Editor's Picks

Best Talks at BSidesSF 2024

Hand-picked from in-depth reviewer verdicts — the top 12 talks from this conference. Skip the noise, find the signal.

← All talks at BSidesSF 2024

  1. 1

    Hook, Line, and Tinker: A Dive into Phishing Campaign Sites

    Rick Ramgattie

    In his BSidesSF 2024 talk, "Hook, Line, and Tinker: A Dive into Phishing Campaign Sites," Rick Ramgattie, an ABC Engineer at Gemini Trust Company, presented a compelling and practical exploration into the world of active phishing campaigns. The presentation detailed three…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  2. 2

    Reinventing ETL for Detection and Response Teams

    Josh Liburdi

    In his BSidesSF 2024 talk, "Reinventing ETL for Detection and Response Teams," Josh Liburdi tackles a topic he admits is often considered "boring" but is, in his view, critically important: **Extract, Transform, Load (ETL)** processes in cybersecurity. Liburdi argues that the…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  3. 3

    Please Don't Discard - Security Data

    Rishabh Gupta, Hrushikesh Paralikar

    This article delves into a novel approach for tackling security review challenges by systematically persisting, storing, and structuring security data. Presented by Rishabh Gupta, a Senior Security Engineer, and Hrushikesh Paralikar, a Senior Software Engineer, both from…

    0 Dr. Zero MUST SEE ★★★★★ H Heather Calloway MUST SEE ★★★★★
  4. 4

    Navigating the AI Frontier: Investing in AI in the Evolving Cyber...

    Chenxi Wang

    Dr. Chenxi Wang, a distinguished computer scientist, former academic, and now a prominent investor, delivered a keynote address at BSidesSF 2024, focusing on the transformative impact of Artificial Intelligence (AI) on the cybersecurity landscape. Her talk, "Navigating the AI…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★
  5. 5

    Protecting data vs systems: practicality, performance, and problems...

    Dan Draper

    This talk, presented by Dan Draper, Founder and CEO at CyStash, delves into the critical distinction between protecting systems and protecting data directly. Draper argues that traditional security approaches, which focus on applying controls to systems like databases, are…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★
  6. 6

    Security Considerations for Services Using AI Models

    Shrey Bagga

    This talk, presented by Shrey Bagga at BSidesSF 2024, delves into the critical security considerations for services leveraging Artificial Intelligence (AI) models. As AI and Large Language Models (LLMs) become increasingly ubiquitous in both personal and organizational…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★
  7. 7

    Advanced Persistent Teenagers: Understanding the Lapsus$ Playbook

    Benjamin Hering

    This talk, "Advanced Persistent Teenagers: Understanding the Lapsus$ Playbook," delivered by Benjamin Hering, delves into the tactics, techniques, and procedures (TTPs) employed by the notorious Lapsus$ hacking group. Hering, who works for Saildrone, a company specializing in…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★
  8. 8

    Six Years in Review: Transforming Company Culture to Embrace Risk

    Ariel Shin

    This talk, "Six Years in Review: Transforming Company Culture to Embrace Risk," delivered by Ariel Shin, Product Security Engineering Manager at Twilio, details a transformative journey in vulnerability management. Shin takes the audience through a six-year evolution of a…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★
  9. 9

    Titans of Scale: Strategies to Scale Security in Expanding Organizations

    This panel discussion, "Titans of Scale: Strategies to Scale Security in Expanding Organizations," brought together security leaders from prominent technology companies—Netflix, Chime, Rippling, and Snowflake—to share their real-world experiences, solutions, and hard-learned…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★
  10. 10

    Attacking & Defending Supply Chains. How we got Admin in your Cloud,...

    Mike Ruth

    This talk, presented by Mike Ruth, a Security Engineer at Rippling, delves into the critical and often overlooked security vulnerabilities within modern software supply chains, specifically focusing on **Continuous Integration/Continuous Deployment (CI/CD)** pipelines. Titled…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★
  11. 11

    Temporary Access to the Cloud: A Case Study

    Tomas Rabczak

    This talk, presented by Tomas Rabczak, a Staff Software Engineer at Chime, delves into the critical security challenge of managing employee access to cloud resources and the development of an internal solution called "Access Service." The presentation outlines a comprehensive…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★
  12. 12

    Decoding Fraud: The Evolution and Impact of Netflix's...

    Aditi Gupta, Yue Wang

    This article delves into the critical work undertaken by Netflix's Trust and Safety team to develop a robust, multi-layered fraud metrics framework. Presented by Aditi Gupta and Yue Wang at BSidesSF 2024, the talk, "Decoding Fraud: The Evolution and Impact of Netflix's Fraud…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway MUST SEE ★★★★★

View all talks at BSidesSF 2024 →