable more collaborative threat-intelligence sharing. He is CTO and co-founder of Nudge Security. Using a patented, network-less approach to SaaS discovery and governance, Nudge Security drives meaningful behavioral change that strengthens SaaS security postures without disrupting the pace of work. Previously, he led the threat intelligence and data science unit at AT&T Alien Labs. Pr... Read More →

Sunday April 27, 2025 2:15pm - 2:45pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

3:00pm PDT

Intro to Privacy-Enhancing Technologies (PETs)

Sunday April 27, 2025 3:00pm - 3:30pm PDT

AMC Theatre 07

Privacy-Enhancing Technologies (PETs) are transforming data handling by ensuring privacy and security throughout the data lifecycle. This talk explores the latest advancements in PETs, focusing on Secure Multiparty Computation (MPC), Homomorphic Encryption (HE), and their real-world applications.

Speakers

Harshal Shah

Sr. Software Engineer, Visa Research

Sunday April 27, 2025 3:00pm - 3:30pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

3:45pm PDT

Is Vulnerability Management Dead? A Security Architect’s Survival Guide

Sunday April 27, 2025 3:45pm - 4:15pm PDT

AMC Theatre 07

This session discusses the necessary shift from traditional vulnerability management and explores a security architect's journey in building a robust cloud risk remediation program. We will outline best practices for risk prioritization & triage, navigating IaC & cloud-native mitigating controls.

Speakers

Snir Ben Shimol

CEO | CSO, ZEST Security

Sunday April 27, 2025 3:45pm - 4:15pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General

4:30pm PDT

Fireproof Your Castle with Risk-First GRC

Sunday April 27, 2025 4:30pm - 5:00pm PDT

AMC Theatre 07

GRC teams can be more than just gridlock, red tape, and checklists. By prioritizing a risk-first approach, leveraging both quantitative and qualitative methodologies, and adopting principles-based compliance, GRC becomes a proactive force that empowers organizations to effectively combat security.

Speakers

Aakash Yadav

Lindsey Pilver

Sunday April 27, 2025 4:30pm - 5:00pm PDT
AMC Theatre 07 AMC at Metreon

Presentation, General