Best Talks at BSides Seattle 2026
Hand-picked from in-depth reviewer verdicts. View all talks at BSides Seattle 2026 →
- 1. Ghosts in the Hypervisor: Dissecting TTPs Behind Ransomware Attacks on Virtualization Infrastructure — Austin Gaton
Austin Gaton, CTO and co-founder of Valley Cyber (a Linux and hypervisor security company), delivers a technically dense talk on how attackers are targeting VMware ESXi hypervisors for both ransomware and espionage campaigns. Backed by…
- 2. Pwning Electric Motorcycles — Mitchell Marasch, Panie
Mitchell and Panie, security researchers sponsored by Veraritoss, present their deep-dive into the firmware security of an electric motorcycle manufacturer they pseudonymously call "Moto Motorcycles" due to ongoing disclosure constraints…
- 3. The Phantom of the Infrastructure: Investigating the Hidden IAM Risks in Bedrock API Keys — Sergio Garcia
Sergio Garcia, a security researcher at BeyondTrust and former founding engineer at Prowler, reveals a significant security design flaw in **Amazon Bedrock API Keys** -- a new credential type AWS launched in July 2025 to simplify AI…
- 4. Attacking AI — Jason Haddix
Jason Haddix, founder of Arcanum and a veteran offensive security researcher, delivers a practitioner's guide to hacking enterprise AI systems. Drawing from three years of real-world AI penetration tests against production systems -- not…
- 5. Identity Crisis: IAM's Wild Ride in the AI Jungle — Sarah
The identity community is building under fire. With the ratio of non-human identities (NHI) to humans reaching 144:1 in H1 2025 (up from 92:1 just a year earlier) and 44% year-over-year growth, traditional identity frameworks are…
- 6. Signed Twice, Broken Never: The Rise of Hybrid PKI — Ganesh Mallaya
Ganesh Mallaya, who works at Appux and contributes to the **CA/Browser Forum** and **IETF** standards bodies on post-quantum cryptography signature standards, delivered a dense technical briefing on why and how organizations should begin…
- 7. No Time to Spy: Uncovering Domains Distributing SpyNote Malware — Dana Schwabby
Dana Schwabby, Head of Investigations and CISO at DomainTools, delivered a detailed walkthrough of how the **SpyNote** Android remote access Trojan (RAT) is distributed through fake Google Play Store pages and how passive DNS analysis can…
- 8. These Are NOT the Vulnerabilities You Are Looking For: Hiding Vulnerabilities in Containers — Kyle Quest
Kyle Quest, creator of the popular open-source tool **DockerSlim** (now called **MinToolkit**), demonstrates how container vulnerability scanners can be trivially deceived by removing or mutating the metadata they depend on -- reducing a…
- 9. Zero Trust in the Matrix: Hardening Kubernetes for the AI Frontier — Apoorv Dayal
As every company races to become an AI company, the infrastructure running large language models is rapidly becoming the most attractive target on the network. In this fast-paced closing talk at BSides Seattle, Apur, a security engineer…
- 10. Evading Detection with Dynamic AI Mimicry — Darren, Mosam
What happens when you take polymorphic AI malware and teach it to blend into the victim's own cloud traffic? Darren and Mosam presented their research on a framework called **LL MALJ** that advances the offensive tradecraft of AI-driven…
- 11. Breaking BOTS: Cheat Blue Team CTFs by Building AI Agents That Investigate — Leo Meyerovich
Leo from Graphistry presented a deeply practical talk on using AI agents to solve blue team CTFs — specifically Splunk's Boss of the SOC (BOTS) — and what that tells us about the future of AI-assisted security investigations. The talk…
- 12. Securing Non-Human Identities in CI/CD Pipelines: The Next Major Attack Vector — Diva Bala Subramanion, Vikas
Diva Bala Subramanion (Diva/Divs), a cybersecurity leader at Southwest Airlines specializing in identity and access management, and her co-presenter Vikas deliver a comprehensive beginner-friendly session on securing non-human identities…