Tool

BSides talks featuring GitHub

296 talks mention this tool across 76 BSides chapters.

Talks featuring GitHub

Passive-ish Recon Techniques

BSides Leeds · 2018

Technical Web AppSec Intermediary Red Talk

Open →2018-02

The Power of Recon

BSides Ahmedabad

Technical OSINT Vulnerability Research Web AppSec Red Talk

Open →2024-05

Hands-on Writing Malware in Go

Stuart McMurray Carson Seese

BSides DC · 2019

Technical Malware Analysis Reverse Engineering Red Demo Talk

Open →2019-10

Lyft Cartography: Automating Security Visibility and Democratization

BSidesSF · 2019

Open →2019-03

What's Up Argon2? The Password Hashing Winner A Year Later - JP Aumasson

BSides Las Vegas

Open →2016-09

Jak zdobyć flagę?

Mateusz Szymaniec Jarosław Jedynak

BSides Warsaw · 2016

Open →2016-10

Googling Like A Boss: Expanding the Powers of OSINT

BSides SLC · 2016

Open →2016-05

Practical Cyborgism: Getting Started with Machine Learning for Incident Detection

David Bianco Chris McCubbin

BSides DC · 2016

Open →2016-11

Pwning Cloud Contexts: From GitHub Token to Compromising an Entire GCP Organization

BSides Ahmedabad · 2024

Technical Cloud IAM Supply Chain Security Vulnerability Research Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2024-04

A Threat Analysis of 0ktapus SMS Phishing Campaigns

BSides Cheltenham · 2023

Technical War Stories Malware Analysis Social Engineering Threat Intel Talk

Open →2023-06

Overwatch: A serverless approach to orchestrating your security automation

Sanchay Jaipuriyar

BSidesSF · 2023

Technical DevSecOps Talk

Open →2023-05

DYODE: Do Your Own DiodE for Industrial Control Systems - AryKokos, Arnaud Soullie

BSides Las Vegas

Open →2016-08

Logging Made Easy - Shane M and Adam B

Open →2019-07

Aluma Lavi Shaari - Golang Malware: Using the attackers force against them

Aluma Lavi Shaari

BSides TLV · 2021

Open →2021-08

Disinformation As A Service

BSides London · 2022

Open →2022-02

Tokens & Takeovers: Cloud-Powered Supply Chain Attacks

BSides Ahmedabad · 2025

Technical Supply Chain Security Talk

Open →2025-03

Building an Effective Intrusion Detection Program

BSidesSF · 2017

Technical DFIR Detection Engineering Threat Intel Blue Talk

Open →2017-03

The Cyber-Pirate's Guide to C2 Development

BSides Cape Town · 2023

Technical Malware Analysis Tooling Red Talk

Open →2023-12

Gamify security best practices to scalably improve engineering culture

BSidesSF · 2023

Open →2023-05

Pipeline Pandemonium

BSides Las Vegas · 2024

Technical Red Talk

Open →2024-08

BSidesPDX 2025 - Saturday, Track 1

BSides PDX · 2025

Open →2025-10

Bye-Bye False Positives: Using AI to Improve Detection

BSidesSF · 2019

Technical Web AppSec Blue Talk

Open →2019-03

From Zero To SSRF To RCE And Back Again by Tom Cope

BSides Basingstoke · 2022

Technical Web AppSec Talk

Open →2022-07

Attacking & Defending Supply Chains: How we got Admin in your Cloud, Again

BSidesSF · 2024

Technical Cloud IAM Supply Chain Security Talk

Open →2024-07

Learning from AWS Customer Security Breaches

Bsides CT · 2020

Technical Cloud IAM DFIR Intermediary Case Studies and Incidents Analysis Talk

Open →2020-11

Access Control with Concierge: One Tool to Rule Them All

Karthik Rangarajan

BSidesSF · 2017

Technical Active Directory Cloud IAM Talk

Open →2017-03

BSides Glasgow 2018 - Paul Ritchie - Hacking with Git

BSides Scotland

Open →2018-05

CoinMiner Are Evasive - Omri Segev Moyal & Thomas Roccia

Omri Segev Moyal Thomas Roccia

BSides TLV · 2018

Technical Detection Engineering Malware Analysis Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2018-07

A Two-part Saga: Continuing the Journey of Hacking Malware C2s

Vangelis Stykas

BSides Prague · 2024

Technical Malware Analysis Vulnerability Research Web AppSec Red Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2024-04

BSidesPDX 101: Conference Organization, Capture the Flag, Contests & Events

BSides PDX · 2019

Community CTF Panel

Open →2019-11

GitOops! All Paths Lead To Clouds

BSides London · 2022

Open →2022-01

BSides Amman 2021 2nd Edition - Talks Day

Aladdin Almubayed Mazin Ahmed Mohammad Al-Shami

BSides Amman · 2021

Open →2021-07

January Presentation Security Data Analysis for the masses

Open →2017-01

Breaking Into Infosec or, How I hacked my way out of poverty - BSides Portland 2022

Open →2022-10

BSidesSF 2023 - Securing the Pipeline: Protecting Self-Hosted GitHub Runners (Adnan Khan)

BSidesSF · 2023

Technical DevSecOps Supply Chain Security Talk

Open →2023-05

The Art of Compromising C2 Servers

Vangelis Stykas

BSides Berlin · 2023

Technical Malware Analysis Reverse Engineering Web AppSec Advanced Red Talk

Open →2024-01

Team Threat Hunting with AI and Automation

Kenneth Peeples

BSides Charleston · 2024

Technical AI Security Container Security Detection Engineering Threat Intel Talk

Open →2024-11

Exposed Secrets — How Public Git Repositories and Docker Images Expose Millions of Secrets

Mackenzie Jackson

BSidesSF · 2022

Research DFIR Supply Chain Security Threat Intel Case Studies and Incidents Analysis Empirical Research Talk

Open →2022-07

The attacker's guide to exploiting credentials & secrets

Mackenzie Jackson

BSides Tallinn · 2023

Technical Red Demo Talk

Open →2023-10

10 Steps to Build & Lead a Competitive Cybersecurity/CTF Team

Bsides CT · 2018

Career Community CTF Career & Soft Skills Intro Talk

Open →2018-11

Security BSides Delaware 2020 - Day 1

BSides Delaware · 2020

Open →2020-11

How to take over a production system in the cloud - Paul Schwarzenberger

Open →2018-06

Incident Response Triage with Open Source Tools

Markus Einarsson

BSides Tallinn · 2025

Technical Blue Talk

Open →2025-10

Speedrun Cybersecurity with AI – Hack Faster

BSides SLC · 2025

Technical AI Security Vulnerability Research Red Demo Talk

Open →2025-06

The Rise and Rise of Advanced eCrime Threat — Incident Response Edition

BSides Canberra

Open →2024-11

From Soup To Nuts: Building A Detection-as-Code Pipeline - David French

BSides Dublin · 2024

Technical Detection Engineering Intermediary Blue Talk

Open →2024-06

Snow Nor Rain Nor Dependency Confusion: How to Deliver the Right Package

Jessica Smith Justin Engler

BSidesSF · 2024

Technical Supply Chain Security Intermediary Red Case Studies and Incidents Analysis Talk

Open →2024-07

Fuzzing Ruby and C Extensions

BSidesSF · 2018

Open →2018-04

Breaking Build: Red Teaming CI/CD Pipelines and GitHub Actions [BSidesPDX 2024]

BSides PDX · 2024

Technical DevSecOps Red Talk

Open →2024-11

Signing your code the easy way

BSides DC · 2019

Technical DevSecOps Supply Chain Security Talk

Open →2019-11

Digital Transformation of the Illicit Economy and Outsourced Crime Providers

BSides Perth · 2021

Research War Stories Case Studies and Incidents Analysis Talk

Open →2021-09

To Normalized Logs, and Beyond - Building a Threat Detection Platform from Scratch

David Levitsky Brian Maloney

BSidesSF · 2023

Technical DevSecOps Blue Talk

Open →2023-05

Panda Mirror: How the Chinese CCP Manipulates NPM to Hoard Malware

BSides Canberra · 2025

Research Technical Malware Analysis Supply Chain Security Threat Intel Talk

Open →2025-12

LoL-Bins Behaving Badly - Andrew Costis

BSides Liverpool

Open →2019-07

Hacking Mobile Apps with Frida

BSides Charleston · 2018

Open →2018-11

BG - Writing Malware Without Writing Code - Gal Bitensky

BSides Las Vegas

Open →2017-08

Scaling the Security Researcher to Eliminate OSS Vulnerabilities

Jonathan Leitschuh

Bsides CT · 2023

Research Technical Supply Chain Security Tooling Vulnerability Research Case Studies and Incidents Analysis Technical Deep-dives Keynote

Open →2023-10

Automated Dorking for Fun and Pr^wSalary - Filip Reesalu

BSides Las Vegas

Open →2016-08

Automating Event Log Production & Testing for SIEM Detection

BSides Augusta · 2017

Technical Detection Engineering Tooling Blue Talk

Open →2017-09

Hack the system: exploring libpam with uprobes and eBPF

Peter McConnell

BSides Belfast · 2025

Technical Detection Engineering Reverse Engineering Advanced Demo Talk

Open →2025-02

Got popcorn? What's on the Vuln Channel tonight?

Rob Jerdonek Lily Chau

BSidesSF · 2022

Open →2022-07

Breaking Bad Multifactor: MFA Bypasses And How To Assess The Risks

Chester Wisniewski

Technical Blue Case Studies and Incidents Analysis Talk

Open →2024-02

BSides Charleston · 2022

Open →2023-01

Andrew Krug - Hacking Serverless Runtimes

BSides PDX · 2018

Technical Cloud IAM Vulnerability Research Red Talk

Open →2018-04

Your Secrets are Showing! How to Find if Your Developers are Leaking Secrets?

BSidesSF · 2018

Technical Red Talk

Open →2018-04

Eric Goldstrom - Interactive Threat Defense: Incident Response, Threat Intel, and Red Team (oh my!)

Open →2019-11

Making It Rain: Cryptojacking Attacks In The Cloud

BSides Bristol · 2019

Open →2019-07

BSidesSLC 2016 -- Don't be stupid with Github - Even more Github fun -- Metacortex

Open →2016-05

The Adversary Mindset: Practical examples from the field

BSides Budabest · 2024

Open →2024-09

in ur scm, bein a ninja

BSides DC · 2014

Technical Supply Chain Security Talk

Open →2014-10

Open Source GitOps for Detection Engineering

BSides Las Vegas · 2023

Technical Detection Engineering DevSecOps Blue Demo Talk

Open →2023-10

Cyber Cat & Mouse: Law Enforcement vs The Dark Web

BSides Newcastle · 2025

Technical War Stories Case Studies and Incidents Analysis Talk

Open →2025-12

Tim Tomes - Recon-ng and Beyond

BSides Augusta · 2015

Technical OSINT Web AppSec Red Talk

Open →2015-09

Doctor Docker: Building Your Infrastructure's Immune System

Mike McCabe Patrick Cooley

BSides DC · 2014

Technical Container Security DevSecOps Supply Chain Security Demo Talk

Open →2014-10

Attacking Pipelines: Large Scale Exploitation of Workflow Files - David, Rohan & Andrei

BSides Cape Town

Open →2025-04

SplunkGPT: Fine-tuning GPT-3 for Detection Engineering

Jake Coyne Andrew Gomez

BSides Augusta · 2023

Technical AI Security Detection Engineering Tooling Talk

Open →2023-10

Find and fix Vulnerabilities within open source projects - Callian

BSides Cape Town

Open →2025-03

XZ made EZ by Joey DeVilla

Technical Supply Chain Security Intro Talk

Open →2024-05

Scaling the Security Researcher to Eliminate OSS Vulnerabilities Once and For All

Jonathan Leitschuh Patrick Way

BSides Las Vegas · 2022

Research Technical Supply Chain Security Vulnerability Research Case Studies and Incidents Analysis Methodology Talk

Open →2022-09

You Might Still Need Patches for Denim

Maya Kaczorowski Dan Lorenc

BSidesSF · 2019

Technical DevSecOps Supply Chain Security Talk

Open →2019-03

BSides TLV · 2021

Technical Red Talk

Open →2021-08

Code C.A.I.N – Keeping Your Source Code Under Control

BSides TLV · 2022

Technical Detection Engineering OSINT Supply Chain Security Talk

Open →2022-07

Detection-as-Code: Scaling SOC Operations

Aaron Wilkinson

Technical Blue Talk

Open →2025-02

OWASP Security Knowledge Framework: Making the Web Secure by Design

BSides Manchester · 2015

Open →2015-10

BSidesSF 2024 - Temporary Access to the Cloud: A Case Study (Tomas Rabczak)

BSidesSF · 2024

Technical Cloud IAM Case Studies and Incidents Analysis Talk

Open →2024-07

From Packets to Intel: Building your own Network Threat Feed

BSides Joburg · 2025

Technical Cloud IAM Network Security Threat Intel Blue Talk

Open →2025-08

Repo Jacking: How GitHub Exposes Over 70,000 Projects to Remote Code Injection

BSides Las Vegas · 2021

Research Technical Supply Chain Security Vulnerability Research Case Studies and Incidents Analysis Empirical Research Talk

Open →2021-08

10 Steps to Build & Lead a Cybersecurity/CTF Team

BSides Delaware · 2018

Career Community CTF Career & Soft Skills Talk

Open →2018-11

Digital Intel Gathering: OSINT for Blue/Red Teams

Ethan Dodge Brian Warehime

BSidesSF · 2016

Technical OSINT Social Engineering Blue Red Demo Talk

Open →2016-04

Cloud-Squatting: The Never-Ending Misery Of Deleted And Forgotten Cloud Assets

Abdullah Al-Sultani

Technical Cloud IAM Talk

Open →2024-03

Grapl — A Graph Platform for Detection and Response

BSides Las Vegas · 2019

Technical DFIR Detection Engineering Threat Intel Blue Talk

Open →2019-10

Incident Response in Cases of Supply Chain Incidents

BSides Lisbon · 2023

Technical Supply Chain Security Blue Case Studies and Incidents Analysis Talk

Open →2024-02

Ofir Shaty & Sarit Yerushalmi - CrimeOps of the KashmirBlack Botnet

Ofir Shaty Sarit Yerushalmi

BSides TLV · 2021

Technical Malware Analysis Threat Intel Advanced Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2021-08

Fighting the Impossible: Supply Chain Attacks

Research Technical Malware Analysis Supply Chain Security Vulnerability Research Talk

Open →2025-03

Closing the Visibility Gap: Threat Hunting with Hawk in the Microsoft Cloud

Jonathan Butler Lorenzo Paul Navarro

BSides Charm · 2025

Technical Tooling Cloud IAM DFIR Detection Engineering Blue Demo Talk

Open →2025-05

Pwned Cloud Society

BSides SLC · 2017

Technical Cloud IAM Red Talk

Open →2017-06

Cloudy With A Chance Of Security

Open →2024-02

BSidesSF 2024 - Please Don't Discard - Security Data (Rishabh Gupta, Hrushikesh Paralikar)

Rishabh Gupta Hrushikesh Paralikar

BSidesSF · 2024

Open →2024-07

bscrypt — A Cache-Hard Password Hash

BSides Las Vegas · 2022

Technical Cryptography Advanced Talk

Open →2022-09

GCP BigQuery as Security Detection Platform

Diana Kramer Norberto García Marín

BSides Las Vegas · 2021

Technical Cloud IAM Detection Engineering Talk

Open →2021-08

Playing Peekaboo With Runtime In CI/CD Pipelines

BSides London · 2025

Technical DevSecOps Supply Chain Security Intermediary Talk

Open →2026-03

Shattering Trust: Live Deepfakes and the Fall of Legacy Verification

BSides Charleston · 2024

Technical AI Security Deepfakes and Synthetic Media Threat Intel Intermediary Red Case Studies and Incidents Analysis Talk

Open →2024-11

What's Inside The Open Directory From 96 Different Threat Actors?

BSides London · 2025

Research Case Studies and Incidents Analysis Empirical Research Talk

Open →2025-02

Getting Better with Data - Steph Locke

BSides London · 2016

Open →2016-07

BSides Rochester 2016: Jared Stroud & Bryan Harmat: RedOps: Scaling & Automating Your Pwnage

Open →2016-05

Stealing Browser Cookies: Bypassing Chrome's Latest Security Measures

BSides Las Vegas · 2025

Technical Cryptography Reverse Engineering Web AppSec Advanced Red Demo Talk

Open →2025-12

GenAI attacks – 2025 Year In Review

Tillson Galloway

BSides Charleston · 2025

Research Technical AI Security GenAI Security Malware Analysis Social Engineering Threat Intel Intermediary+3

Open →2025-11

Uncloaking Cloak Ransomware

Research Case Studies and Incidents Analysis Talk

Open →2025-07

YAYA (Yet Another YARA Allocution)

John Laycock Monty St John

BSides DC · 2016

Technical Intro Talk

Open →2016-11

Securing the open-source supply chain

Morten Linderud

BSides Oslo · 2021

Technical Cryptography Supply Chain Security Intermediary Talk

Open →2022-02

Creating a Secure Web Server from 2 Vulnerable Web Servers

Parker Garrison

BSides Charleston · 2024

Technical Web AppSec Demo

Open →2024-11

G1234! - Guardians of GitHub - Joshua Danielson & Dileep Gurazada

BSides Las Vegas

Open →2018-09

Broken links — Behind the scenes of Supply Chain breaches

François Proulx

BSides NYC · 2023

Technical Supply Chain Security Case Studies and Incidents Analysis Methodology Talk

Open →2023-06

Threat Modelling as Code: Building Security into Your Git Workflow

Christian Frichot

BSides Perth · 2025

Open →2025-10

State of API Security 2024: Insights from Analyzing 1 Million Domains

Tristan Kalos Antoine Carossio

BSides Seattle · 2024

Research Empirical Research Talk

Open →2024-10

How Segment Proactively Protects Customer's API Keys

BSidesSF · 2023

Open →2023-05

2024 Security BSides // Steve Salinas

BSides Cayman Islands · 2024

Open →2025-01

Evil Neighbour Attacks On SaaS Platforms Cloudflare, Bitbucket, Etc by Yash Kadakia

BSides London · 2023

Open →2023-05

BSides Berlin 2023: Mackenzie Jackson - The attackers guide to exploiting secrets in the wild

Open →2024-01

Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations

Cat Self Kate Esprit

BSides Las Vegas · 2023

Research Technical Malware Analysis Reverse Engineering Threat Intel Red Case Studies and Incidents Analysis Technical Deep-dives+2

Open →2023-10

One-Click Code Fix: Securing Code Using AI

Chandrani Mukherjee Joseph Seasly

BSidesSF · 2024

Technical DevSecOps Demo Talk

Open →2024-07

Sealing the Leaks: Incident Response Stories about Breaches Caused by Leaked Code

Shaked Klein Orbach Arik Nachmias

BSides TLV · 2023

War Stories Talk

Open →2023-07

Behind the Scenes of a Tailor-Made Massive Phishing Campaign

Sarit Yerushalmi Yohann Sillam

BSides TLV · 2024

Technical Malware Analysis OSINT Reverse Engineering Social Engineering Blue Case Studies and Incidents Analysis Talk

Open →2024-08

Serverless Security Testing: Challenges and Solutions

Tal Melamed Meir Benayoun

BSides TLV · 2022

Technical Cloud IAM DevSecOps Vulnerability Research Technical Deep-dives Talk

Open →2022-07

Tales from the DevSecOps world: SIEM completely as Code

George Tsigourakos Kyriaki Solomidou John Torakis

BSides Athens · 2022

Technical DevSecOps Talk

Open →2022-06

01 - How We Hacked YC Spring 2025 Batch’s AI Agents

Open →2025-10

Brandon Helms - Make the Dev Do Your Dirty Work

Open →2019-10

Entering the Cybersecurity Field as a 17 Year Old

BSides Charm · 2023

Career CTF Career & Soft Skills Intro Talk

Open →2023-05

Service Mesh Security: Shifting Focus to the Application Layer

BSidesSF · 2025

Open →2025-06

The Evolution of Auth – From Passwords to AI Agents

Maya Kaczorowski

BSides SLC · 2025

Technical AI Security Cloud IAM Cryptography Talk

Open →2025-06

Oops!!... Did I Reveal Something? Detecting Leaked Secrets in Azure Deployment Templates

BSides Cape Town · 2023

Technical Cloud IAM DevSecOps Blue Red Talk

Open →2023-12

Everyday AI: Leveraging LLMs for Simple, Effective Security Automation

Matthew Sullivan Dominic Zanardi

BSidesSF · 2025

Technical AI Security Cloud IAM Detection Engineering Talk

Open →2025-10

The Fellowship of the Ring0: Driver Risk Scoring for Vulnerability Detection

BSides Charm · 2024

Research Technical Detection Engineering Malware Analysis Vulnerability Research Empirical Research Technical Deep-dives Talk

Open →2024-06

G1234! - The Chrome Crusader - Lily Chalupowski

BSides Las Vegas

Open →2018-09

Between You and Me and the Network Security Boundary

Patrick Fussell

BSides DC · 2017

Technical Red Talk

Open →2017-10

Our Journey of Building a Security Program at a Small Startup - DeFronzo and Erxleben

Open →2017-05

Making Sense of Unstructured Threat Data

Zainab Danish Nicolas Kseib

BSidesSF · 2019

Open →2019-03

Managing Misfits: Lessons Learned from a Decade of Leading Penetration Testing Teams

Chrissy Safi Nick Britton

BSides Dallas/Fort Worth · 2020

Career Career & Soft Skills Red Talk

Open →2020-11

CrimeOps of the KashmirBlack Botnet: Sarit Yerushalmi and Ofir Shaty

Sarit Yerushalmi Ofir Shaty

BSides Munich · 2021

Technical Advanced Case Studies and Incidents Analysis Talk

Open →2021-06

Github Actions Security Landscape by Alex Ilgayev

BSides Dublin · 2023

Technical DevSecOps Talk

Open →2023-07

Who Goes There? Actively Detecting Intruders With Cyber Deception Tools

Dwayne Mcdaniel

BSides Boulder · 2024

Open →2024-09

Build Yourself an Elastic Threat Hunting and Monitoring SIEM

BSides Huntsville · 2021

Open →2021-02

Technical Tactics: Embedded Linux Software BOM

BSides Las Vegas · 2017

Technical IoT Supply Chain Security Vulnerability Research Talk

Open →2017-09

Whose Pipeline Is It Anyway?: Attacks and Defenses in the World of CI/CD

Matt Bosack Zach Satterly

BSides Philly · 2023

Technical DevSecOps Supply Chain Security Blue Red Talk

Open →2024-01

The Hackers Guide To Software Supply Chain Attacks

Mackenzie Jackson

BSides Cheltenham

Technical Supply Chain Security Talk

Open →2024-07

Infrastructure as Code: Managing Environments with Terraform and Ansible

BSides Leeds · 2023

Technical Cloud IAM DevSecOps Talk

Open →2023-07

Actions Have Consequences: The Overlooked Security Risks in 3rd Party GitHub Actions

BSides Las Vegas · 2023

Technical DevSecOps Supply Chain Security Talk

Open →2023-10

Malicious Intent in the Open Source Supply Chain - Ryan Voloch

Open →2021-10

Vulnswatch: Managing Known Vulnerabilities In A Product

Zaur Molotnikov

BSides Munich · 2018

Open →2018-04

Lessons learned in automating the incident Life Cycle

Alexander Sinno Walter Stinkens

BSides Athens · 2022

Technical Demo Talk

Open →2022-06

The Antisocial Engineer's Guide to Community Building: Deploying a neighborhood Honeypot

BSides Seattle · 2026

Community Intro Talk

Open →2026-04

Pay $2 Shipping to Receive Your Free iPhone! — Subdomain Takeover, Malicious JavaScript, and the Art of Deobfuscation

Technical Malware Analysis OSINT Reverse Engineering Web AppSec Talk

Open →2023-08

Making Big Datasets Searchable by Calum Boal

Technical OSINT Threat Intel Demo Talk

Open →2022-01

Threats Lurking Beneath the Subsurface: Understanding and Analyzing Threats to Windows Subsystem for Linux

BSides Charm · 2022

Technical Malware Analysis Reverse Engineering Talk

Open →2022-07

Whodunnit - git repository mysteries

Natalie Somersall

BSides Boulder · 2024

Technical DFIR Supply Chain Security Technical Deep-dives Talk

Open →2024-09

Secrets Management and the Software Supply Chain: A Maturity Model for Secure Development

BSides Sydney · 2023

Technical DevSecOps Supply Chain Security Threat Intel Intermediary Blue Case Studies and Incidents Analysis Methodology+1

Open →2023-08

Domain Takeovers For Fun And Profit

Daniel Oates-Lee

BSides Lancashire · 2023

Technical DNS Security DevSecOps Web AppSec Intermediary Red Demo Talk

Open →2023-04

BSides Bucharest Spring Meetup March 2023

BSides Bucharest · 2023

AI Security Malware Analysis Threat Intel Talk

Open →2023-03

Not my server C2: Using trusted sources for C2

BSides SATX · 2020

Technical Red Talk

Open →2020-08

BSidesSF 2018 - The SecDevOpronomicon (Clint Gibler)

BSidesSF · 2018

Technical DevSecOps Talk

Open →2018-04

From Prompts to Agents: Building Agentic CVE Analysis Systems

Andrey Lukashenkov

BSides Lisbon · 2025

Technical AI Security Threat Intel Vulnerability Research Demo Talk

Open →2025-12

Duck Safari: Hunting CVEs in the Shadows with ShinyLive and DuckDB-WASM

Open →2025-09

The Secure Software Supply Chain Function S3C

Alexandar Andonov

BSides Sofia · 2023

Technical DevSecOps Supply Chain Security Talk

Open →2023-03

Unmasking Data Leaks: A Guide to Finding, Fixing, and Prevention

BSides SATX · 2019

Technical Cloud IAM Demo Talk

Open →2019-09

BSidesSF 2018 - PostgreSQL Threats and Attacks in the Wild (AJ Bahnken • Forrest Fleming)

AJ Bahnken Forrest Fleming

BSidesSF · 2018

Open →2018-04

What the Function: A Deep Dive into Azure Function App Security

BSides PDX · 2024

Technical Cloud IAM Talk

Open →2024-11

BSides Munich Keynote - InfoSec's Dirty Little Secrets: Jennifer Janesko

Open →2021-06

CrimeOps of the KashmirBlack Botnet

Ofir Shaty Sarit Yerushalmi

BSides SATX · 2021

Technical Malware Analysis Threat Intel Blue Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2021-06

Compromising GitHub repositories through the actions dependency tree

BSides TLV · 2024

Technical Supply Chain Security Red Demo Talk

Open →2024-08

Broken Arrow 2022: Detangling Digital Domestic Situations

BSides Augusta · 2022

Open →2022-10

A Career In Security

Gabriel Mathenge

BSides Nairobi · 2022

Career Career & Soft Skills Intro Talk

Open →2022-12

BSidesSF 2025 - Using AI to Discover Silently Patched Vulnerabilities in Open... (Mackenzie Jackson)

Mackenzie Jackson

BSidesSF · 2025

Research Supply Chain Security Talk

Open →2025-06

A New XZ Every Day – The Collapse of OSS Supply Chain Security

BSides SLC · 2025

Technical Supply Chain Security Case Studies and Incidents Analysis Talk

Open →2025-06

Where Did I Put My Keys? Preventing Data Leaks at Scale with Automation

BSides Canberra · 2025

Open →2025-12

Sysmon or it Didn't Happen

Gerard Johansen

BSides Charm · 2024

Technical DFIR Detection Engineering Blue Talk

Open →2024-06

Nicholas Roy - OSINT and the Hermit Kingdom

BSides Knoxville

Open →2021-05

First Contact with Container Security

BSides RDU · 2021

Technical Supply Chain Security Talk

Open →2021-10

DevSecOps Culture - Ali Yazdani

BSides Munich · 2023

Open →2023-10

Home Alone isn’t scary, it’s inspiration - Dev Dua, Tyron Kemp, Denver Abrey

BSides Cape Town

Open →2023-09

Dominating the DBIR Data

Anastasia Atanasoff Gabriel Bassett

BSides Las Vegas · 2016

Research Empirical Research Methodology Talk

Open →2016-08

Breaking The Cloud: A Tale Of 3 Breaches

Open →2024-02

BSides Rochester 2017: int0x80: Anti Forensics AF

Open →2018-01

Accidental Honeypot: How I Ended Up Receiving Thousands of Emails Meant for No One

Cory Solovewicz

BSides PDX 2025

War Stories OSINT Privacy Intro Talk

Open →2025-12

SaaSquatch Hunters: Threat Detection In The Wild Of SaaS

Julie Agnes Sparks

BSides Dublin · 2026

Technical Cloud IAM Detection Engineering Threat Intel Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2025-10

Dissecting Carbanak

BSides Delaware · 2019

Technical Malware Analysis Reverse Engineering Technical Deep-dives Talk

Open →2019-11

The Protocol Behind the Curtain: What MCP Really Exposes

Srajan Gupta Vinay Kumar

BSides Las Vegas · 2025

Research Technical AI Security Vulnerability Research Web AppSec Red Talk

Open →2025-12

Most Vulnerable Product: Easy to implement security solutions and strategies for the modern web application stack

Bsides CT · 2019

Technical DevSecOps Web AppSec Talk

Open →2019-11

Nintendon't Look at my GitHub: DMCA Dodging and Other Shenanigans

James Martindale

BSides PDX 2025

Open →2025-12

Terraform Security: Attacking and Defending Infrastructure as Code

BSides Philly · 2023

Technical Cloud IAM DevSecOps Vulnerability Research Technical Deep-dives Talk

Open →2024-01

BSides RDU · 2019

Open →2019-10

CG - All Your Cloud Are Belong To Us - Hunting Compromise in Azure - Nate Warfield

BSides Las Vegas

Open →2018-09

PwnSpoof by Daniel Oates-Lee

Daniel Oates-Lee

BSides Dublin · 2022

Open →2022-05

A Practical Guide to Securing OpenShift

Phillip Kramp Chris Grimm

BSides Charleston · 2019

Open →2019-11

Você sabe de onde veio sua IA?

Larissa Fabião da Fonseca

BSides São Paulo · 2025

Technical AI Security Supply Chain Security Case Studies and Incidents Analysis Technical Deep-dives Talk

Open →2025-06

The Way From App To Brain: Attack Surfaces Of Smart Medical Infrastructure - Denis Makrushin

Denis Makrushin

BSides Munich · 2019

Open →2019-03

DevOps Methods for Patching an Open Source Operating System

BSides Peru · 2021

Open →2021-10

Logging and Detection for SaaS Applications: GitHub and Snowflake

BSides Denver 2024

Technical DFIR Detection Engineering Threat Intel Intermediary Blue Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2024-09

When authn breaks: real world failures

Maya Kaczorowski

BSides Seattle · 2025

Technical Case Studies and Incidents Analysis Talk

Open →2025-08

2024 Security BSides // John Hammond

BSides Cayman Islands · 2024

Open →2025-01

Attacking Modern SaaS Companies

BSidesROC · 2017

Open →2018-01

PW - Zero downtime credential rotation

BSides Las Vegas

Open →2024-09

BSides Knoxville 2018 (Second Track, KEC, afternoon sessions)

BSides Knoxville · 2018

Technical OSINT Intermediary Red Talk

Open →2018-05

Shift Left With DevSecOps: Scanning Every Single Code Change

BSides Charlotte · 2020

Technical DevSecOps Talk

Open →2020-10

BSidesMCR 2019: Do I Need To Change The OSS In My Product? Making Informed Decisions. - Alex Burrage

BSides Manchester

Open →2019-09

The 2025 BSides Knoxville Badge: Tips, Tricks, and Tribulations

BSides Knoxville · 2025

Open →2025-07

Your SOC is doomed to Fail - collapse it and automate

Garry Coldwells

BSides Cayman Islands · 2022

Open →2022-07

Samurai WTF Web Testing Framework Reboot

Jason Gillam Mic Whitehorn-Gillam Alex Rodriguez

BSides Asheville · 2018

Technical Tooling Web AppSec Intermediary Demo Talk

Open →2019-03

A Log4Shell Practice Exploitation Range in the Cloud

Karl Sickendick

BSides SATX · 2022

Technical Vulnerability Research Red Demo

Open →2023-03

From Pipelines To Problems: My Early DevOps Lessons In Security Culture

Prevail Uzodinma

BSides London · 2025

Technical Cloud IAM DevSecOps Intro Talk

Open →2026-03

The Cloud is for Launching Cyber Attacks

Raymond Cazanese

BSides Philly · 2020

Technical Cloud IAM Malware Analysis Threat Intel Case Studies and Incidents Analysis Empirical Research Talk

Open →2020-12

Penetration Testing Methodology & Hardware Testing

BSides Kristiansand · 2026

Technical Hardware Hacking Vulnerability Research Talk

Open →2026-02

The Growing Crisis in CVE Data Quality

BSidesSF · 2025

Research Threat Intel Vulnerability Research Case Studies and Incidents Analysis Policy Analysis Talk

Open →2025-10

Vulnerability Intelligence for All: Say Goodbye to Data Gatekeeping

BSides Las Vegas · 2023

Technical Threat Intel Vulnerability Research Talk

Open →2023-10

Linux Monitoring with Elastic Security

BSides Augusta · 2022

Open →2022-10

Developers, the weakest link in the supply chain?

David Leadbeater

BSides Canberra · 2025

Technical Supply Chain Security Vulnerability Research Technical Deep-dives Talk

Open →2025-12

Don't Panic! A Guide to Proactive Security for Small Businesses

Ryan St. Germain Clarissa Bury

BSides Charm · 2023

Technical GRC Threat Intel Tooling Blue Talk

Open →2023-05

Bodger and Badger: Making an Interactive RPG Badge

BSides Newcastle · 2025

Technical Hardware Hacking Talk

Open →2025-02

Every Breath You Take: A CTI Review of Stalkerware

BSides Porto · 2020

Research Technical Malware Analysis Mobile Security Threat Intel Talk

Open →2020-11

Comparing Malicious Files

BSides Delaware · 2018

Open →2018-11

Raiders of the Lost Artifacts: Racing for Hidden Treasures in Public GitHub Repositories

BSides Las Vegas · 2024

Technical DevSecOps Supply Chain Security Vulnerability Research Advanced Red Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2024-09

The QR Code Conundrum: Navigating Convenience And Cyber Security In The Post-COVID Era

BSides Bristol · 2025

Open →2025-01

Threat Hunting and the Surfacing of Mexican Threat Actor Greedy Sponge

Laura Stratton Jacob Ferris

BSides CDMX · 2025

Research Technical Malware Analysis Threat Intel Threat Modeling Blue Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2025-07

Home Labbing for Fun and Profit

BSides Boulder · 2024

Open →2024-09

Securing your Open Source Project

BSides PDX · 2023

Technical Supply Chain Security Talk

Open →2023-10

Shift Left without Losing Your Mind - Practical DevSecOps for Busy Teams - Callian Berends

Callian Berends

BSides Joburg · 2025

Technical DevSecOps Intro Talk

Open →2025-09

What’s The Big Secret? - Graeme Simpson

BSides Cheltenham

Open →2024-07

Kubernetes Software Supply (Kill) Chains

BSides Buffalo · 2022

Technical Supply Chain Security Demo Talk

Open →2022-06

The Joule Thief: A Look Into The Activity Of 'The Cryptominer Champion' Rocke

BSides Belfast · 2020

Open →2020-01

Open Source Vulnerability Intelligence: A Key To Proactive Defense - Jerry Gamblin

BSides Newcastle

Open →2024-01

From CISA to Starting Up: Shifting Secure by Design at Scale

BSides NYC · 2025

Policy Technical AI Security Supply Chain Security Vulnerability Research Talk

Open →2025-12

RAG Against the Machine: Using Retrieval-Augmented Generation & MCP to Fortify Cybersecurity Defense

BSides Las Vegas · 2025

Technical AI Security Detection Engineering GRC Talk

Open →2025-12

Defending Beyond Defense

Dr. Catherine J. Ullman

BSides 312 · 2025

Career Technical Detection Engineering Malware Analysis Threat Intel Talk

Open →2025-11

Extended threat: how your browser betrays you - John Tuckner

BSides KC · 2025

Technical Threat Intel Web AppSec Talk

Open →2025-06

Essential Logs Pyramid SIEM

BSides PDX · 2023

Technical Detection Engineering Threat Intel Blue Talk

Open →2023-10

The Dark Playground of CI/CD: Attack Delivery by GitHub Actions

Yusuke Kubo Kiyohito Yamamoto

BSides Las Vegas · 2023

Research DevSecOps Supply Chain Security Vulnerability Research Advanced Red Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2023-10

Building the BSides DC Registration System

Technical Tooling Talk

Open →2016-11

What exactly is Supply-chain Levels for Software Artifacts (SLSA)?

Nicole Schwartz

BSides Edmonton · 2023

Technical DevSecOps Supply Chain Security Talk

Open →2023-10

Embarking on Your INFOSEC Journey in Military City USA

Alex Kaden Higgins

BSides SATX · 2024

Career Career & Soft Skills Intro Talk

Open →2024-06

2018 BSides Toronto: Joshua Grunzweig

Open →2018-11

Security and Ops in Startups

BSides SLC · 2017

Technical DevSecOps Talk

Open →2017-06

Sajeeb Lohani - Efficient Defence Turbocharging Security Workflows

BSides Perth · 2025

Open →2025-10

Are the Bad Guys Already in Your Software Supply Chain? (Spoiler Alert: Yes)

Technical Supply Chain Security Talk

Open →2025-06

Paul Ihme - Building a sustainable detector development lifecycle

BSides Cayman Islands

Technical Detection Engineering Threat Intel Blue Talk

Open →2023-05

Prompt Hardener – Automatically Evaluating and Securing LLM System Prompts

Yoshiki Kitamura Junki Yuasa Krity Kharbanda

BSides Las Vegas · 2025

Technical Tooling AI Security Web AppSec Technical Deep-dives Demo Talk

Open →2025-12

Misconfiguration Driven Cloud Attacks

BSides 312 · 2025

Technical Cloud IAM Talk

Open →2025-07

Alexander Andersson - Demystifying Cloud Infrastructure Attacks (BSidesFrankfurt 2024)

BSides Frankfurt

Open →2025-04

The Triad Nexus Pig Butchering & Money Laundering Network: A Deep Dive - Kasey Best and Zach Edwards

Kasey Best Zach Edwards

BSides Dublin · 2025

Open →2025-10

Signed Twice, Broken Never: The Rise of Hybrid PKI

BSides Seattle · 2026

Technical Cryptography Technical Deep-dives Talk

Open →2026-03

Building A Data Driven AppSec Programme With Kiln

BSides Leeds · 2020

Open →2020-07

Gitdigger: Creating Useful Wordlists From Public GitHub Repositories

BSides Las Vegas · 2013

Technical Tooling OSINT Vulnerability Research Talk

Open →2017-01

Data, Agents And OSINT: You Don't Know What You Don't Know - Ryan Reeves & Zara Perumal

Ryan Reeves Zara Perumal

BSides Bristol · 2025

Open →2025-01

Building a sustainable detector development lifecycle

BSides Charleston · 2022

Open →2023-01

SSH Authentication Using User and Machine Identities

Morten Linderud

BSides Oslo · 2025

Open →2026-03

Social Forensication: A Multidisciplinary Approach to Successful SE

BSides KC · 2019

Technical Red Talk

Open →2019-06

Adam Jon Foster evildaemond Hunting in the Safari Zone

Adam Jon Foster

BSides Perth · 2025

Open →2025-10

Trust Unearned? Evaluating Certificate Authority Trustworthiness

David J. Bianco

BSides Augusta · 2023

Research Cryptography Threat Intel Case Studies and Incidents Analysis Empirical Research Talk

Open →2023-10

Self-healing K8s: Lessons Learned in Automation of Incident Response

BSides Charleston · 2025

Research Technical AI Security Container Security Detection Engineering DevSecOps Case Studies and Incidents Analysis Technical Deep-dives+1

Open →2025-11

Sneaky Extensions: The MV3 Escape Artists

Jeswin Mathai Albin Antony

BSides Sydney · 2025

Technical Reverse Engineering Vulnerability Research Web AppSec Talk

Open →2025-02

The Security Hitchhiker's Guide to API Security

Timothy De Block

BSides Augusta · 2023

Technical Web AppSec Talk

Open →2023-10

Signing your code the easy way

BSides DC · 2019

Technical DevSecOps Talk

Open →2019-10

GitReview: All Git Commits are Reviewed

BSidesSF · 2015

Technical DevSecOps Supply Chain Security Talk

Open →2023-12

Subdomain Hijacking: Why DevOps Is Making Us More Vulnerable by Daniel Oates-Lee & Simon Gurney

Daniel Oates-Lee Simon Gurney

BSides Dublin · 2023

Technical DevSecOps Supply Chain Security Talk

Open →2023-07

Tag, You're Leaked: Surviving the tj-actions Supply Chain Attack

Mark Esler Ashish Kurmi

BSides PDX 2025

Technical DevSecOps Supply Chain Security Case Studies and Incidents Analysis Talk

Open →2025-12

Who Makes the Rules?

BSides SLC · 2024

Research Technical AI Security Vulnerability Research Web AppSec Methodology Technical Deep-dives Talk

Open →2024-09

Threats Against Cloud Application Identities And What You Should Do About Them

Yochana Henderson

BSides Cheltenham · 2022

Technical Cloud IAM Talk

Open →2022-07

PG - Can I Code Against an API to Learn a Product? - Adrienne Merrick-Tagore

BSides Las Vegas

Open →2016-12

TikTok Under Attack

BSidesROC · 2023

Technical Malware Analysis Social Engineering Supply Chain Security Case Studies and Incidents Analysis Talk

Open →2024-09

ZERO-RULES Alert Contextualizer & Correlator

BSides Las Vegas · 2024

Technical AI Security Detection Engineering Threat Intel Blue Talk

Open →2024-09

Augmenting osquery Visibility on Windows Through Reverse Engineering

Guillaume Ross Marcos Oviedo

Open →2024-02

Stop Committing Your Secrets: Git Hooks To The Rescue!

Technical Supply Chain Security Talk

Open →2023-03

Container Confidential: Secrets Management For Modern Applications

Open →2025-08

PG - Fun With WebSockets Using Socket Puppet - Mister Glass

BSides Las Vegas

Open →2017-01

PW - Harvesting Passwords from Source Code Repositories - Philippe Paquet

BSides Las Vegas

Open →2016-12

End-to-end Supply Chain Integrity – Stian Kristoffersen

Stian Kristoffersen

BSides Oslo · 2025

Technical Supply Chain Security Talk

Open →2026-03

Stephen Hilt - From Guardian to Threat: The Double Life of Security Tools

BSides Knoxville

Open →2025-07

Stop Committing Your Secrets: Git Hooks To The Rescue!

Dwayne Mcdaniel

BSides SLC · 2022

Technical DevSecOps Supply Chain Security Talk

Open →2023-01

From Prompt to Payload: Breaking GenAI with Real World MCP Exploits

BSides TLV 2026

Technical AI Security Web AppSec Red Talk

Open →2026-03

Is API the Next Top Cyber Threat to Your Organization?

BSides St. John's

Technical Vulnerability Research Web AppSec Talk

Open →2025-05

Mithören: Device for Wireless Peripheral Testing

BSides Cincinnati · 2017

Technical Wireless Security Talk

Open →2017-05

Pentesting ChatOps

Melanie Rieback

BSides Barcelona · 2019

Technical DevSecOps Tooling Red Talk

Open →2022-01

CVE Crisis: The State Of The Vulnerability Disclosure Landscape

BSides Newcastle · 2025

Policy Technical Threat Intel Vulnerability Research Talk

Open →2025-11

PW - Breachego - Christian Heinrich & Daniel Cuthbert

BSides Las Vegas

Open →2016-12

Red Teaming AI Systems for Security Validations

BSides Seattle · 2026

Technical AI Security Threat Modeling Vulnerability Research Red Case Studies and Incidents Analysis Methodology Talk

Open →2026-03

BG - An Introduction of the Kobra, a Client for the Badger Version 2.0, Providing Tactical Situation

BSides Las Vegas

Open →2016-12

Getting On The Same Level: What I Learned Building A Security Table Top Exercise

Dwayne Mcdaniel

BSides SATX · 2025

Open →2025-09

Ransomware: The Playing Field has Changed

BSides St. John's · 2023

Technical Malware Analysis Threat Intel Talk

Open →2025-05

Unseen in the Stack: Mapping Hidden Java Dependencies for Real-World Applications

BSides NYC · 2025

Technical Supply Chain Security Vulnerability Research Talk

Open →2025-11

The Declarative Future

Technical Container Security Detection Engineering Web AppSec Keynote

Open →2021-05

Shift Left with DevSecOps: Scanning Every Code Change

BSides Newcastle · 2020

Technical DevSecOps OWASP Talk

Open →2020-11

United in Defense: Architecting Safe and Trustworthy AI Agents

Rabimba Karanjai

BSides Seattle · 2026

Technical AI Security Supply Chain Security Threat Modeling Talk

Open →2026-03

Breaking In, Giving Back: My Cyber Security Journey - Tom Coogans

BSides Basingstoke · 2025

Career Community Career & Soft Skills DevSecOps Intro Talk

Open →2025-09

The Battle for OSINT – Are you Team GUI or Team Command Line?

Tracy Z. Maleeff Joe Gray

BSides Charm · 2017

Technical OSINT Demo Talk

Open →2021-05

Talking to Devs about NHI Security & Governance

Dwayne Mcdaniel

BSides 312 · 2025

Open →2025-11

DeceptionOps: Automating Deception Tech - Andrew Waite

BSides Newcastle

Open →2023-12

Flex Seal Your CI/CD Pipeline

Ochaun Marshall

BSides Columbus · 2020

Technical Cloud IAM DevSecOps Blue Talk

Open →2020-08

Atomic Red Team: Testing Your Security Posture

BSides Boise · 2020

Technical Detection Engineering Threat Modeling Vulnerability Research Talk

Open →2020-02