A Lane for All Things BSides! This lane provides information on all non-talk/workshop specific items, such as villages & more!

A corporate espionage case. A suspect. Clues left behind on a machine that doesn't lie. This session dives into the thrilling world of digital forensics using FTK Imager to follow digital breadcrumbs, uncover hidden evidence, and think like an attacker. Learn how free tools, sharp instincts, and smart techniques can turn secrets into stories. Because humans hide things. Computers don’t.

With rising cases of adults using Roblox, Minecraft, and Discord to exploit children, this session equips parents, educators, and youth with tools to stay safe. Learn to adjust privacy settings, spot grooming behavior, and respond to suspicious activity. Gain practical strategies and resources to help protect children in online spaces.

W. Garrett Myler has successfully used the Flipper Zero to test the effectiveness of evil portal attacks. You'll be shocked by the demographics (and training!) of the unwitting test subjects he social engineered. Garrett will show you how he used the Flipper Zero and evil portals to conduct his research and what individuals and companies should do to avoid being victims in our modern world of infostealers and credential stuffing.

The future of machine identity and access management is the future of security and business resiliency.

Attend this session to:
- Better communicate about why we must do things differently and soon
- Learn how the open-source software community has looked at addressing the identity problem
- Understand what commercial options are available
- Map a path away from the world of long-lived credentials

Every Thursday, thousands of people flock to X, Instagram, and TikTok to post old photos and their favorite memories as part of #ThrowbackThursday. Not to be outdone, Cybercriminals are doing the same thing. Last year, most vulnerabilities exploited by criminals were from 2020 or earlier, and the most common online scams were repeats of previous years. So, why are criminals using these legacy vulnerabilities and well-known scams? Because they work.

It’s coming, and you aren’t ready. Your company’s virtual agent is sending inappropriate messages and handing out customer PII to anyone that asks nicely. And who are they going to call? You. This talk explores the investigation and response process for handling the unique threats to GenAI chatbots.

In this intro to web application penetration testing workshop, participants will learn the basics of web application penetration testing including; methodology, tools, techniques, and resources. The skills taught in this workshop are valuable to aspiring bug hunters for use in bug bounties.

Blackout Warfare – What happens within a community when a threat actor targets the electric utility. How does this impact other daily life and operations that depend on computer technology to function.

In this presentation, leaders will get a better understanding of how AI governance functions and AI GRC enabled policies can be integrated into their cybersecurity programs and hopefully help them assess their cybersecurity maturity in the process. Furthermore, I will discuss how an effective AI governance program can help anticipate and prevent security breaches.

No-code automation tools like n8n, Make, and Zapier are the cool new kids on the block, letting anyone build complex workflows without writing a line of code. Great for business folks and security teams who want to automate the boring stuff! But here's the catch, these platforms come with a side of security headaches. We'll dive into how these tools can elevate your security operations game while also showing how attackers can leverage these capabilities. Come see both sides of the no-code coin!

Infostealers are central to today’s cybercrime economy, enabling large-scale credential theft and driving an ecosystem of illicit trade. This talk examines the infostealer lifecycle, the mass resale of stolen data through automated platforms, and how their accessibility sustains a growing criminal market. It also explores the economic structures that enable this malware-as-a-service model and its implications for defenders attempting to cease it's utilizations by adversaries.

Detection Engineering is the art and science of taking information about potential threats and turning it into automated alerts. In this talk I will discuss using the free and open Security Onion platform to monitor network traffic and logs in your environment and alert you to potentially malicious or suspicious events.

Neglected, underresourced, or insecure open source code is being weaponized by adversarial nations and threat actors—and it’s putting our infrastructure at risk. As CISA and other regulators join forces with industry to tackle opaque software supply chains, this talk breaks down what’s at stake, what’s in motion, and what defenders and leaders can do to make and use more safe and reliable software.

Cybersecurity incidents aren't just about data breaches and financial losses—they deeply affect real lives. Incident responders experience intense burnout and psychological strain, while individuals in impacted communities suffer real-world consequences, including disrupted medical treatments, lost savings, stress, and anxiety from compromised healthcare, power, oil & gas, water, and financial services. This session uncovers the human realities behind cyber attacks.

Hands-on workshop of application security pen testing of cloud REST APIs. Covering hacking of OpenStack, Google Cloud, and Salesforce.

This talk will explore the tangible impact of LLMs in cybersecurity, focusing on how they can be used to automate proactive security workflows at scale using agentic patterns.

We’ll analyze real world case studies to show where AI agents excel and where they fall short. Specifically, we'll discuss how AI agents can be used to augment traditional human-driven processes to expedite vulnerability identification, assessment, and remediation.

Think Hollywood hacks are real? Think again. In this fun and interactive session, we’ll break down famous movie and TV hacking scenes, separate fact from fiction, and reveal how real cyber pros get the job done. From flashy exploits to true-to-life tactics, you’ll walk away entertained, informed, and ready to spot the myths in your next movie night.

The cyber gap has been as high as 3.5 million people globally, however has anyone actually measured how many people are in cybersecurity? While there aren’t many metrics to go off, as of 2024, it was about 5.5 million globally. With the emergence of AI, this number is about to reset back to zero. I personally keep running into cyber professionals at all levels who say they do not know where to start. This can be Your AI-Cyber Crash Course to enable AI literacy for BSides SATX Attendees

In today's rapidly evolving digital landscape, information security is no longer the sole responsibility of IT departments. Ensuring robust security and compliance requires the active participation of all employees, including those who may not consider themselves technically proficient. This talk will explore strategies to secure, communicate compliance, and drive intrinsic security behaviors among non-technical staff by demystifying complex concepts & fostering a culture of security awareness.

Many brand new locks have common and very old vulnerabilities that make them easy to open with the right tools. This interactive presentation will demonstrate a number of common attacks.

This talk will demonstrate a practical, real-world integration of Generative AI into offensive security operations. Focusing on improving workflow automation for red teamers, pen-testers, and hybrid operators through structured co-development with GenAI. It also includes humorous stories of the headaches and many bugs experienced along the way. Attendees will walk away with a deeper appreciation for how GenAI can augment security professionals.

The presentation will discuss the Misconfiguration Manager project attack techniques for both an offensive and defensive audience. Additionally, it will discuss detection and evasion techniques in a "Red vs Blue" style format.

Identity and Access Management (IAM) is more than just accounts and passwords. Here is your chance to understand at a high level what capabilities that IAM provides and how it all fits together.

This presentation covers the concept and foundation of what a homelab can be used for, and shares one set of options. We'll cover how to connect using current no-cost tools and how to safely connect without opening ports in your home router. Along the way we can learn skills that apply to this ever advancing world. So whether you're a relative beginner, a seasoned professional, or somewhere in-between, there's something for all skill levels in the mix.

As we push things like Kubernetes clusters to edge installations for reduced latency and increased availability, how protected are they against crowbar theft? Encrypting their disks reduces these risks, but then you discover corner cases in production where your servers aren't automatically decrypting, and you've effectively DoSed yourself. Oops. We'll explore an alternative with network-based decryption without escrow or proprietary hardware using the Open Source Linux tools Tang and Clevis.

In today's interconnected business world, communication between systems is crucial but also a vector for adversaries. This project evaluates the effectiveness of micro-segmentation in mitigating network breaches within a Zero-Trust model. By comparing segmented and non-segmented environments, the study quantifies the impact of breaches based on attack path depth and total impact score, providing insights for IT decision-making and control selection

Is your incident response team ready for ransomware? This session delivers a technical walk through of how ransomware attacks unfold, from initial compromise to lateral movement and data exfiltration. Through a real-world case study, we’ll explore forensic investigation techniques, containment strategies, and recovery planning. Attendees will gain actionable insights to enhance readiness and reduce dwell time during high-impact incidents.

Threat actors are weaponizing trust and urgency in terrifying new ways, and the ClickFix attack is proof. This deceptively simple technique tricks users into executing malware with a single copied command—no exploits, no macros, just human behavior working against itself. If you work in incident response or SOC operations, understanding ClickFix isn’t optional—it’s essential. See why this attack works, how to stop it, and what’s next in the evolving playbook of cyber deception.

At DEFCON 32, my team taught over 160 people the limitations of manual code review to solve secrets sprawl.
This talk is a quick recap of the surprising findings we unexpectedly gathered and the power of getting away from the keyboard. I will reveal my new theory on driving better conversations across teams and roles to actually try and improve security, and not just show how clever we are.

Breaking into cybersecurity can feel overwhelming, especially for those without a traditional background. After mentoring over 130 students including college graduates, career changers from other industries, high school grads, and individuals of all ages I've seen firsthand what it takes to make the leap into tech and security. In this talk, I’ll share the key strategies, mindsets, and resources that consistently helped them succeed.