BSidesSF 2026

March 21-22, 2026 · San Francisco, CA · 91 talks

BSidesSF is the Bay Area's premier community-driven security conference, held annually in San Francisco. The 2026 edition — themed "BSidesSF: The Musical" — featured two days of talks, panels, workshops, and villages across keynotes, AppSec, AI security, cloud security, detection engineering, governance, and offensive research at City View at Metreon.

→ See editor’s top picks at BSidesSF 2026

• Opening Remarks (Saturday) — Reed Loden

  Reed Loden's opening remarks for BSides SF 2026, themed "The Musical," served as a comprehensive welcome and foundational guide for attendees, setting a distinct tone that blended humor with a…

• Let's Do the Timewarp Again! A Look Back to Move Forward — Anna Westelius

  In her compelling keynote at BSides SF, Anna Westelius, Head of Security, Privacy, and Assurance at Netflix, delivered an optimistic and forward-looking message titled "Let's Do the Timewarp Again!…

• The Heist: Chasing an Advanced Crypto Attacker Across the Multi-cloud — Yotam Meitar

  Yotam Meitar, Director of Incident Response at Wiz, delivered a compelling talk at BSides SF, detailing a sophisticated, multi-stage cyber heist that targeted a large cryptocurrency exchange. The…

• AI-Powered AppSec: 10x Your Security Team Without Scaling Headcount — Anshuman Bhartiya

  Anshuman Bhartiya, AppSec Tech Lead at Lyft, presented a compelling talk on leveraging Artificial Intelligence to dramatically enhance application security capabilities without the need for…

• Your Load Balancer is Your New Perimeter: Attacks & Defenses at Scale — Arjun Sharma

  In an era where enterprise security perimeters are increasingly complex and costly, a fundamental vulnerability often remains overlooked: the load balancer. Arjun Sharma, who leads IBM Cloud's…

• The Phantoms of the Fraudpera: An Overview of Anti-Detection Tooling — Bobbie Chen

  In "The Phantoms of the Fraudpera," Bobbie Chen, a Product Manager specializing in bot detection and fraud prevention at Stitch by Twilio, unveils the sophisticated and often underappreciated…

• Detection at Scale: Abstracting Detection Intent — Gaurav Singh, Dario Amiri

  In their BSides SF 2026 presentation, "Detection at Scale: Abstracting Detection Intent," Gaurav Singh and Dario Amiri from Google addressed the formidable challenge of building and maintaining…

• State of (Absolute) AppSec — Seth Law, Ken Johnson, Kevin McDermott, Astha Singhal, Clint Gibler

  The "State of (Absolute) AppSec" panel at BSides SF delved into the seismic shifts occurring within application security due to the rapid advancements and integration of Artificial Intelligence (AI)…

• How to Be a GRC Hero (Without Heroics) — Stas Bojoukha

  In his compelling BSides SF talk, "How to Be a GRC Hero (Without Heroics)," Stas Bojoukha, the Founder and CEO of Comply, dissects the fundamental flaws in traditional Governance, Risk, and…

• Is Q-Day Worse than Y2K? Strategies for Surviving the Quantum Threats — Sandip Dholakia

  In his compelling talk at BSides SF, Sandip Dholakia, a seasoned expert with 25 years in the cryptography industry, tackled the existential threat of quantum computing to our current cryptographic…

• Follow the data to learn the secret — Dylan Ayrey

  In this compelling talk, Dylan Ayrey, CEO and co-founder of Truffle Security, unveils a staggering problem: the pervasive leakage of sensitive data, including hundreds of thousands of live API keys…

• Orchestrating Resilience: Composing a New Score for Netflix Service Reliability — Sandhya Narayan, Prachi Jain

  In "Orchestrating Resilience: Composing a New Score for Netflix Service Reliability," Sandhya Narayan and Prachi Jain, both from Netflix's Security Engineering organization, presented a compelling…

• Securing Space: The Next Frontier for Security Engineers — Anshu Gupta

  Anshu Gupta's talk, "Securing Space: The Next Frontier for Security Engineers," delivered at BSides SF, serves as a clarion call for security professionals to turn their attention to the rapidly…

• From $10 to $30M: Operating in the Data-Extortion Aftermath — Diego Matos

  In his compelling BSides SF talk, "From $10 to $30M: Operating in the Data-Extortion Aftermath," Diego Matos, IBM's Latin American Incident Response Leader, provides a critical examination of the…

• Practice Cyber Skills Like a Musician — Bianca Ionescu

  In a field often characterized by rapid evolution and overwhelming complexity, Bianca Ionescu's talk, "Practice Cyber Skills Like a Musician," offers a refreshing and profoundly practical framework…

• The Phaaaaaaaaantom of the Salt Typhoon is there, inside i-SOON — Daniel Schwalbe

  In this insightful talk, Daniel Schwalbe, Head of Investigations and CISO at DomainTools, unveils the intricate and evolving landscape of the Chinese state-sponsored threat actor, **Salt Typhoon**…

• Reverse Engineering Go Malware: From Manual to AI-Powered Analysis — Asher Davila

  This talk, presented by Asher Davila, a Security Researcher at Palo Alto Networks, delves into the evolving landscape of Go malware analysis, transitioning from traditional manual reverse…

• Your Threat Model Is Lying to You: Why Modeling the Design Isn't Enough in 2026 — Farshad Abasi

  In his compelling BSides SF talk, "Your Threat Model Is Lying to You: Why Modeling the Design Isn't Enough in 2026," Farshad Abasi challenges the prevailing wisdom in application security. Abasi, a…

• Gettings PCAPs from Stingrays for $20 with Rayhunter — Cooper Quintin, Will Greenberg

  In an era of increasing digital surveillance, the talk "Getting PCAPs from Stingrays for $20 with Rayhunter" by Cooper Quintin and Will Greenberg from the Electronic Frontier Foundation (EFF)…

• AI as an Accountable Entity: Governing Risk When Machines Make Decisions — Pavithra Pradip

  Pavithra Pradip’s talk, "AI as an Accountable Entity: Governing Risk When Machines Make Decisions," addresses a critical and rapidly escalating challenge in modern technology: the governance of…

• Lessons Learned from Building Custom Hacker Hardware — c4m0ufl4g3

  In this insightful talk, Jonathan Fischer, known as c4m0ufl4g3, delves not into the capabilities of a specific piece of offensive hardware, but rather into the arduous and often unpredictable…

• AI for security - friend or foe? — Tom Alcock, Jackie Bow, Travis McPeak, Drew Hintz, Kyle Polley

  This panel discussion, "AI for Security - Friend or Foe?", assembled a distinguished group of security leaders from prominent artificial intelligence companies to dissect the multifaceted impact of…

• So you think you can airgap? (No.) — Ziyad Edher

  In the rapidly evolving landscape of artificial intelligence, securing the colossal compute clusters that train and operate large language models presents unique and formidable challenges. Ziyad…

• Detecting Race Conditions on macOS — Olivia Gallucci

  In her BSides SF talk, Olivia Gallucci of Data Dog delved into the critical topic of detecting race conditions on macOS, with a particular focus on how the misuse of **Grand Central Dispatch (GCD)**…

• Anatomy and Defense of LOTL Fileless Intrusions — Amol Sarwate

  This technical article delves into the intricate world of **Living Off The Land (LOTL)** and **fileless intrusions**, a pervasive and increasingly dominant threat landscape in cybersecurity…

• Not My Vibe: When AI Coding Agents Go Off the Rails — Aonan Guan, Zhengyu Liu

  In an era where AI coding agents are rapidly becoming indispensable tools for developers, the talk "Not My Vibe: When AI Coding Agents Go Off the Rails" by Aonan Guan and Zhengyu Liu (with…

• Rehearsal is Over: Moving GRC Engineering from Theory into Practice — Branden Rosenlieb

  In "Rehearsal is Over: Moving GRC Engineering from Theory into Practice," Branden Rosenlieb delivers a compelling argument for transforming traditional Governance, Risk, and Compliance (GRC)…

• Level Up Your Threat Modeling: Turning Security Into a Team Adventure — Stanley Harris

  In this engaging and unconventional talk at BSides SF, Stanley Harris, co-founder and CEO of Catalyst, unveiled an innovative approach to an often-daunting security practice: **threat modeling**…

• The Trusted Platform Module — Eric Chiang
• What a False Alarm Taught Us About Security as a 2-Person Startup — Alex Chantavy, Kunaal Sikka

  In a candid and surprisingly vulnerable talk at BSides SF, Alex Chantavy and Kunaal Sikka, co-founders of the security startup Subimage, shared a deeply personal and professionally embarrassing…

• Elevating First-Time Female Voices on Stage — Poorna Rajaraman, Deepika Gupta

  In a compelling presentation at BSides SF, Deepika Gupta and Poorna Rajaraman from Cisco addressed a critical issue within the cybersecurity community: the significant underrepresentation of…

• CISO Series Live Podcast Recording — David Spark, Mike Johnson, Sara Madden

  This article delves into a live podcast recording of the CISO Series, captured at BSides San Francisco 2026. Hosted by David Spark, the session featured veteran CISOs Mike Johnson of Rivian and…

• Prompt, Commit, Repeat: Security at Scale When 1,000 Devs Go AI-Native — Balachandra Shanabhag

  In an era where Artificial Intelligence (AI) is rapidly integrating into software development workflows, Balachandra Shanabhag's talk, "Prompt, Commit, Repeat: Security at Scale When 1,000 Devs Go…

• Threat Chords: Tuning into Persistent Patterns in Adversary Behavior — Karthika, Samhita Vempatti

  In a landscape increasingly defined by rapid cyberattacks and sophisticated adversaries, the BSides SF talk "Threat Chords: Tuning into Persistent Patterns in Adversary Behavior" by Adobe…

• Cringe, Corrected: Hot Takes Fixed by the CIS Controls — Lawrence Cruciana, Amelia Cruciana

  In an era saturated with online information, discerning credible cybersecurity advice from misleading "hot takes" can be a daunting challenge, especially for early-career professionals. The talk…

• From Assistant to Assassin: Weaponizing An OpenClaw Vulnerability to Achieve 1-Click RCE — Mav Levin

  In this compelling talk at BSides SF, security researcher Mav Levin unveiled a critical **one-click Remote Code Execution (RCE)** vulnerability within **OpenClaw**, a popular agentic assistant…

• You Just Might Find, You Get What You Need: How MS Became My Unlikely Success Story — Emily Harden

  Emily Harden's presentation at BSides SF, titled "You Just Might Find, You Get What You Need: How MS Became My Unlikely Success Story," offered a profoundly personal and unexpectedly poignant…

• The Room Where It Happens (Identity Compromise Edition): Behind the scenes of Okta attack campaigns — Julie Agnes Sparks

  In "The Room Where It Happens (Identity Compromise Edition): Behind the scenes of Okta attack campaigns," Julie Agnes Sparks, a security researcher at Datadog, delivers a fast-paced and highly…

• Increasing the Analysis Surface of Large Language Models — Stephen Brennan, Ulrich

  In an era increasingly defined by the ubiquitous integration of Large Language Models (LLMs), understanding and securing these complex systems has become a paramount challenge. This talk…

• Architecting the Modern SOC: The Evolving AI Reality for Blue Teams — Bryan Fite, Dean De Beer, Nicole Grinstead, Swathi Joshi

  This panel discussion, "Architecting the Modern SOC: The Evolving AI Reality for Blue Teams," delves into the transformative impact of artificial intelligence on Security Operations Centers (SOCs)…

• Demystifying File Similarity for Malware Detection — Udbhav Prasad

  In an era where malware sophistication is rapidly escalating and adversaries can generate myriad polymorphic variants with ease, the ability to accurately and efficiently identify similar files is…

• Practical (and impractical) git commit signing — Matthew Garrett

  In this insightful talk, Matthew Garrett delves into the complexities and practicalities of Git commit signing, a crucial but often misunderstood aspect of software supply chain security. Garrett, a…

• Your Arch-Nemesis is a Data Scientist: What's the Difference Between Security and Privacy Work? — Aleatha Parker-Wood

  In a landscape increasingly dominated by data-driven decision-making and machine learning, the distinctions and overlaps between traditional security and privacy work have become critically…

• When the supply chain hits a sour note — Kennedy Toomey

  In this insightful talk, "When the supply chain hits a sour note," Kennedy Toomey, an Application Security Researcher and Advocate at DataDog, delves into the escalating threat of software supply…

• Web standard consortiums are a game with Chrome as the monopoly man — Simon Wijckmans

  In his compelling BSides SF talk, "Web standard consortiums are a game with Chrome as the monopoly man," Simon Wijckmans, founder and CEO of client-side web security company Seaside, delivers a…

• More Role Models in AppSec: How to Get It Right — Alexandra Charikova

  In a field often dominated by technical prowess and vulnerability management, Alexandra Charikova's talk, "More Role Models in AppSec: How to Get It Right," offers a compelling shift in perspective…

• Composing the Response: Building an Incident Pipeline from Scratch — Geet Pradhan

  In his compelling BSides SF talk, "Composing the Response: Building an Incident Pipeline from Scratch," security engineer Geet Pradhan addresses the critical challenges faced by lean security teams…

• Conducting the Kill-Chain: Detecting APT Progression Through Music-Sequence Modeling — Krupa Brahmkstri, Sneha Rangari

  In an era where cybersecurity defenses are increasingly sophisticated, advanced persistent threats (APTs) continue to bypass detection, often by operating under the radar for extended periods. This…

• Breaking Tokens: Modern Attacks on OAuth, OIDC, and JWT Auth Flows — Bhaumik Shah

  In the contemporary landscape of web and mobile applications, **OAuth**, **OpenID Connect (OIDC)**, and **JSON Web Tokens (JWTs)** have become the de facto standards for authentication and…

• "Ask the EFF" Panel — David Greene, Katharine Trendacosta, Samantha Baldwin, Cooper Quintin

  The "Ask the EFF" panel at BSides SF 2026 offered a unique and unfiltered look into the critical work of the Electronic Frontier Foundation (EFF) at the intersection of technology, law, and…

• Incident Readiness You and Your Leaders Will Actually Trust — Shachar Hirshberg, Hadar Waldman

  In an era where production environments are increasingly complex and dynamic, ensuring robust incident readiness and maintaining visibility into operational realities has become a critical challenge…

• RBAC Atlas: Mapping Real-World Kubernetes Permissions and Exposing Risky Projects — Lenin Alevski

  In the rapidly evolving landscape of cloud-native computing, Kubernetes has emerged as the de facto operating system of the cloud, orchestrating containerized applications with unparalleled scale…

• Saving Bug Bounties from AI Slop — Anto Joseph

  In an era increasingly influenced by advanced artificial intelligence, the traditional landscape of bug bounty programs faces significant challenges, particularly from the proliferation of…

• Opening Remarks (Sunday) — Reed Loden

  This article details the opening remarks for the second day of **BSides SF 2026**, delivered by long-time organizer Reed Loden. The address served as a comprehensive welcome to attendees…

• Against the Tyranny of Optimization: On the Stability of Automated Republics — Katie Moussouris

  In her compelling keynote at BSides SF, Katie Moussouris, founder and CEO of Luta Security, delivered a stark warning about the societal implications of unchecked technological advancement…

• The Great Credential Caper: How to Perform and then Defend Against the (Nearly Impossible) to Defend — Christo Roberts, Dan Hollinger

  In "The Great Credential Caper," Christo Roberts and Dan Hollinger deliver a compelling and timely presentation on the escalating threat of **credential stuffing** attacks, particularly in an era…

• We Pwn the Night: Growing & Leading an 31337 security research team — Keith Hoodlet

  In this compelling talk, "We Pwn the Night," Keith Hoodlett, former Director of IML and Application Security at Trail of Bits, shares his groundbreaking experiment in cultivating an elite security…

• Who Watches the NPM Watchers? — Paul McCarty

  In his thought-provoking BSides SF talk, "Who Watches the NPM Watchers?", Paul McCarty, co-founder of Open-Source Malware, delves into the critical, yet often unexamined, landscape of NPM package…

• What happened to the lock icon? — Serena Chen

  In a significant update rolled out in September 2023, Google Chrome removed the ubiquitous lock icon from its address bar, a symbol long associated with secure web connections. This talk, delivered…

• CloudShell Hide-n-Seek: enjoying the sweet persistent sounds of silence! — Jenko Hwong, Chris Ryan

  In "CloudShell Hide-n-Seek: enjoying the sweet persistent sounds of silence," Jenko Hwong and Chris Ryan, Principal Security Researchers at Huntress Labs, delve into the often-overlooked security…

• The AppSec Poverty Line: Minimal Viable Security — Tanya Janca

  In her compelling talk, "The AppSec Poverty Line: Minimal Viable Security (MVS)," Tanya Janca, CEO and Secure Coding Trainer at She Hacks Purple Consulting, addresses a critical and often overlooked…

• Pwning and Defending AI Agent Code Interpreters — Kinnaird McQuade

  Kinnaird McQuade, Chief Security Architect at Beyond Trust, delivered a compelling talk at BSides SF, shedding light on the rapidly evolving and inherently risky landscape of **AI agent code…

• Building an open source security project with 1M+ installations — Fletcher Heisler, Marcelo Elizeche Landó

  In this insightful BSides SF talk, Fletcher Heisler, CEO of Authentic Security, and Marcelo Elizeche Landó, Software Engineer, shared their journey and the "seven and a half-ish lessons" learned…

• The Epistemology of Trust — Mike Wilkes

  In "The Epistemology of Trust," Mike Wilkes challenges conventional cybersecurity wisdom, urging a fundamental shift in how organizations perceive and manage risk. Drawing on his unique background…

• How We Red-Teamed Our Own AI Agent: Lessons from Operation Pale Fire — Josiah Peedikayil, HS

  This talk, "How We Red-Teamed Our Own AI Agent: Lessons from Operation Pale Fire," presented by Josiah Peedikayil from Block's offensive security team, details a proactive **red team operation**…

• Sandboxes, Seccomp, and Syscalls: Chasing Isolation in Kubernetes — Mark Manning

  In this insightful talk from BSides SF, Mark Manning, an offensive security engineer at Chain Guard and creator of SECMC compare, delves into the complex landscape of container isolation within…

• Detection Allegro: Composing Detection Rules with Agentic Workflows — Raphael Ruban, Chen Cao

  In the rapidly evolving landscape of cybersecurity, the ability to quickly develop, deploy, and maintain robust threat detection rules is paramount. This talk, "Detection Allegro: Composing…

• Security on a Shoestring: A Low-Budget Security Revival Tour — Jared Casner

  In "Security on a Shoestring: A Low-Budget Security Revival Tour," Jared Casner, co-founder of Blacksmith Infosac, delivers a pragmatic and actionable guide for startups and small to medium-sized…

• You're Gonna Be Popular: Why They're Getting a Callback and You're Not — Ruby Murphy, Clea Ostendorf

  In an era defined by rapid technological shifts and economic uncertainties, the security job market has become an increasingly complex and often frustrating landscape for both job seekers and hiring…

• The Risky Business of Risk Illiteracy — Sean Juroviesky

  In his compelling BSides SF talk, "The Risky Business of Risk Illiteracy," Sean Juroviesky addresses a fundamental disconnect in how many organizations approach cybersecurity: a failure to…

• A Worm in the Apple: Wormable Zero-Click RCE in AirPlay Impacts Billions of Apple and IoT Devices — Avi Lumelsky, Uri Katz

  This talk, presented by Avi Lumelsky and Uri Katz from Oligo, unveiled a critical collection of vulnerabilities dubbed "Airborne," affecting Apple's widely used AirPlay protocol. The research…

• Running an efficient bug bounty program and PSIRT function — Garrett McNamara, Jeff Guerra

  In this insightful talk from BSides SF, Garrett McNamara of ServiceNow and Jeff Guerra of OnePassword (formerly GitHub) delve into the critical components of establishing and maintaining effective…

• The great SAST dissonance: how to please every audience, at scale — Claudio Merloni, Romain Gaucher

  Claudio Merloni, a Staff Security Researcher at Semgrep, delivered a compelling talk at BSides SF, dissecting the pervasive challenge of achieving comprehensive Static Application Security Testing…

• One Thousand and One AI-Prevented CVEs: Vibe Coding a Whole New Supply Chain Defense — Brandon Wu

  In an era where software supply chain attacks are escalating dramatically, the manual processes traditionally employed to secure third-party dependencies are proving to be unsustainable. Brandon Wu…

• A blueprint for building a generic authorization service for your organization — Ashwin Sidhalinganahalli, Fletcher Ramee

  In the modern landscape of distributed systems, managing access control across thousands of microservices has become an intractable problem, leading to significant security vulnerabilities and…

• How the Vietnam War created single sign-on — and how it's evolved since — Connor Peshek

  In this fascinating talk, Connor Peshek, a seasoned engineer with experience at Kroger, Cloudflare, and Authentic, delves into the unexpected origins and intricate evolution of **single sign-on…

• How to sell your soul, err, your security program — Jenn Gile

  In "How to sell your soul, err, your security program" at BSides SF, Jenn Gile, co-founder of Open Source Malware, tackles a pervasive challenge faced by security professionals: securing buy-in and…

• Kidnapping a Library: How Ransomware Taught the British Library to Follow Well-Known Best Practices — Brian Myers

  In this compelling talk at BSides SF, independent information security contractor Brian Myers dissects the catastrophic ransomware attack that crippled the British Library in October 2023. Drawing…

• Breaking Endpoint Anti-Ransomware: Going Browser Native — Nishant Sharma, Vivek Ramachandran

  In an era where digital identities and critical data increasingly reside within the browser and cloud services, traditional endpoint security measures are facing a formidable new challenge. This…

• Hunting Malicious IDE Extensions: Building Detection at Scale Across Developer Workstations — Vinod Tiwari

  In an era dominated by sophisticated supply chain attacks, the security of developer workstations has emerged as a critical yet often overlooked vulnerability. Vinod Tiwari's talk, "Hunting…

• Making WAF Mainstream: From Static Defenses to Living, Learning Protection — Roy Weisfeld, Surya Pentakota

  This talk, "Making WAF Mainstream: From Static Defenses to Living, Learning Protection," delivered by Roy Weisfeld and Surya Pentakota, addresses the pervasive frustrations associated with…

• MCPwned: Hacking MCP Servers with One Skeleton Key Vulnerability — Jonathan Leitschuh

  Jonathan Leitschuh's talk, "MCPwned: Hacking MCP Servers with One Skeleton Key Vulnerability," delves into a critical and long-standing class of browser-based vulnerabilities that enable public…

• Google Drive Hunter: Building the Tool Google Should've Built — Ayman Elsawah

  In an era where cloud collaboration platforms are indispensable, the accidental exposure of sensitive data remains a persistent and critical security challenge. Ayman Elsawah's talk, "Google Drive…

• From Auditions to Opening Night: Selecting Security Tools that hits the high notes — Saurabh Sharma

  In the fast-paced world of cybersecurity, the allure of cutting-edge tools and zero-day exploits often overshadows a fundamental challenge: the successful selection and deployment of security…

• From pocket to Pwn: How we hacked a multinational Corp for $200 with what's in our pockets — Tim Shipp

  In this compelling talk at BSides SF, Tim Shipp, CTO and co-founder of Threat, unveiled a low-cost, high-impact attack vector that leveraged everyday items and overlooked security gaps to compromise…

• Red Teaming from outside: Identifying and exploiting SaaS systems for access — Rojan Rijal

  In this insightful talk, Rojan Rijal of Orphan Security delves into novel methods for **red teaming** organizations from an external perspective, specifically by identifying and exploiting common…

• Your AI Agent Has Production Access: Now What? — Jack

  This talk, "Your AI Agent Has Production Access: Now What?", delivered by Jack from Anthropic, delves into the escalating security risks associated with deploying AI agents that possess the ability…

• From Noise to Notes: Orchestrating SAST with Developers through AI-Driven Remediation — Adrián Puente Z.

  In this insightful talk at BSides SF, Adrián Puente Z., a Principal Security Engineer at Remountley, presented a compelling framework for transforming the often-frustrating experience of Static…

• Security for AI Agents Using an Ensemble of Fine-tuned Small Language Models — Lidan Hazout, Bar Kaduri

  The rapid adoption of AI agents across various industries, from coding assistants to personal productivity tools, has introduced a new and complex attack surface that traditional security paradigms…

• Power Dynamics in Security Leadership: a legato leitmotif lullaby on leading lightly and luminously — Sarai Rosenberg

  In her BSides SF talk, "Power Dynamics in Security Leadership: a legato leitmotif lullaby on leading lightly and luminously," Sarai Rosenberg delves into the often-overlooked yet critical role of…

• Closing Remarks — Reed Loden

  Reed Loden's "Closing Remarks" for BSides San Francisco 2026 served as a comprehensive retrospective, encapsulating the monumental efforts and record-breaking successes of one of the cybersecurity…