Tuesday
August 8th

Wednesday
August 9th

07:30-19:30

Registration - Day One

08:30-08:55

Middle Ground Opens Day 1

10:30-12:30

Talks

14:00-15:55

Talks

16:00-16:55

Happy Hour

17:00-18:55

Talks

18:55-19:00

Middle Ground Closes

19:00-21:00

Daemon Tamer

BSides Organizers Meet-Up

20:00-21:30

Friends Of Bill W Meet-Up

20:00-22:00

QueerCon Pool Mixer

21:00-23:00

Jack Daniel,
Zoz

Pub Quiz

09:00-09:20

Daemon Tamer

Opening Remarks - Day One

09:30-10:15

Josh Corman

And Together We Crossed the River…

10:30-11:15

Chris Merkel

Authentication Proxy Attacks: Detection, Response and Hunting

11:30-11:50

The Dark Playground of CI/CD: Attack Delivery by GitHub Actions

12:00-12:20

Michael Messner

EMBA - From firmware to exploit

14:00-14:25

Google Workspace Forensics – Insights from Real-World Hunts & IR

14:30-14:50

Dor Dali

Unveiling the Hidden: Discovering RDP Vulnerabilities using PDF Files

15:00-15:45

Erin Cornelius

Emulation, PowerPC, and Transition

17:00-17:45

Michael Bargury

All You Need is Guest: Beyond Enumeration

18:00-18:45

Hiding in Plain Sight - The Untold Story of Hidden Vulnerabilities

10:30-10:50

Yotam Perkal

Towards Effective & Scalable Vulnerability Management

11:00-11:20

Ashleigh Lee

How to communicate with non-security specialists to drive action

11:30-12:15

Eliad Kimhy

The History of Malware- From Floppies to Droppers

14:00-14:45

Mister Glass

Strategies for secure development with GraphQL

15:00-15:45

Lea Snyder

Rockstar Role: Security TPM

17:00-17:20

The Evolution of Magecart Attacks

17:30-17:50

Jennifer Traband

Wrangling Cats: How We Coordinate Red Team Testing

18:00-18:45

How to have perfect vulnerability reports and still get hacked

10:30-11:15

VINEETA SANGARAJU

Build hybrid mobile applications like a security pro!

11:30-12:15

Matt Scheurer

Lies, Telephony, and Hacking History

14:00-14:45

Cybelle Oliveira

The Telenovela of Latin America Banking Trojans: A Dramatic story about Cybercrime

15:00-15:20

Hyper-scale Detection and Response

15:30-15:50

Christina Liu

The Importance of Engineering Privacy From the Get Go

17:00-17:45

Vanessa Redman

Negotiating Compromise: How to avoid being labeled a “Chicken Little” while promoting better security decision making

18:00-18:45

Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations

10:30-11:15

Colt Blackmore

F*** Your ML Model

11:30-12:15

Susan Lindberg

Machine Learning for Insider Threats: At the Intersection of Security and Privacy

14:00-14:20

Guillermo Buendia

How to prioritize Red Team Findings? Presenting CRTFSS: Common Red Team Findings Score System Ver. 1.0

14:30-14:55

Reanna Schultz

Social Engineering: Training The Human Firewall

15:00-15:45

Peter Halberg

Building Your Own AI Platform and Tools Using ChatGPT

17:00-17:45

Erick Galinkin

Security Data Science Teams: A Guide to Prestige Classes

Don't forget to take advantage of our Career Coaches & Resume Reviewers

10:30-11:15

Wes Sheppard

Failing Upwards: How to Rise in Cybersecurity by finding (and exploiting) your weaknesses

11:30-12:15

So Who’s Line Is It Anyway? Recruiter Panel

13:00-13:45

Phillip Wylie

Penetration Testing Experience and How to Get It

14:00-14:50

You CAN get there from here!

15:00-18:00

Resume Review & Career Coaching (Day 1)

10:30-11:15

Introduction to the Track, Reflections on a Decade of IATC

11:30-12:15

Energy Poverty and Potential Impacts to Other Critical Infrastructures & Powerful Paths to Progress

14:00-14:45

Hungry, Hungry Hackers: A Hacker’s Eye-view of the Food Supply

15:00-16:00

Farm to Fork(ed): The Forces Fueling Food Chain Risk

17:00-18:00

Dean Ford

Water, Water Everywhere: The Krakens, Kelpies, and Mermaids in today’s Water Sector

18:00-19:00

Public Service Journeys (To and From Hacking Culture)

11:30-12:15

Aldo Salas

Could Passwordless be Worse than Passwords?

14:00-14:45

Mackenzie Jackson

Are your secrets safe - How mobile applications are leaking millions of credentials

15:00-15:45

Dwayne McDaniel

Do you know where your secrets are? Exploring the problem of secret sprawl and secret management maturity

17:00-17:45

Matt Weir

Password911: Authentication Adventures in Healthcare

18:00-18:45

Yiannis

Follow the white rabbit down the rabbit hole

11:00-11:25

Yuval Zacharia

Enemy at the Gate, and Beyond: Detecting and Stopping Account Takeover

11:30-11:55

Nicholas Carroll

OH-SINT: Merging OSINT Into RE Workflows to Simplify Analysis

12:00-12:25

Tetsuya Takaoka

Breaking In: Unleashing the Power of Physical Offensive Security

10:30-18:30

Linux Privilege Escalation

10:30-14:30

Jumping from cloud to on-premises and the other way around

10:30-14:30

Jeevan Singh

Threat Modeling 101 - Burn risks, not hope

10:30-18:30

Bruno Guerreiro

Cyber Threat Hunting (CTH) -- Day 1

10:30-14:30

Michelle Levesley

How to build a security awareness strategy that works!

15:00-19:00

Pablo Musa

Comprehensive Guide to Runtime Security

15:00-19:00

Adding SAST to CI/CD, Without Losing Any Friends

15:00-19:00

Got Hashes. Need Plains | Hands-on Password Cracking

14:00-14:45

Danny Adamitis

ZuoRat: Home (not) Alone

15:00-15:45

Jonathan Fischer

High Stakes HIDe-N-SEEK

16:00-16:45

Asaf Greenholts

The GitHub Actions Worm: Compromising GitHub repositories through the Actions dependency tree

17:00-17:45

Rotem Salinas

Breaking Windows with your ARM