May 30, 2026
The James Bong Building
833 Market St 400
San Francisco
Saturday, May 30, 2026 — San Francisco
Schedule
| Time | Speaker | Title |
|---|---|---|
| 9:30 | — | Coffee Cart — sponsored by ClearVector |
| 10:00 | — | Opening Remarks |
| 10:05 | Emily Choi-Greene | Keynote — The New SDLC: When vibecoding breaks all process |
| 10:45 | Eric Chiang | On SAML |
| 11:15 | Matthew Conway | Who Is KIM? Applying ACH to Attribution |
| 11:45 | Vidya Bodepudi | High-Performance Secret Harvesting: Escaping the Regex Trap |
| 12:15 | Vidya Bodepudi, Srajan Gupta, Michael Cartsonis | Call for Participation - A survey on burnout in InfoSec, An Introduction to project OASIS |
| 12:45 | — | LUNCH — sponsored by Red Hat |
| 13:15 | Caitlin Montgomery | You've Got Mail: Using OSINT To Analyze and Investigate Suspicious Emails |
| 13:45 | Cassie Crossley | The Silent Fix: How Open Source Maintainers Accidentally Create a PreCVE Attack Window |
| 14:15 | Matthew Garrett | Bearer tokens suck and we can do better |
| 14:45 | — | BREAK |
| 15:00 | Anshu Gupta | AI Biodefense: Preparing for future AI capabilities in biology |
| 15:30 | Akanksha Pathak | The Model Is Quietly Drifting (And No One Notices Until It's Too Late) |
| 16:00 | Tom Goodheart | Declarative Destruction: Retiring my ParrotVM for NixOS |
| 16:30 | Hilliary Lipsig | The Cyber Riposte: Using Fencing Strategy and Predictive AI to Outsmart the Adversary |
| 17:00 | — | Closing Remarks |
| 18:00 | — | Afterparty at Irish Bank — sponsored by DevArmor |
Speaker Details
Akanksha Pathak
The Model Is Quietly Drifting (And No One Notices Until It’s Too Late)
Your AI model didn’t fail.
It slowly became irrelevant.
No alerts.
No crashes.
No obvious signals.
Just:
Slightly worse detections
A few missed anomalies
A gradual loss of trust
Until one day, something important slips through.
This is model drift—and it’s one of the most under-discussed failures in AI-driven security systems.
In real environments, models don’t break loudly. They degrade quietly as data, behavior, and systems evolve. The problem is not detection—it’s realizing that detection is getting worse.
This talk focuses on how drift actually shows up inside a SOC:
Why models decay even when nothing “seems wrong”
How changing user behavior, infrastructure, and attackers impact model accuracy
Why traditional metrics fail to catch drift early
What signals teams miss until it’s too late
More importantly, we’ll cover what to do about it:
How to detect drift before incidents happen
Building feedback loops from analysts to models
Designing retraining pipelines that actually work in practice
This is a talk about a failure mode that doesn’t trigger alerts—but should.
Tom Goodheart (t0mQuixote, t-0-m-1-3)
Declarative Destruction: Retiring my ParrotVM for NixOS
Penetration testing distros like Kali and Parrot Security ship hundreds of tools in a monolithic image that's difficult to version, reproduce, or customize. When something breaks: a failed upgrade, a borked dependency, a rogue config. You're often left rebuilding from scratch slowing the assessment. What if your entire pentest environment was declarative, version-controlled, and reproducible from a single git clone?
This talk walks through replacing Parrot Security OS with a NixOS-based penetration testing VM, built entirely from .nix configuration files. We cover the architecture of mapping Parrot's tooling categories (recon, exploitation, wireless, forensics, post-exploitation) into modular Nix expressions, handling the remainder of pentest tools that aren't yet packaged in nixpkgs, and the practical tradeoffs of running a declarative OS for offensive security work.
We also introduce bookcrack, a custom passphrase wordlist generator that pulls full texts from the Internet Archive, extracts notable passages via NLP (spaCy lemmatization), and generates mutation-based password candidates targeting users who choose literary quotes and book passages as passwords.
The talk concludes with a live demo against a deliberately vulnerable target, showing the full workflow: NixOS VM boot to reconnaissance to bookcrack wordlist generation to credential recovery and automated findings report generation using a custom terminal session recorder.
Attendees will leave with a complete, open-source NixOS pentest configuration they can clone and deploy, along with practical lessons on the friction points of running NixOS for offensive security.
Anshu Gupta
AI Biodefense: Preparing for future AI capabilities in biology
As AI capabilities rapidly advance toward artificial general intelligence, the intersection of AI and biotechnology presents unprecedented security challenges that extend far beyond traditional cybersecurity perimeters. Large language models are already demonstrating sophisticated understanding of molecular biology, protein folding, and genetic engineering, while AI-accelerated drug discovery and synthetic biology platforms are democratizing access to previously specialized biological research capabilities. This convergence creates a new attack surface where malicious actors could potentially weaponize AI to design novel pathogens, circumvent biosafety protocols, or manipulate biological systems in ways that traditional biodefense strategies were never designed to address.
This session will examine the emerging threat landscape where AI becomes both a tool and a target in biological warfare scenarios, exploring how security leaders can prepare for risks including AI-designed bioweapons, compromised biomanufacturing systems, and adversarial attacks on AI-driven medical devices. Attendees will learn practical frameworks for assessing AI-bio risks within their organizations, understand the unique challenges of securing AI systems that interact with biological processes, and discover collaborative approaches between cybersecurity and biosecurity communities. We'll conclude with actionable recommendations for building organizational resilience against these convergent threats, including governance models that bridge traditional IT security and emerging bio-digital risks.
Caitlin Montgomery
You've Got Mail: Using OSINT To Analyze and Investigate Suspicious Emails
Suspicious emails are often the first foothold in modern cyber attacks, but they also leave behind a trail of clues hiding in plain sight. This talk explores how Open Source Intelligence OSINT techniques can be used to analyze and investigate potentially malicious emails, turning raw message data into actionable insight.
We will walk through practical methods for examining email headers, identifying sending infrastructure, and correlating artifacts such as IP addresses, domains, and metadata with publicly available intelligence sources. Attendees will learn how to trace the origin of an email, distinguish between spoofing and legitimate senders, and uncover patterns that link messages to broader campaigns or threat actors.
Designed for security practitioners, analysts, and curious defenders alike, this session emphasizes real world workflows and accessible tooling without requiring advanced forensics capabilities. By the end, participants will have a structured approach to answering a critical question, where did this email really come from, and what does it tell us?
Matthew Garrett
Bearer tokens suck and we can do better
The scene: some developers walk into a VC's office and say "We've got a new technology". VC says "Ok, show me what you've got" and developers launch into this incredible act. It's awful, basically password-equivalent credentials just sitting on disk, not IP bound, lacking any kind of fundamental association with the underlying device, easily exfiltrated by infostealers, scoped based on random application requests, overall just absolutely the worst security practices possible.
VC stares open mouthed, then applauds wildly. "What do you call it?" "Bearer tokens"
We live in an era where our hardware can contain secrets we can verify are never leaked, proving our identity in a secure manner. And after that magic cryptography has been performed we use that to issue something that has none of these properties, that sits in a space where it can be stolen and used elsewhere. How about we, uh, don't do that? How about these secrets live elsewhere?
Let's talk about what we can do better, why it's hard, how agentic workflows are going to make this problem so much worse, and try to do it without crying.
Vidya Bodepudi (nVidya)
High-Performance Secret Harvesting: Escaping the Regex Trap
The current state of secret scanning is fundamentally broken. We are throwing thousands of bloated Regular Expressions at petabytes of data and wondering why our CI/CD pipelines grind to a halt and our SIEMs choke.
In this deep dive, we rip apart the architecture of standard secret scanners and SIEM log processors (like Wazuh) to expose their fatal bottlenecks. We will prove that Regex-first secret harvesting is a performance dead-end. Then, we show you how to build a better mousetrap.
Drawing on concepts from genomic data compression, we will demonstrate how to build an embeddable secret harvester in high-performance Rust. By combining Shannon entropy filters, semantic heuristic modeling, and GPU-accelerated tri-stream architectures, we will scan massive datasets at blistering speeds. Whether you are a red teamer scraping GitHub for 0-days, or a blue teamer scanning a massive corporate monorepo, we will give you the architectural blueprints to find leaked credentials before the competition even finishes booting up their scripts.
Vidya Bodepudi (nVidya)
The Human Zero-Day
We talk endlessly about memory corruption, RCEs, and prompt injections. But we are ignoring the most critical, unpatched vulnerability in our infrastructure: the people defending it. The cybersecurity industry is experiencing an epidemic of burnout, depression, and severe mental health crises.
In The Human Zero-Day, we step away from the code and examine the psychological architecture of the Security Operations Center. We will break down the toxic team dynamics of "blame culture," the neurological impact of alert fatigue, and the impossible expectations placed on CISOs. Most importantly, we will prove that mental health is not a "soft HR issue"—it is a quantifiable security vulnerability. Cognitive depletion directly causes missed alerts, misconfigurations, and catastrophic breaches.
We will explore how the industry's hazing culture drives out diverse talent and forces seniors to exit the field entirely. Finally, we will provide an actionable framework for building psychological safety, restructuring on-call rotations, and transforming security teams from reactive meat-grinders into resilient, sustainable organizations.
Emily Choi-Greene
The New SDLC - When vibecoding breaks all process
Product security teams have traditionally architected their processes around the SDLC process, with design reviews, threat modeling, and post-implementation pen tests. With vibecoding, the linear SDLC process falls apart. Developers switch between writing prompts and specs, implementing code, and returning to update specs all in the span of hours. This session will talk about how product security teams can change their workflows to keep up with the pace of development.
↑ Back to scheduleMichael Cartsonis
Co-Founder
OASIS: Mobilizing the AppSec Community to Fix Open Source
The security industry has spent 20 years getting better at finding vulnerabilities. But finding doesn't fix software, it just makes it more vulnerable when it isn't fixed.
AI-driven attacks are exploiting it faster than any team can keep up, it is also generating an overwhelming tsunami of remediation slop to the developer's doorstep. The missing piece is human validation — AppSec experts who can review candidate fixes, separate signal from noise, and help advance real fixes upstream.
That's OASIS. A community validation layer that connects AppSec expertise to open source development, modelling a effective way for security and development to work together: security crowds validate fixes, developers accept, and most importantly, neither side is asked to become the other.
In this talk, you'll hear how OASIS works, why this is the moment for AppSec, and how you can be part of it.
Join Team OASIS. The world need your help.
Matthew Conway
Who Is KIM? Applying ACH to Attribution
Last year, researchers discovered a trove of attack tools and spearphishing loot on a server they believe belonged to a member ("KIM") of the North Korean threat group Kimsuky. They published a full writeup in issue #72 of Phrack and a data dump on Distributed Denial of Secrets. Then other attribution theories emerged... This talk applies the structured analytic technique Analysis of Competing Hypotheses to this complex attribution problem, where there are multiple plausible explanations.
↑ Back to scheduleCassie Crossley
The Silent Fix: How Open Source Maintainers Accidentally Create a PreCVE Attack Window
A vulnerability is patched. The fix is committed, the release ships, and the world moves on. No CVE is filed. No advisory is published. No scanner fires.
This is not a rare edge case. It is a structural feature of how open source security maintenance works in practice, and it creates one of the most underexamined asymmetries in modern vulnerability management.
This talk dissects the mechanics of the silent fix: what it is, why it happens, and what the timeline between a committed patch and a published CVE actually looks like at scale. We will trace the lifecycle of real vulnerabilities through commit history, release cadence, and coordinated disclosure timelines to show exactly how and why the gap forms. We will quantify what that gap means in practice using a simple but underused metric: downloads in the gap. When a widely deployed package ships a silent security fix, every downstream install that occurs before CVE publication is an unprotected install. For packages with hundreds of millions of monthly downloads, that number reaches into the billions.
The CVE system was designed to provide timely notification. The data shows it increasingly functions as a trailing indicator. Attackers do not wait for it. The Unit 42 finding that 80% of exploits are published before the corresponding CVE should be required reading for anyone who has built a vulnerability management program on CVE feeds.
Attendees will leave with a clearer mental model of where the structural risk actually accumulates, a new way to think about exposure quantification before public disclosure, and some uncomfortable questions about what "no CVEs found" actually means.
Eric Chiang
On SAML
SAML is by far the most dangerous cryptographic protocol commonly used by modern tech. A perfect storm of fidgety signing constructs and a complex markup language, there’s not a quarter that goes by without a critical bypass in a prominent implementation. This talk is a full teardown of SAML, from the insanity of XML digital signatures, to the consequences of parser inconsistencies and XML namespace nuances. It’s guaranteed to be a bad time.
↑ Back to scheduleSrajan Gupta
improving the security of open-source software through a repeatable workflow
OASIS is a proposed OWASP and community-driven workflow for turning automated vulnerability findings and generated patches into credible, human-validated upstream security improvements for open-source software. Rather than building another scanner or code-generation tool, OASIS creates an operating model where candidate fixes are reviewed by trusted OWASP validators, scored using reviewer credibility and evidence quality, and adopted only when they are technically sound, maintainable, and likely to be accepted by upstream project maintainers. The project uses GitHub-centered workflows, ephemeral forks, structured validation records, and outcome-based metrics such as upstream acceptance rate, reviewer accuracy, and time to decision. By combining automation with transparent human review, OASIS aims to improve real open-source security while avoiding noisy, low-quality mass PR submissions.
↑ Back to scheduleHilliary Lipsig
The Cyber Riposte: Using Fencing Strategy and Predictive AI to Outsmart the Adversary
A 30-minute masterclass on moving from reactive defense to algorithmic anticipation.
↑ Back to schedule
