Editor's Picks

Best Talks at BSidesSF 2026

Hand-picked from in-depth reviewer verdicts — the top 12 talks from this conference. Skip the noise, find the signal.

← All talks at BSidesSF 2026

  1. 1

    The Heist: Chasing an Advanced Crypto Attacker Across the Multi-cloud

    Yotam Meitar

    Yotam Meitar, Director of Incident Response at Wiz, delivered a compelling talk at BSides SF, detailing a sophisticated, multi-stage cyber heist that targeted a large cryptocurrency exchange. The presentation, aptly titled "The Heist: Chasing an Advanced Crypto Attacker Across…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway STRONG ACCEPT ★★★★☆
  2. 2

    So you think you can airgap? (No.)

    Ziyad Edher

    In the rapidly evolving landscape of artificial intelligence, securing the colossal compute clusters that train and operate large language models presents unique and formidable challenges. Ziyad Edher, an infrastructure and security expert at Anthropic, delivered a compelling…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway STRONG ACCEPT ★★★★☆
  3. 3

    Follow the data to learn the secret

    Dylan Ayrey

    In this compelling talk, Dylan Ayrey, CEO and co-founder of Truffle Security, unveils a staggering problem: the pervasive leakage of sensitive data, including hundreds of thousands of live API keys, passwords, and personal information, across the vast landscape of open-source…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway SOLID ★★★☆☆
  4. 4

    Gettings PCAPs from Stingrays for $20 with Rayhunter

    Cooper Quintin, Will Greenberg

    In an era of increasing digital surveillance, the talk "Getting PCAPs from Stingrays for $20 with Rayhunter" by Cooper Quintin and Will Greenberg from the Electronic Frontier Foundation (EFF) presented a groundbreaking, low-cost solution for detecting **cell site simulators**…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway SOLID ★★★☆☆
  5. 5

    Saving Bug Bounties from AI Slop

    Anto Joseph

    In an era increasingly influenced by advanced artificial intelligence, the traditional landscape of bug bounty programs faces significant challenges, particularly from the proliferation of AI-generated "slop" reports. Anto Joseph, a security engineer at Eigen Labs, delivered a…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway SOLID ★★★☆☆
  6. 6

    Who Watches the NPM Watchers?

    Paul McCarty

    In his thought-provoking BSides SF talk, "Who Watches the NPM Watchers?", Paul McCarty, co-founder of Open-Source Malware, delves into the critical, yet often unexamined, landscape of NPM package scanning. The presentation uncovers the varying methodologies, motivations, and…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway SOLID ★★★☆☆
  7. 7

    CloudShell Hide-n-Seek: enjoying the sweet persistent sounds of silence!

    Jenko Hwong, Chris Ryan

    In "CloudShell Hide-n-Seek: enjoying the sweet persistent sounds of silence," Jenko Hwong and Chris Ryan, Principal Security Researchers at Huntress Labs, delve into the often-overlooked security implications of **Cloud Shell** environments across major cloud providers. The…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway SOLID ★★★☆☆
  8. 8

    Pwning and Defending AI Agent Code Interpreters

    Kinnaird McQuade

    Kinnaird McQuade, Chief Security Architect at Beyond Trust, delivered a compelling talk at BSides SF, shedding light on the rapidly evolving and inherently risky landscape of **AI agent code interpreters**. The presentation, titled "Pwning and Defending AI Agent Code…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway SOLID ★★★☆☆
  9. 9

    How We Red-Teamed Our Own AI Agent: Lessons from Operation Pale Fire

    Josiah Peedikayil, HS

    This talk, "How We Red-Teamed Our Own AI Agent: Lessons from Operation Pale Fire," presented by Josiah Peedikayil from Block's offensive security team, details a proactive **red team operation** targeting Block's internal **AI agent** named **Goose**. The primary objective was…

    0 Dr. Zero STRONG ACCEPT ★★★★☆ H Heather Calloway SOLID ★★★☆☆
  10. 10

    Your AI Agent Has Production Access: Now What?

    Jack

    This talk, "Your AI Agent Has Production Access: Now What?", delivered by Jack from Anthropic, delves into the escalating security risks associated with deploying AI agents that possess the ability to interact with production environments. As artificial intelligence models…

    0 Dr. Zero SOLID ★★★☆☆ H Heather Calloway STRONG ACCEPT ★★★★☆
  11. 11

    Let's Do the Timewarp Again! A Look Back to Move Forward

    Anna Westelius

    In her compelling keynote at BSides SF, Anna Westelius, Head of Security, Privacy, and Assurance at Netflix, delivered an optimistic and forward-looking message titled "Let's Do the Timewarp Again! A Look Back to Move Forward." Westelius addressed the pervasive anxiety and…

    0 Dr. Zero SOLID ★★★☆☆ H Heather Calloway SOLID ★★★☆☆
  12. 12

    AI-Powered AppSec: 10x Your Security Team Without Scaling Headcount

    Anshuman Bhartiya

    Anshuman Bhartiya, AppSec Tech Lead at Lyft, presented a compelling talk on leveraging Artificial Intelligence to dramatically enhance application security capabilities without the need for proportional headcount increases. Titled "AI-Powered AppSec: 10x Your Security Team…

    0 Dr. Zero SOLID ★★★☆☆ H Heather Calloway SOLID ★★★☆☆

View all talks at BSidesSF 2026 →