← All talks
Topic

Detection Engineering talks at BSides

317 talks tagged Detection Engineering from 82 chapters of BSides events worldwide.

Related topics
BlueTechnicalTalkPurpleCase Studies and Incidents AnalysisTechnical Deep-dives
49:41
Open Source Malware Lab
Robert Simmons
BSides London · 2016
TechnicalDFIRDetection EngineeringMalware AnalysisIntermediaryBlueTechnical Deep-divesTalk
Open →2016-07
41:25
Command-Line Obfuscation: You Can Run, _and_ You Can Hide
Wietze Beukema
BSides Dublin · 2024
TechnicalDFIRDetection EngineeringTalk
Open →2024-06
51:37
Security Onion: Peeling Back the Layers of Your Network in Minutes
Doug Burks
BSides Augusta · 2013
TechnicalToolingDFIRDetection EngineeringNetwork SecurityBlueDemoTalk
Open →2013-09
30:27
David Bianco - The Secret Origins of the Pyramid of Pain
David Bianco
BSides Augusta · 2022
TechnicalDetection EngineeringThreat IntelIntermediaryBlueCase Studies and Incidents AnalysisMethodologyTalk
Open →2022-10
28:52
BSidesSF 2017 - Linux Monitoring at Scale with eBPF (Brendan Gregg & Alex Maestretti)
Brendan GreggAlex Maestretti
BSidesSF · 2017
TechnicalDetection EngineeringNetwork SecurityBlueTalk
Open →2017-03
42:44
Threat Hunting On Linux And Mac With Auditbeat System Module
Aaron Jewitt
BSides Luxembourg · 2019
TechnicalDFIRDetection EngineeringBlueTalk
Open →2019-11
55:35
Objectively Measuring Hunt Value
Justin KohlerPatrick Perry
BSides Augusta · 2018
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2018-10
1:07:55
The AI Cyber War: Inside the AI Arms Race Between Attackers and Hunters
Mike Spicer
BSides SLC · 2025
TechnicalAI SecurityDetection EngineeringKeynote
Open →2025-10
45:10
Gollum: One Anti-Phish Bot to Rule Them All
Byron Rudman
BSides Cape Town · 2019
TechnicalDetection EngineeringThreat IntelToolingBlueTalk
Open →2019-12
43:57
TL;DR: Applying AI to Security
Clint Gibler
BSidesSF · 2024
TechnicalAI SecurityDetection EngineeringThreat IntelIntroTalk
Open →2024-07
56:31
Using JA3: Asking for a Friend?
Justin WarnerEd Miles
BSides DC · 2019
TechnicalCryptographyDFIRDetection EngineeringNetwork SecurityBlueRedTalk
Open →2019-11
13:24
MITRE D3FEND
James Gibbins
BSides London · 2022
TechnicalDetection EngineeringThreat ModelingIntroBlueTalk
Open →2022-01
46:48
Detecting Malicious Websites using Machine Learning
Ajit ThyagarajanAndrew Beard
BSides DC · 2016
ResearchTechnicalDetection EngineeringNetwork SecurityTalk
Open →2016-10
46:31
Detection as Code: The Engineering-Focused Future of Detection and Response
Jackie BowJulie Agnes SparksJessica RozhinLouis Barrett
BSidesSF · 2023
TechnicalDetection EngineeringDevSecOpsThreat IntelBluePanel
Open →2023-05
24:21
Find, Fix, Finish: Generating Competitive Advantage With Threat Hunting
Brody Nisbet
BSides Canberra · 2024
TechnicalDetection EngineeringThreat IntelBlueMethodologyTalk
Open →2024-10
17:51
The Art Of Cyber Deception
Joshua Wardle
BSides London · 2025
TechnicalDetection EngineeringThreat IntelTalk
Open →2024-02
55:25
Confidently Measuring Attack Technique Coverage by Asking Better Questions
Matt Graeber
BSides Augusta
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringBlueTalk
Open →2021-10
45:17
Enterprise Security Monitoring: Comprehensive Intel-Driven Detection
David Bianco
BSides Augusta · 2013
TechnicalDetection EngineeringThreat IntelMethodologyTalk
Open →2013-09
37:51
Building an Effective Intrusion Detection Program
Jason Craig
BSidesSF · 2017
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2017-03
28:25
Understanding IRSF Fraud: Protecting Against SMS Exploitation
Vien VanSenthil Sivasubramanian
BSidesSF · 2025
TechnicalDetection EngineeringThreat IntelWeb AppSecTalk
Open →2025-10
50:58
Threat hunting: Using MITRE ATT&CK against Carbanak malware
Amol Sarwate
BSidesSF · 2022
TechnicalDetection EngineeringMalware AnalysisThreat IntelIntermediaryBlueCase Studies and Incidents AnalysisTechnical Deep-dives+1
Open →2022-07
33:40
Quick And Easy Forensic Timelines Via Sysmon, WEF, And ELK
Aaron Jewitt
BSides Munich · 2019
TechnicalDFIRDetection EngineeringBlueTalk
Open →2019-03
27:56
Honeypot Boo Boo: Better Breach Detection With Deception Inception
Justin Varner
BSides Munich
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2023-10
43:20
Eyeing the Onion
Brad ShoopChris Rimondi
BSides Augusta · 2013
TechnicalDetection EngineeringNetwork SecurityBlueDemoTalk
Open →2013-09
33:30
MITRE D3FEND and How to Master It
Saba Bagheri
BSides Sydney · 2025
TechnicalDetection EngineeringThreat IntelThreat ModelingBlueCase Studies and Incidents AnalysisMethodologyTalk
Open →2025-02
14:37
Storytelling For SOC Analysts: Effective Investigation Notetaking And Report Writing
Han O'Connor
BSides London · 2025
CareerCareer & Soft SkillsDetection EngineeringIntroTalk
Open →2025-02
26:05
CoinMiner Are Evasive - Omri Segev Moyal & Thomas Roccia
Omri Segev MoyalThomas Roccia
BSides TLV · 2018
TechnicalDetection EngineeringMalware AnalysisCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2018-07
24:40
Logs and Tactical Defence
Allan Stojanovic
BSides Toronto · 2014
TechnicalDetection EngineeringNetwork SecurityThreat IntelBlueTalk
Open →2014-12
20:25
Leveraging Osquery for DFIR at Scale
Sohini Mukherjee
BSidesSF · 2020
TechnicalDFIRDetection EngineeringIntermediaryTalk
Open →2020-03
33:30
Your Intrusion Detection Still Sucks (And What to Do About It)
Jason Craig
BSidesSF · 2025
TechnicalDetection EngineeringThreat IntelTalk
Open →2025-10
34:05
"SSH, so hot right now. Profiling it with HASSH" - Ben Reardon & Adel Karimi
Ben ReardonAdel Karimi
BSides Canberra · 2019
TechnicalDetection EngineeringNetwork SecurityThreat IntelTalk
Open →2019-05
51:22
The No BS SOC Story
Mark Simos
BSides Tampa · 2024
CareerDetection EngineeringBlueTalk
Open →2024-05
29:14
Alex Kirk - Incident response and threat hunting using Bro/Zeek data
Alex Kirk
BSides Augusta · 2019
TechnicalDFIRDetection EngineeringThreat IntelTalk
Open →2019-10
25:10
Finetuning Large Language Models (LLMs) for Security Log Detections
Wilson Tang
BSidesSF · 2024
TechnicalAI SecurityDetection EngineeringThreat IntelTalk
Open →2024-07
27:48
Team Threat Hunting with AI and Automation
Kenneth Peeples
BSides Charleston · 2024
TechnicalAI SecurityContainer SecurityDetection EngineeringThreat IntelTalk
Open →2024-11
31:52
A Case Study of MacOS Supply Chain Compromise
Jason CraigMichael George
BSidesSF · 2018
TechnicalDetection EngineeringMalware AnalysisSupply Chain SecurityBlueCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2018-04
41:49
Prioritising your security work using MITRE ATT&CK
Floris Ladan
BSides Tallinn · 2022
TechnicalDetection EngineeringThreat IntelThreat ModelingIntermediaryBlueTalk
Open →2022-10
45:48
One Technique, Two Techniques, Red Technique, Blue Technique: Operationalizing MITRE ATT&CK
Jamie WilliamsDaniel Weiss
BSides DC 2018
TechnicalDetection EngineeringThreat IntelThreat ModelingTalk
Open →2018-11
45:41
Surfacing a Hydra: Unveiling a Multi-Headed Chinese State-Sponsored Campaign Against a Foreign Government
Mark Parsons
BSides Charleston · 2024
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueCase Studies and Incidents AnalysisTalk
Open →2024-11
49:48
AV Evasion - How Adversaries Aim to Bypass Antivirus Tools
Marvin Ngoma
BSides Joburg · 2024
TechnicalDetection EngineeringMalware AnalysisDemoTalk
Open →2024-08
50:00
Hunting PowerShell Attacks on The Open Internet
Paul Melson
BSides Augusta · 2019
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2019-10
37:47
Don't Google 'PowerShell Hunting'
Josh RykowskiSean Eyre
BSides Augusta · 2017
TechnicalDFIRDetection EngineeringMalware AnalysisTalk
Open →2017-09
53:12
AI and Machine Learning in Network Security - Igor Mezic
Igor Mezic
BSides KC · 2022
ResearchTechnicalAI SecurityDetection EngineeringNetwork SecurityTalk
Open →2022-10
1:02:52
eBPF For Security Monitoring
James Ogden
BSides Leeds · 2019
TechnicalDetection EngineeringMalware AnalysisNetwork SecurityDemoTalk
Open →2019-01
44:08
From Soup To Nuts: Building A Detection-as-Code Pipeline - David French
David French
BSides Dublin · 2024
TechnicalDetection EngineeringIntermediaryBlueTalk
Open →2024-06
33:15
Keynote: Winning the AI Race: Verifiability is All You Need
Sergej Epp
BSides Frankfurt · 2025
TechnicalAI SecurityDetection EngineeringThreat ModelingTechnical Deep-divesKeynote
Open →2025-12
22:49
Scaling Amazon GuardDuty: A Comprehensive Detection Strategy
Avinash Reddy ThummaAmin
BSides Ahmedabad · 2025
TechnicalCloud IAMDetection EngineeringThreat IntelTalk
Open →2025-05
50:02
Hunting Supply Chain Threats Using Anomaly Detection
Craig Chamberlain
BSidesSF · 2023
TechnicalCloud IAMDetection EngineeringSupply Chain SecurityCase Studies and Incidents AnalysisMethodologyTalk
Open →2023-05
1:05:35
A Deep Look into a Chinese Advanced Attack
Michael Gough
BSides DC · 2015
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2015-12
37:15
How to Train Your Detection Dragon
Geet Pradhan
BSidesSF · 2025
TechnicalDetection EngineeringBlueTalk
Open →2025-10
36:45
Testing Security Solutions with Atomic Red Team
Michael Haag
BSides Knoxville · 2018
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2019-04
24:38
Automating Event Log Production & Testing for SIEM Detection
Alek Rollyson
BSides Augusta · 2017
TechnicalDetection EngineeringToolingBlueTalk
Open →2017-09
28:33
Hack the system: exploring libpam with uprobes and eBPF
Peter McConnell
BSides Belfast · 2025
TechnicalDetection EngineeringReverse EngineeringAdvancedDemoTalk
Open →2025-02
55:33
Using MITRE D3FEND to Defend Against Cyber Threats
Jacek GrymuzaKacper Zariczny
BSides Warsaw · 2024
TechnicalDetection EngineeringNetwork SecurityThreat ModelingBlueTalk
Open →2024-07
46:01
Drop It Like It's Qbot: Detecting Initial Execution Earlier with OSINT
Stef Rand
BSides Augusta · 2023
TechnicalDetection EngineeringMalware AnalysisOSINTThreat IntelBlueTalk
Open →2023-10
32:39
Unpacking Impacket: Detect remote execution of offensive tools
Tyler Bohlmann
BSides SLC · 2022
TechnicalActive DirectoryDFIRDetection EngineeringBlueTalk
Open →2023-01
45:17
PowerShell Is Dead – Epic Learnings
Ben TurnerDoug McLeod
BSides Scotland · 2019
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringAdvancedRedTalk
Open →2019-06
39:24
5 Gaps Exposed In 30+ Real-World Tabletop Exercises - Ashu Savani
Ashu Savani
BSides London · 2025
ResearchTechnicalDetection EngineeringCase Studies and Incidents AnalysisEmpirical ResearchTalk
Open →2026-03
49:46
Project DiSIEM
Ana RespícioFernando AlvesAlysson BessaniPedro Ferreira
BSides Lisbon · 2018
TechnicalDetection EngineeringOSINTThreat IntelTalk
Open →2018-12
37:55
Simple Data Exfiltration in a Secure Industry Environment
Phil Cronin
BSides Boston · 2016
TechnicalWar StoriesDetection EngineeringNetwork SecurityThreat IntelRedTalk
Open →2016-08
42:42
Open Source Intelligence Based Intrusion Detection System
Ivo Vacas
BSides Lisbon · 2018
TechnicalDetection EngineeringOSINTThreat IntelBlueTalk
Open →2018-12
32:15
Security Lessons Learnt From The Cloud Frontline - Ben Fletcher
Ben Fletcher
BSides Belfast · 2024
TechnicalCloud IAMDetection EngineeringThreat IntelCase Studies and Incidents AnalysisTalk
Open →2024-03
49:21
PW - Detecting Credential Abuse
Troy DeftyKathy Zhu
BSides Las Vegas
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2024-09
55:44
Fernando Tomlinson - Gaining 20/20 vision during an incident with PowerShell
Fernando Tomlinson
BSides Augusta · 2019
TechnicalDFIRDetection EngineeringMalware AnalysisBlueTalk
Open →2019-10
19:06
Tired of Playing Exploit Kit Whack-A-Mole? Let's automate
Anjum Ahuja
BSidesSF · 2017
TechnicalDetection EngineeringMalware AnalysisVulnerability ResearchTechnical Deep-divesTalk
Open →2017-03
35:12
Using BloodHound as a Defender: Tips from the Red Team
Andrew McNicol
BSides Charm · 2024
TechnicalActive DirectoryDetection EngineeringThreat ModelingBlueTalk
Open →2024-06
41:27
Fundamentals That Time Forgot
Troy Jessup
BSides SLC · 2015
TechnicalDetection EngineeringNetwork SecurityIntroTalk
Open →2015-04
43:16
Testing Endpoint Security Solutions with Atomic Red Team
BSides Asheville · 2018
TechnicalDetection EngineeringThreat ModelingIntermediaryDemo
Open →2019-03
40:28
Slipping The Net: Qakbot, Emotet And Defense Evasion
Cian Heasley
BSides Cambridge · 2024
TechnicalDetection EngineeringMalware AnalysisSocial EngineeringBlueTalk
Open →2024-01
47:22
Secrets of the Second Factor: Threat Hunting with Multi-Factor Authentication
Susan Paskey
BSides Las Vegas · 2022
TechnicalDetection EngineeringThreat IntelIntermediaryBlueCase Studies and Incidents AnalysisTalk
Open →2022-09
43:57
MS SQL Super Quality Logs
BSides Perth · 2023
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2023-08
22:43
The Math Behind Threat Hunting: Find Attacks Hidden in Your Logs
Ekpe Edidiong
BSides SLC · 2026
TechnicalDetection EngineeringThreat IntelIntermediaryBlueTalk
Open →2026-04
45:01
How to Fight DDoS Attacks from the Command Line
Michael McMahon
Bsides CT · 2025
TechnicalDetection EngineeringNetwork SecurityBlueDemoTalk
Open →2026-01
22:10
Code C.A.I.N – Keeping Your Source Code Under Control
Rotem Reiss
BSides TLV · 2022
TechnicalDetection EngineeringOSINTSupply Chain SecurityTalk
Open →2022-07
48:43
Applying Data Science to Identify Malicious Actors in Enterprise Logs
Balaji Balakrishnan
BSides DC · 2016
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2016-10
29:35
How I Learned to Stop Worrying and Build a Modern Detection & Response Program
Allyn Stott
BSides Toronto · 2023
TechnicalDetection EngineeringThreat ModelingBlueMethodologyTalk
Open →2023-11
51:35
Spotting The Adversary Using The ATT&CK Matrix: A Practical Approach
Pete O
BSides Bristol · 2019
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2019-07
50:06
Threat Hunting: Out of the Gate with Windows Logs
Greg LongoBrian Gardiner
BSides Peru · 2019
TechnicalDetection EngineeringMalware AnalysisThreat IntelIntroBlueTechnical Deep-divesTalk
Open →2019-07
52:34
No Silver Bullet: Multi-Contextual Threat Detection via Machine Learning
Rod SotoJoseph Zadeh
BSides Las Vegas · 2016
ResearchTechnicalDetection EngineeringMalware AnalysisTalk
Open →2016-08
20:02
Falco: runtime security analysis through syscalls
Leonardo Di Donato
BSides Athens · 2020
TechnicalContainer SecurityDetection EngineeringIntermediaryBlueTalk
Open →2020-06
46:21
Detection At Scale by Troy Defty
Troy Defty
BSides London · 2023
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2023-05
29:07
SOC Analyst's Arsenal: Essential Tools, Tips & Tricks For Effective Investigations
Samuel Kavaler
BSides Munich
TechnicalDFIRDetection EngineeringToolingIntermediaryBlueTalk
Open →2023-10
50:01
Grapl — A Graph Platform for Detection and Response
Colin O'Brien
BSides Las Vegas · 2019
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2019-10
23:16
Training the Next Generation of Security Engineers
David Seidman
BSides Las Vegas · 2019
CareerCareer & Soft SkillsDetection EngineeringTalk
Open →2019-10
24:38
Cloudy With a Chance of Purple Rain: Leveraging Stratus Red Team to Secure Your Clouds
Luciano Avendano
BSides PDX · 2022
TechnicalCloud IAMDetection EngineeringThreat ModelingPurpleDemoTalk
Open →2022-10
20:27
Georgios Karantzas - It's Duck Season: Forensic Detection of BadUsb Attacks
Georgios Karantzas
BSides TLV · 2023
TechnicalDFIRDetection EngineeringHardware HackingTalk
Open →2023-07
29:35
From Hours To Minutes: Automating Incident Response Triage With Open-Source Tools
Markus Einarsson
BSides Munich · 2025
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2026-02
30:42
Follow the Trace: How Traditional AppSec Tools Have Failed Us
Kennedy Toomey
BSidesSF · 2025
TechnicalDetection EngineeringWeb AppSecTalk
Open →2025-10
47:20
GCP BigQuery as Security Detection Platform
Diana KramerNorberto García Marín
BSides Las Vegas · 2021
TechnicalCloud IAMDetection EngineeringTalk
Open →2021-08
45:53
Data Analytics-Based Detection At Scale
Pedro ChavesJan Pospisil
BSides Lisbon · 2018
TechnicalDetection EngineeringMalware AnalysisBlueTalk
Open →2018-12
31:41
'Like at do ye'? Perfecting Threat Detection for Next-Gen SOC's! - Aaron Wilkinson
Aaron Wilkinson
BSides Belfast 2025
TechnicalDetection EngineeringIntermediaryBlueTalk
Open →2025-12
49:59
Tinker Tailor LLM Spy: Investigate & Respond to Attacks on GenAI Chatbots
Allyn Stott
BSides Charm · 2025
TechnicalAI SecurityDetection EngineeringBlueCase Studies and Incidents AnalysisMethodologyTalk
Open →2025-05
49:31
Endpoint to Internet: Security Control Validation Using Threat Behavior Emulation
Ken JenkinsStuart McMurray
BSides DC · 2018
TechnicalDetection EngineeringThreat IntelBlueRedTalk
Open →2018-11
23:14
Tactics, Techniques and Procedures - Building and Running a Blue Team from Scratch
Abhishek Tripathi
BSides SATX · 2018
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2018-10
37:36
Ransomware Emulation Done Right
Shreyas RamiShaun Jones
BSides Las Vegas · 2022
TechnicalDetection EngineeringMalware AnalysisThreat IntelPurpleCase Studies and Incidents AnalysisTalk
Open →2022-09
52:07
Revoke-Obfuscation: PowerShell Obfuscation Detection (And Evasion) Using Science
Daniel Bohannon
BSides DC · 2017
TechnicalDetection EngineeringMalware AnalysisBlueTalk
Open →2017-10
54:47
GPT-3 and Me: Large Language Models for Defensive Cybersecurity
Joshua SaxeYounghoo Lee
BSides Las Vegas · 2022
ResearchTechnicalAI SecurityDetection EngineeringTalk
Open →2022-09
23:58
Complexities Of Vulnerability Management: Strategies For Managing Security Holes by Pablo Ramos
Pablo Ramos
BSides Dublin · 2023
TechnicalDetection EngineeringVulnerability ResearchTalk
Open →2023-07
26:46
Collect All the Data; Protect All the Things
Aaron Rosenmund
BSidesSF · 2019
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2019-03
40:37
How EDRs See Everything (Until They Don't)
Jacob Kalat
Bsides CT · 2025
TechnicalDetection EngineeringReverse EngineeringTechnical Deep-divesTalk
Open →2025-12
43:11
Ransomware vs EDR: Inside the Mind of Attackers
Zoziel Pinto Freire
BSides São Paulo · 2025
TechnicalDetection EngineeringMalware AnalysisAdvancedRedTalk
Open →2025-06
53:42
PlagueScanner: An Open Source Multiple AV Scanner Framework
Robert Simmons
BSides SLC · 2015
TechnicalToolingDetection EngineeringMalware AnalysisBlueDemoTalk
Open →2015-04
26:43
EDR Killers: Live Rootkit Demo That Blinds Security Tools
Scott Fuhriman
BSides SLC 2026
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringAdvancedRedDemo
Open →2026-04
19:45
Bots of the SOC
Michael Kearney
BSides Cheltenham
TechnicalAI SecurityDetection EngineeringBlueDemoTalk
Open →2024-07
26:57
Threat Modelling for Detection and Response
Misha Yalavarthy
BSides Berlin · 2021
TechnicalDetection EngineeringThreat ModelingBlueTalk
Open →2021-09
45:20
SocVel Live: Command The Breach
Jaco Swanepoel
BSides Joburg
TechnicalDFIRDetection EngineeringThreat IntelBlueWorkshop
Open →2025-09
46:04
The Role of AI & ML in Predicting Threat Intelligence
Gunjan ChhillarKartik ShindeVandana VermaSetu Parimi
BSides Ahmedabad · 2025
TechnicalAI SecurityDetection EngineeringThreat IntelPanel
Open →2024-05
23:18
Building a Practical AI Assistant for Security Operations
Vincent Ruijter
BSides Lisbon · 2025
TechnicalAI SecurityDetection EngineeringIntermediaryTalk
Open →2026-01
30:09
Keeping Electric Vehicles Secure: The Need For A CAN Security Framework
Sivaranjani Sankaralingam
BSides Munich · 2022
TechnicalDetection EngineeringHardware HackingThreat ModelingBlueCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2022-05
46:39
Kyle Howson: How to build a Security Operations program
Kyle Howson
BSides Calgary · 2020
TechnicalDetection EngineeringThreat IntelThreat ModelingBlueTalk
Open →2020-12
34:01
Detect the Undetectable with Sysmon and PowerShell Logs
Dimitrios Margaritis
BSides Athens · 2017
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2017-10
48:51
PowerShell pew pew pew: Skillz 4 blue team
Ashley McGlone
BSides Columbus · 2020
TechnicalDetection EngineeringBlueTalk
Open →2020-08
18:40
Everyday AI: Leveraging LLMs for Simple, Effective Security Automation
Matthew SullivanDominic Zanardi
BSidesSF · 2025
TechnicalAI SecurityCloud IAMDetection EngineeringTalk
Open →2025-10
25:05
Obfuscation in Plain Sight
Ed SabijonJon Chaipis
BSides Charlotte · 2023
TechnicalDetection EngineeringMalware AnalysisPurpleTalk
Open →2023-09
58:04
Continuous Security: Monitoring & Active Defense in the Cloud
Eric Johnson
BSides Iowa · 2018
TechnicalCloud IAMDetection EngineeringThreat IntelBluePurpleCase Studies and Incidents AnalysisTalk
Open →2018-04
32:49
In Search of a Silver Bullet: Malware Detection Strategies Past and Future
Dmitry Samosseiko
BSides Vancouver · 2017
TechnicalDetection EngineeringMalware AnalysisBlueTalk
Open →2017-05
25:54
Cyber Deception in GCP with Generative Traps
Matt Maisel
BSides Charm · 2025
TechnicalCloud IAMDetection EngineeringTalk
Open →2025-05
15:45
Using LLMs To Accelerate Threat Detection - Richard Finlay Tweed
Richard Finlay Tweed
BSides Bristol · 2025
TechnicalAI SecurityDetection EngineeringTalk
Open →2025-01
41:33
Use What You Have
Corey Bussard
BSides Peru · 2023
TechnicalActive DirectoryDetection EngineeringNetwork SecurityBlueTalk
Open →2023-08
27:36
How Microsoft Made Me Love SIEMs Again
Chris Maenner
BSides Philly · 2020
TechnicalCloud IAMDetection EngineeringTalk
Open →2020-12
21:36
Look Ma, No Hands! Decentralizing Security for Scale
Chris Dorros
BSidesSF · 2017
CommunityTechnicalDetection EngineeringDevSecOpsTalk
Open →2017-03
47:34
Securing and Pentesting Kubernetes
Kat Fitzgerald
BSides Peru · 2022
TechnicalContainer SecurityDetection EngineeringTechnical Deep-divesTalk
Open →2022-09
29:31
Blank Space: Filling the Gaps in Atomic and Behavioral Cloud-Specific IoCs
Merav BarGili Tikochinski
BSidesSF · 2025
TechnicalCloud IAMDetection EngineeringThreat IntelIntermediaryCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2025-10
31:19
Modern Adversary Tradecraft
Sajal Thomas
BSides Munich · 2021
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2021-06
53:34
Marriage of Threat Intelligence and Incident Response
Jamie Murdock
BSides Peru · 2018
TechnicalDetection EngineeringOSINTThreat IntelIntermediaryTalk
Open →2018-06
3:20:23
Live BSides Amsterdam 2025 - Tech Track
BSides Amsterdam · 2025
TechnicalDetection EngineeringMalware AnalysisTalk
Open →2025-11
50:38
BSides Colombia 2025 Training Programs
Levi ResaCibel Oliveira
BSides Colombia · 2025
TechnicalDetection EngineeringOSINTThreat IntelPurple
Open →2025-05
25:04
Automating False Positive Whack-a-Mole with Real-Time Behavioral Analytics
Salma Taoufiq
BSides Budabest · 2022
TechnicalDetection EngineeringCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2023-06
25:46
Live Interrogation With Osquery
Josh Brower
BSides Augusta · 2018
TechnicalDFIRDetection EngineeringThreat IntelBlueDemoTalk
Open →2018-10
1:04:28
Hashbrowns & BAGELS
Mike SchladtChris BoettcherAndrew Plunkett
BSides Cincinnati · 2017
TechnicalToolingDetection EngineeringMalware AnalysisThreat IntelTalk
Open →2017-05
27:26
Deception Technology... A Maturing Threat Intelligence Solution That Adds Real Value - TrapX
Shaun Lord
BSides Liverpool · 2019
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2019-07
50:08
Integrating Large Language Models into Your Security Stack
Shane Hartman
BSides Tampa · 2026
TechnicalAI SecurityDetection EngineeringThreat IntelBlueTalk
Open →2026-02
27:28
BSidesSF 2019 - Profiling "VIP Accounts" Access Patterns in User-Centric Data Streams
Rod SotoJoseph ZadehXiodan Li
BSidesSF · 2019
TechnicalActive DirectoryDetection EngineeringKerberosThreat IntelTalk
Open →2019-03
54:25
Phish Your Users for Free! (As In Beer!)
Julie FugettShane Fonyi
BSides KC · 2018
CommunityDetection EngineeringSocial EngineeringBlueTalk
Open →2018-06
26:59
Adversary Emulation for Everyone!
Cristian Di BartolomeoTodd Brecher
BSides Toronto · 2023
TechnicalDetection EngineeringThreat IntelThreat ModelingIntroPurpleDemoTalk
Open →2023-11
49:37
Lean Threat Intelligence
Lennart Koopmann
BSides San Diego · 2017
TechnicalDetection EngineeringThreat IntelTalk
Open →2017-01
20:33
Purple Team: How This Color Can Help You And Your Organisation Learn and Get Better
Patrick Mathieu
BSides Las Vegas · 2017
TechnicalDetection EngineeringThreat ModelingPurpleTalk
Open →2017-09
31:04
Host-Hunting on a Budget
Leo Bastidas
BSides Augusta · 2019
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2019-10
22:11
Screaming About Detection Coverage in ALLCAPS
Evan Perotti
BSides Philly · 2025
TechnicalDetection EngineeringThreat ModelingPurpleEmpirical ResearchMethodologyTalk
Open →2026-02
37:57
Evasive Maneuvers: Strategies To Overcome Runtime Detection Tools - Amit Schendel and Nir Levy
Amit SchendelNir Levy
BSides Prague · 2025
TechnicalContainer SecurityDetection EngineeringVulnerability ResearchAdvancedRedTalk
Open →2025-04
40:37
One SOC, The Whole SOC, and Nothing But The SOC, So Help Me
Carson Zimmerman
BSidesSF · 2025
TechnicalDetection EngineeringBlueTalk
Open →2025-10
51:16
Shelfware, Threat Intel & Social Engineering: Why Tech Is Not the Answer
Javvad Malik
BSides Tallinn · 2022
Detection EngineeringSocial EngineeringThreat IntelTalk
Open →2022-10
41:46
Vulnerability Regression Testing with Nuclei Framework
Domagoj Vratarić
BSides Zagreb
TechnicalDetection EngineeringDevSecOpsVulnerability ResearchCase Studies and Incidents AnalysisTalk
Open →2025-03
1:20:35
What is eBPF and Why Should You Care!
Kev Sheldrake
BSides Athens · 2022
TechnicalDetection EngineeringReverse EngineeringToolingAdvancedBlueRedTalk
Open →2023-06
54:41
Delivering Control Assurance Through Purple Teaming
Carlos RodriguezBen Finke
BSides Charlotte · 2022
TechnicalDetection EngineeringThreat ModelingPurpleTalk
Open →2022-09
1:03:24
AI Cyberoperations: Boosting SOC Efficiency with Artificial Intelligence
Gustavo Gómez
BSides Colombia
TechnicalAI SecurityDetection EngineeringBlueTalk
Open →2025-03
39:41
Catch Me if You Can
Michael Bryant
BSides Asheville · 2016
TechnicalActive DirectoryDetection EngineeringThreat IntelRedTalk
Open →2018-06
1:00:24
Model Context Protocol (MCP): The Future of AI-Powered SOC Workflows
James Pope
BSides SLC · 2026
TechnicalAI SecurityDetection EngineeringThreat IntelBlueTalk
Open →2026-04
41:44
What if we could teach machines to think like hackers?
Alexandru-Bogdan Miron
BSides Budabest 2025
TechnicalAI SecurityDetection EngineeringMalware AnalysisTalk
Open →2026-04
39:18
Big SIEM Energy at Micro-SIEM Cost
Kenneth Kaye
BSides Las Vegas
TechnicalCloud IAMDetection EngineeringDemoTalk
Open →2023-10
24:24
Robust Defense for the Rest of Us
Russell Mosley
BSides Las Vegas · 2017
TechnicalDetection EngineeringNetwork SecurityThreat ModelingBlueTalk
Open →2017-08
30:24
Detecting Network Beaconing With Convolutional Networks And Zeek Logs by Ignacio Arnaldo
Ignacio Arnaldo
BSides Basingstoke
TechnicalDetection EngineeringNetwork SecurityThreat IntelTalk
Open →2024-03
37:50
Are your Network Devices Good or Evil?
Hans Ismirnioglou
BSides DC · 2019
TechnicalDetection EngineeringNetwork SecurityThreat IntelDemoTalk
Open →2019-10
34:50
AMSI: O cão de guarda que late mas não morde?
Mario Lobo Romero
BSides São Paulo · 2025
TechnicalDetection EngineeringMalware AnalysisTechnical Deep-divesTalk
Open →2025-06
16:40
SaaSquatch Hunters: Threat Detection In The Wild Of SaaS
Julie Agnes Sparks
BSides Dublin · 2026
TechnicalCloud IAMDetection EngineeringThreat IntelCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2025-10
25:52
Easy Mode Deception Technology Deployments at Scale
Sasha Levy
BSides PDX · 2023
TechnicalDetection EngineeringThreat ModelingBlueTalk
Open →2023-10
30:55
Log In Through the Front Door: Automating Defense Against Credential Leaks
Barath Subramaniam
BSidesSF · 2025
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2025-10
22:15
Detection Mastery: War Stories From The Hunters Side
Ilya KolmanovichFelix Kurmisch
BSides Toronto · 2020
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2021-11
36:33
Honeypot Boo Boo: Better Breach Detection with Deception Inception
Justin Varner
BSides Peru · 2022
TechnicalDetection EngineeringThreat IntelTalk
Open →2022-09
29:44
Mackenize Morris - Building a securable architecture for interconnected ICS environments
Mackenize Morris
BSides Augusta · 2019
TechnicalDetection EngineeringNetwork SecurityTalk
Open →2019-10
30:23
Trawling for IOCs: Catching C2 in a Sea of Data
Moses Schwartz
BSidesSF · 2025
TechnicalDetection EngineeringMalware AnalysisThreat IntelIntermediaryTalk
Open →2025-10
30:49
Stacked and Hacked: Crafting the Ultimate COTS Incident Response Arsenal
Art Ocain
BSides Philly · 2023
TechnicalDFIRDetection EngineeringBlueTalk
Open →2024-01
48:17
Did You Say Millions Of Sessions? How Cheap Kits Fuel AiTM Attacks On Microsoft 365
Joshua Rawles
BSides London · 2025
ResearchTechnicalDetection EngineeringThreat IntelWeb AppSecCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2026-03
37:55
Purple Teaming 301 – Free Attack Simulation and Control Validation via Atomic Red Team
Jason Wright
BSides Charm · 2024
TechnicalDetection EngineeringThreat ModelingPurpleTalk
Open →2024-06
41:57
Lying to your fACE: Deploying an ADCS honeypot the easy way
Zdravko PetričušićJosip Pavičić
BSides Zagreb · 2026
TechnicalActive DirectoryDetection EngineeringThreat IntelBlueTechnical Deep-divesTalk
Open →2026-03
38:29
Fantastic Persistence: Creative backdoors & where you will NOT find them
Yossi Sassi
BSides Budabest 2025
TechnicalActive DirectoryDFIRDetection EngineeringDemoTalk
Open →2026-03
19:04
Can LLMs Take Our Jobs? AI-Assisted Detection Research
Maam KhanDarsh SmithUday MayapanRC Oric
BSides PDX · 2024
ResearchTechnicalAI SecurityDetection EngineeringThreat IntelBlueEmpirical ResearchTechnical Deep-dives+1
Open →2024-11
29:07
BSides Denver 2024
BSides Denver 2024
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2024-09
2:10:27
AJ Leece: Workshop: Incident Response Tabletop
AJ Leece
BSides Calgary · 2021
TechnicalDFIRDetection EngineeringBlueWorkshop
Open →2021-12
31:44
Something's Phishy: See the Hook Before the Bait
Malachi Walker
BSidesSF · 2025
TechnicalDetection EngineeringThreat IntelThreat ModelingBlueTechnical Deep-divesTalk
Open →2025-06
31:30
Practical Blue Teaming by Peter Jones
Peter Jones
BSides Leeds
TechnicalDetection EngineeringGRCThreat IntelBlueTalk
Open →2023-07
52:58
CloudSec Rules Everything Around Me (C.R.E.A.M.)
Kyle Dickinson
BSides Las Vegas · 2019
TechnicalCloud IAMDFIRDetection EngineeringIntroTalk
Open →2019-10
32:42
Navigating the Unknowns: Fraud Mitigation for Netflix Live Events
Aditi GuptaYue Wang
BSidesSF · 2025
TechnicalDetection EngineeringThreat IntelThreat ModelingIntermediaryCase Studies and Incidents AnalysisTalk
Open →2025-10
30:08
Before the Breach: The Security Essentials
Peter Ukanov
BSides Charlotte · 2025
TechnicalDFIRDetection EngineeringIntermediaryBlueCase Studies and Incidents AnalysisTalk
Open →2025-05
24:25
Enhancing Incident Response with AI: Leveraging ML for OT/IoT/IIoT Attack Detection and Prevention
Prof. Atdhe Buja
BSides Philly · 2025
ResearchTechnicalAI SecurityDetection EngineeringIoTMalware AnalysisEmpirical ResearchTechnical Deep-dives+1
Open →2026-02
33:09
Fe-fi-fo-FIM, I Smell The Monitoring Of An Elastic Stack!
Brett Calderbank
BSides Manchester · 2019
TechnicalDetection EngineeringGRCTalk
Open →2019-09
33:54
EDR Evasion 101 in a Professional Hacker Red Team
André Lima
BSides Kristiansand 2026
TechnicalDetection EngineeringReverse EngineeringAdvancedRedTalk
Open →2026-02
28:26
Chasing Whispers: A Pragmatic Review of Adversary Emulation Processes
Kyle Smith
BSides Charleston · 2024
TechnicalDetection EngineeringThreat IntelThreat ModelingPurpleTalk
Open →2024-11
32:54
Cognitive Defenders: How AI Transforms Cyber Security
Rosalind Grindrod
BSides Bristol · 2025
TechnicalAI SecurityDetection EngineeringThreat IntelBlueTalk
Open →2024-01
2:56:32
BSides Knoxville 2018 (Third Track, Pres Pub)
Michael Hague
BSides Knoxville · 2018
TechnicalDetection EngineeringThreat ModelingTalk
Open →2018-05
37:49
Building a SOC
Benjamin SpencerJake Knowlton
BSides KC · 2023
TechnicalDetection EngineeringTalk
Open →2023-10
37:32
Keeping on Top of Security Advisories
Michael FinchamFilip Vujičić
BSides Wellington · 2017
TechnicalDetection EngineeringDevSecOpsThreat IntelTalk
Open →2018-02
15:57
Grappling for Evil in the Cloud
Andi Ahmeti
BSides Prishtina · 2024
TechnicalCloud IAMDetection EngineeringThreat IntelBlueDemo
Open →2024-09
39:10
The Fault in Our Metrics: Rethinking How We Measure Detection & Response
Allyn Scott
BSides SATX · 2024
TechnicalDetection EngineeringThreat IntelTalk
Open →2024-06
32:20
Secure(r) Cloud Development
Christo GoosenToufeeq Ockards
BSides Cape Town · 2017
TechnicalCloud IAMDetection EngineeringDevSecOpsTalk
Open →2017-12
26:00
The Allure of Go's Cross-Platform Capability: A Gateway for Threats
Anmol Maurya
BSides NYC · 2025
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringIntermediaryCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2025-12
41:51
Keeping up with the Jones's and other APT threats
Kenneth Inkster
BSides Calgary
TechnicalDFIRDetection EngineeringMalware AnalysisThreat IntelBlueTalk
Open →2020-12
56:04
Jason Keirstead - A Gentle Introduction to MITRE ATT&CK
Jason Keirstead
BSides Fredericton · 2018
CommunityTechnicalDetection EngineeringThreat IntelIntroBlueTalk
Open →2018-12
21:24
Insider Threat Kill Chain: Human Indicators of Compromise
Ken Westin
BSides Las Vegas · 2014
TechnicalDetection EngineeringThreat IntelBlueCase Studies and Incidents AnalysisTalk
Open →2016-12
19:48
Deep Learning for Predictive Alerting and Cyber-Attack Mitigation
Arbnor Imeri
BSides Prishtina · 2024
ResearchTechnicalAI SecurityDetection EngineeringThreat IntelEmpirical ResearchTechnical Deep-divesTalk
Open →2024-09
40:35
Incident Response in containerized and ephemeral environments
David MitchellAdrian Wood
BSides Charleston · 2022
TechnicalContainer SecurityDFIRDetection EngineeringBlueTalk
Open →2023-01
48:59
Doug Leece: Detection Engineering
Doug Leece
BSides Calgary · 2021
TechnicalDetection EngineeringPurpleTalk
Open →2021-12
24:44
Cloud IR: A Rapid Guide For AWS, Azure & GCP
Erblind Morina
BSides Munich · 2025
TechnicalCloud IAMDFIRDetection EngineeringBlueTalk
Open →2026-02
19:01
Building a Security Audit Logging System on a Shoestring Budget
George Wang
BSides Las Vegas
TechnicalDetection EngineeringDevSecOpsTalk
Open →2024-09
20:58
SOAR In Cyber Security - Arjola Hoxha
Arjola Hoxha
BSides Tirana
TechnicalDetection EngineeringThreat IntelTalk
Open →2023-11
28:25
Detecting Threats at Hyperscale: My Journey and Lessons from Google's Front Lines
Domagoj Klasic
BSides Dublin · 2026
TechnicalDetection EngineeringThreat IntelTalk
Open →2025-10
43:50
Considering Cloud Coverage in SIEM/XDR Design
Chris Beckman
BSides SLC · 2025
TechnicalCloud IAMDetection EngineeringThreat ModelingBlueTalk
Open →2025-06
31:06
Escapades in DFIR, An Incident Responder's Reflections
Mark Nakamura
BSides RDU · 2022
CareerWar StoriesDFIRDetection EngineeringThreat IntelBluePurpleTalk
Open →2023-03
51:54
Wes Lambert - Augmenting the (Security) Onion: Facilitating Enhanced Detection and Response
Wes Lambert
BSides Augusta
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2019-10
34:36
Intrusion Response And Detection By Knowing What You Don't Know
Jon EspenschiedChris Compton
BSides Belfast · 2016
TechnicalDetection EngineeringThreat IntelThreat ModelingTalk
Open →2017-09
28:55
Beyond Manual: Enhancing And Scaling Security With Automation
Christian Bauer
BSides Munich · 2024
TechnicalDetection EngineeringDevSecOpsVulnerability ResearchBlueTalk
Open →2024-11
1:00:02
Hunting Threats like a Cybersecurity Ninjas
Roberto Martínez
BSides Colombia
TechnicalDetection EngineeringThreat IntelThreat ModelingBlueTalk
Open →2025-04
19:31
Sifting Through The Noise, Advanced Threat Analysis
David Sher
BSides Tirana
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2024-10
25:09
The Insider Threat: Detecting Data Exfiltration via EDR
Oded Awaskar
BSides Budabest · 2022
TechnicalDFIRDetection EngineeringThreat IntelBlueCase Studies and Incidents AnalysisTalk
Open →2023-06
25:02
Baited Canaries: Monitoring Attackers With Active Beacons
Gregory Caswell
BSides Las Vegas · 2019
TechnicalDetection EngineeringThreat IntelBlueCase Studies and Incidents AnalysisTalk
Open →2019-10
25:18
From Context-Switching Hell to AI-Powered Ops
Will Urbanski
BSides PDX 2025
TechnicalAI SecurityDetection EngineeringToolingTalk
Open →2025-12
46:03
Defending Beyond Defense
Dr. Catherine J. Ullman
BSides 312 · 2025
CareerTechnicalDetection EngineeringMalware AnalysisThreat IntelTalk
Open →2025-11
18:54
I Thought I Saw a HAXOR
Thomas V. Fischer
BSides Amsterdam · 2017
TechnicalDFIRDetection EngineeringThreat IntelBlueTalk
Open →2017-09
54:31
Network Situational Awareness with Flow Data
Jason Smith
BSides Augusta · 2016
TechnicalDetection EngineeringNetwork SecurityTalk
Open →2016-09
20:36
Essential Logs Pyramid SIEM
Eric Goldstrom
BSides PDX · 2023
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2023-10
44:13
Closing the Gap vs Adversaries With Community Resources
Ian Davila
BSides NYC · 2023
TechnicalDetection EngineeringThreat IntelThreat ModelingBlueDemoTalk
Open →2023-06
50:47
RAG Against the Machine: Using Retrieval-Augmented Generation & MCP to Fortify Cybersecurity Defense
Brennan Lodge
BSides Las Vegas · 2025
TechnicalAI SecurityDetection EngineeringGRCTalk
Open →2025-12
35:35
Lessons Learned from Security Operations
Ryan Baisley
BSides Greenville · 2021
CareerDetection EngineeringTalk
Open →2021-10
51:04
The Hole in Your SOC: How a compromise of your SIEM could be a disaster for your organization
Michael Music
BSides Tampa · 2021
TechnicalActive DirectoryCloud IAMDetection EngineeringKerberosThreat IntelTalk
Open →2021-04
24:18
Unwitting Hosts: How Residential Proxies Increase Risk
Darin SmithBlake
BSides PDX 2025
TechnicalDetection EngineeringNetwork SecurityThreat IntelBlueEmpirical ResearchTechnical Deep-divesTalk
Open →2025-12
21:39
Show Me The Honey: Creating Elasticsearch Honeypots Powered By LLMs
Claire Dickson
BSides Belfast · 2025
ResearchTechnicalAI SecurityDetection EngineeringThreat IntelTalk
Open →2025-12
33:38
Compliance meets SIEM automation
BSides Newcastle · 2020
TechnicalActive DirectoryDetection EngineeringGRCTalk
Open →2020-11
48:07
Can You Hear Me Now? Good — Because Volt Typhoon Can, Too
David Branscome
BSides Augusta · 2025
TechnicalActive DirectoryDetection EngineeringThreat IntelCase Studies and Incidents AnalysisTalk
Open →2025-10
38:22
Building Cyber Resilience in the Face of Cyber Attacks
Jason Proctor
BSides Edmonton · 2023
TechnicalDFIRDetection EngineeringTalk
Open →2023-11
35:41
Paul Ihme - Building a sustainable detector development lifecycle
Paul Ihme
BSides Cayman Islands
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2023-05
21:33
Overcoming Barriers in Security DSLs with BabbelPhish
Bobby Filar
BSides Las Vegas
TechnicalAI SecurityDetection EngineeringTalk
Open →2023-10
38:02
Taking ChatGPT Hunting by Nicholas Carroll
Nicholas Carroll
BSides Tampa · 2026
TechnicalAI SecurityDetection EngineeringThreat IntelTalk
Open →2026-02
22:55
Social Engineering Honeypots - Raf Tomaszewski
Raf Tomaszewski
BSides Basingstoke
TechnicalDetection EngineeringSocial EngineeringThreat IntelBlueTalk
Open →2024-09
45:05
Detecting the Elusive: Active Directory Threat Hunting
Sean Metcalf
BSides Charm · 2017
TechnicalActive DirectoryDetection EngineeringKerberosBlueTechnical Deep-divesTalk
Open →2021-05
44:38
Breaking the Illusion: Bypassing Endpoint Security Controls with Simple Tactics
Blake HudsonCaleb Sargent
BSides Las Vegas · 2025
TechnicalDetection EngineeringMalware AnalysisRedTalk
Open →2025-12
49:51
Suricata 8: The newest release from the mob
Jeff Lucovsky
BSides Augusta · 2025
TechnicalDetection EngineeringNetwork SecurityTalk
Open →2025-10
45:50
Threats Versus Capabilities: Building Better Detect and Respond Capabilities
Thomas Fischer
BSides Dublin · 2022
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2022-05
14:26
Actioning ATT&CK
Jake Liefer
BSides Delaware · 2018
TechnicalDetection EngineeringThreat ModelingPurpleTechnical Deep-divesTalk
Open →2018-11
44:41
Threat Hunting at Different Scales: Lessons Learned from Practice
Filip Rapaić
BSides Zagreb · 2026
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2026-03
24:50
PG - Enemy at the Gate, and Beyond: Detecting and Stopping Account Takeover
Yuval Zacharia
BSides Las Vegas · 2023
TechnicalCloud IAMDetection EngineeringThreat IntelBlueTalk
Open →2023-10
43:51
Cyber Crash Investigations: Seizing the Opportunity to Learn from Past Crises
Julia WightonDavid Stocks
BSides Las Vegas · 2023
War StoriesDFIRDetection EngineeringBlueCase Studies and Incidents AnalysisTalk
Open →2023-10
20:30
Cloud-Based Contextual Analysis as Code
Erkang Zheng
BSides SLC · 2020
TechnicalCloud IAMDetection EngineeringThreat ModelingTalk
Open →2020-03
37:48
Copy That: Tracking and clustering ClickFix campaigns
Stef Rand
BSides Augusta · 2025
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueCase Studies and Incidents AnalysisTalk
Open →2025-10
50:45
Spycraft 2.0: Hunting Dead Drops in Web Applications
Jonathan Fuller
BSides NYC · 2025
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringAdvancedBlueTalk
Open →2025-12
49:35
You Got A SIEM Now What
Chris Maulding
BSidesROC · 2023
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2024-09
22:57
Honeytrapper: The Attacker Strikes Back
Dónnan Mallon
BSides Newcastle · 2025
TechnicalDetection EngineeringThreat IntelTalk
Open →2025-02
54:27
A Tale of Two Powershells
Fernando Tomlinson
BSides Greenville · 2020
TechnicalActive DirectoryDetection EngineeringMalware AnalysisPurpleTalk
Open →2020-06
23:31
From Application to Access: Detecting DPRK IT Workers Before They Become Insider Threats
Jesse Buonanno
BSides Seattle 2026
TechnicalDetection EngineeringSocial EngineeringThreat IntelBlueCase Studies and Incidents AnalysisMethodologyTalk
Open →2026-03
25:33
RAGnarok: Assisting Threat Hunting with Local LLMs
Jun MiuraCybelle Oliveira
BSides Las Vegas · 2025
TechnicalAI SecurityDetection EngineeringThreat IntelBlueDemoTalk
Open →2025-12
21:16
Self-healing K8s: Lessons Learned in Automation of Incident Response
Ross Clarke
BSides Charleston · 2025
ResearchTechnicalAI SecurityContainer SecurityDetection EngineeringDevSecOpsCase Studies and Incidents AnalysisTechnical Deep-dives+1
Open →2025-11
30:54
BSidesBoulder 2023 - Ryan Thompson - Ecosystem of Insights Building Operation Dashboards That Enable
Ryan Thompson
BSides Boulder · 2023
TechnicalDetection EngineeringToolingTalk
Open →2024-02
33:15
CiscoSecure
Carlos Diaz
BSides Calgary
TechnicalActive DirectoryDetection EngineeringThreat ModelingBlueTalk
Open →2022-12
24:41
Evading Detection with Dynamic AI Mimicry
Darin SmithMoazzam Khan
BSides Seattle · 2026
TechnicalAI SecurityDetection EngineeringMalware AnalysisAdvancedRedTechnical Deep-divesTalk
Open →2026-03
30:41
Beyond the Perimeter: Uncovering the Hidden Threat of Data Exfiltration in Google Cloud Platform
Ora Aspir
BSides Las Vegas · 2023
TechnicalCloud IAMDFIRDetection EngineeringTalk
Open →2023-10
29:45
Hype and Reality: Practical Advice for Implementing and Evaluating AI/ML for Cybersecurity
Edward Wu
BSides SATX · 2021
TechnicalAI SecurityDetection EngineeringThreat IntelTalk
Open →2021-06
53:54
2024 Security BSides // Garry Coldwells
Garry Coldwells
BSides Cayman Islands · 2024
TechnicalDetection EngineeringIoTThreat IntelTalk
Open →2025-01
43:43
Building a Sawmill: Processing Logs with Security Onion
Matthew Gracie
BSides Peru · 2024
TechnicalDFIRDetection EngineeringThreat IntelBlueDemoTalk
Open →2024-08
47:35
Sharing Open Datasets with the World to Develop Detections from Home | Roberto Rodriguez
Roberto Rodriguez
BSides Delhi 2020
CommunityTechnicalDFIRDetection EngineeringThreat ModelingTalk
Open →2020-11
29:54
Déjà Vu With Scattered Spider: Are Your SaaS Doors Still Unlocked?
Andi AhmetiAbian Morina
BSides Munich · 2025
TechnicalWar StoriesCloud IAMDetection EngineeringThreat IntelCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2026-02
39:44
Red Teaming AWS: Practice What You Preach
Josh Armitage
BSides Newcastle · 2021
CommunityTechnicalCloud IAMDetection EngineeringThreat IntelPurpleRedCase Studies and Incidents Analysis+1
Open →2021-10
49:39
Supercharge Your SOC with Sysmon
Chris LeeMatthew Giannetto
BSides Philly · 2018
TechnicalDFIRDetection EngineeringMalware AnalysisBlueTalk
Open →2018-11
27:08
The Ransomware Threat: Tracking the Digital Footprints
Kevin Bottomley
BSidesSF · 2016
TechnicalDetection EngineeringMalware AnalysisThreat IntelCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2016-04
19:17
Phish-Back: How to Turn the Problem into a Solution
Gautier Bugeon
BSides Las Vegas · 2025
TechnicalDetection EngineeringThreat IntelWeb AppSecAdvancedBlueTalk
Open →2025-12
21:18
Kubernetes For Incident Responders
Travis Lowe
BSides KC
TechnicalContainer SecurityDFIRDetection EngineeringBlueTalk
Open →2025-06
26:24
Adversaries Also Lift & Shift: Cloud Threats Through the Eyes of an Adversary
Adi InovRoy Sherman
BSides Las Vegas · 2024
TechnicalCloud IAMDetection EngineeringThreat IntelTalk
Open →2024-09
37:31
De-mystifying Zero Trust in Industrial Control System Environments
Stephen Mathezer
BSides Edmonton · 2023
TechnicalDetection EngineeringNetwork SecurityThreat ModelingTalk
Open →2023-10
43:52
JOINing Across the Stack: Structured Security Analytics for the Modern Attack Surface
Eric Kaiser
BSides Las Vegas · 2021
TechnicalCloud IAMContainer SecurityDetection EngineeringBlueTalk
Open →2021-08
1:00:11
AI in the CTI–IR–CISO Triangle
Bojan AlikavazovicHervé EnglmanVladimir OzuraVlatko KosturjakAndrija Galinovic
BSides Zagreb · 2026
TechnicalAI SecurityDetection EngineeringThreat IntelPanel
Open →2026-03
23:08
Advancing Network Threat Detection Through Standardized Feature Extraction and Dynamic Ensemble Learning
Jason Ford
BSides Las Vegas · 2025
ResearchTechnicalDetection EngineeringThreat IntelEmpirical ResearchTechnical Deep-divesTalk
Open →2025-12
24:36
Hunting Before Day Zero
Ryan LaBouve
BSidesROC · 2023
TechnicalDFIRDetection EngineeringThreat IntelTalk
Open →2024-09
53:47
ZERO-RULES Alert Contextualizer & Correlator
Ezz Tahoun
BSides Las Vegas · 2024
TechnicalAI SecurityDetection EngineeringThreat IntelBlueTalk
Open →2024-09
27:19
Preserving Telecom Infrastructure Using Machine Learning
Ali Abdollahi
BSides Calgary · 2021
TechnicalAI SecurityDetection EngineeringNetwork SecurityTalk
Open →2021-12
53:55
Analyzing Emotet infections
Brad Duncan
BSides Tampa · 2021
TechnicalDetection EngineeringMalware AnalysisNetwork SecurityIntermediaryCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2021-04
28:35
IDS/IPS Choices: Benefits, Drawbacks, and Configurations
BSides Augusta · 2016
TechnicalDetection EngineeringNetwork SecurityThreat IntelBlueTalk
Open →2016-09
48:01
Christopher Peacock: TTP Pyramid
Christopher Peacock
BSides St. Pete · 2025
TechnicalDetection EngineeringThreat IntelPurpleTechnical Deep-divesTalk
Open →2026-03
46:26
Catch Me If You Can: How Attackers Outsmart EDR
Marvin Ngoma
BSides Amsterdam · 2025
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringBlueRedTechnical Deep-divesTalk
Open →2026-03
42:12
Honeypot Boo Boo: Better Breach Detection with Deception Technology
Justin Varner
BSides Austin
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2024-02
47:02
Data Exfiltration Via DNS Lookup
Martin Lee
BSides Belfast · 2016
TechnicalDetection EngineeringMalware AnalysisNetwork SecurityTechnical Deep-divesTalk
Open →2017-09
36:07
T1 05 Temet Nosce - Thomas V. Fischer
Thomas V. Fischer
BSides Athens
TechnicalDFIRDetection EngineeringMalware AnalysisBlueTalk
Open →2016-07
38:39
Detecting, Deobfuscating, and Preventing Obfuscated Script Execution with Tree‑sitter
David McDonald
BSides Las Vegas · 2025
TechnicalDetection EngineeringMalware AnalysisBlueTalk
Open →2025-12
40:19
Ransomware, Threat Actors, and the Shifting Enterprise Security Landscape
Marcelle Lee
BSidesROC · 2024
TechnicalDetection EngineeringMalware AnalysisThreat IntelBlueKeynote
Open →2025-03
43:01
My friend Ben: solid employee, DPRK agent
Chris Merkel
BSides Las Vegas · 2025
TechnicalDetection EngineeringThreat IntelIntermediaryBlueCase Studies and Incidents AnalysisTalk
Open →2025-12
51:42
Living off the (land)cloud: Scattered Spider and the cloud
Shivakumar Buruganahalli
BSides NYC · 2025
TechnicalCloud IAMDetection EngineeringThreat IntelBlueTalk
Open →2025-12
31:19
Red Teaming AWS: Practice What You Preach
Josh Armitage
BSides Barcelona · 2021
TechnicalCloud IAMDetection EngineeringRedTalk
Open →2022-01
37:29
Intrusion Detection in the Clouds
Josh Pyorre
BSidesSF · 2015
TechnicalDetection EngineeringNetwork SecurityBlueTalk
Open →2023-12
31:20
Evading C2 Detection with Asymmetry
Andrew JohnstonAnthony Morrow
BSides Philly · 2018
TechnicalDetection EngineeringThreat IntelAdvancedRedTalk
Open →2018-11
8:34
A Review of IDS in Large-Scale IoT Systems: Challenges, Approaches, and Needs
Othmane Belarbi
BSides Cymru Wales · 2023
ResearchDetection EngineeringIoTTalk
Open →2023-04
20:37
The Rise of Synthetic Passwords in Botnet & Attack Operations
Travis Moore
BSides Las Vegas · 2025
TechnicalDetection EngineeringMalware AnalysisWeb AppSecTalk
Open →2025-12
49:45
ChatGPT for Security Analysts
Greg Leah
BSides Calgary
TechnicalDetection EngineeringMalware AnalysisThreat IntelTalk
Open →2024-03
56:04
Stop Shooting Blanks: No Magic Bullets in Your Arsenal
Renegade6
BSides Las Vegas · 2013
TechnicalDFIRDetection EngineeringMalware AnalysisBlueTalk
Open →2017-01
36:36
Agentic AI for Cyber Operations
BSides Göteborg · 2026
TechnicalAI SecurityDetection EngineeringBlueTalk
Open →2026-03
56:09
P0LR Espresso: Pulling Shots of Cloud Live Response & Advanced Analysis
Art Ukshini
BSides NYC · 2025
TechnicalToolingCloud IAMDetection EngineeringThreat IntelTalk
Open →2025-11
33:54
Rocke'in the NetFlow TTPs to Detection
Nathaniel Q Quist
BSides Denver · 2019
TechnicalCloud IAMDetection EngineeringMalware AnalysisThreat IntelCase Studies and Incidents AnalysisTalk
Open →2019-09
34:38
Trustno1: Protecting Your Data in a Zero Trust World
David Branscome
BSides Greenville · 2020
TechnicalActive DirectoryCloud IAMDetection EngineeringBlueDemoTalk
Open →2020-06
23:10
Phish And Chips: Tactics, Tales And Takeaways
Stefan Bargan
BSides London · 2025
TechnicalWar StoriesDetection EngineeringSocial EngineeringThreat IntelBlueTalk
Open →2026-03
10:58
What's Running In There
Fionnula Kelly
BSides Belfast · 2025
TechnicalContainer SecurityDetection EngineeringIntroTalk
Open →2025-12
27:06
SOC Like a Genius: Cognitive Agents Delivering Wisdom at Scale
Oudy Even HaimSarah Young
BSides Las Vegas · 2025
TechnicalAI SecurityDetection EngineeringThreat IntelBlueDemoTalk
Open →2025-12
37:55
Categorical Correlations as Probabilistic Rules
Nathan Danneman
BSides Asheville · 2018
ResearchTechnicalDetection EngineeringNetwork SecurityThreat IntelTalk
Open →2019-03
15:38
Ransomware detection based on comparative hybridised analysis
Alida Øvermo Mortensen
BSides Kristiansand · 2026
ResearchTechnicalDetection EngineeringMalware AnalysisBlueCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2026-02
22:41
Plight at the End of the Tunnel
Anjum Ahuja
BSides Charm · 2018
TechnicalDetection EngineeringMalware AnalysisNetwork SecurityBlueTalk
Open →2021-05
23:36
Illuminate the Grid: Building Telemetry Through Purple Teaming
Gabriel Schram
BSides Charlotte · 2026
TechnicalDetection EngineeringThreat IntelThreat ModelingPurpleCase Studies and Incidents AnalysisMethodologyTalk
Open →2026-04
29:40
Deploying Honeypots for High-Fidelity Threat Detection and Intelligence
Anicet Fopa Tchoffo
BSides Leeds
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2025-08
53:24
Measuring Protection Efficacy in Real Time for Fun and Learning
Sean Hittel
BSides Calgary
TechnicalDetection EngineeringMalware AnalysisWorkshop
Open →2024-03
25:37
Swarmed Cyber Defence
Philippe Humeau
BSides Newcastle · 2021
TechnicalDetection EngineeringNetwork SecurityThreat IntelBlueTalk
Open →2021-10
26:30
SIGMA: One Rule to Find Them All
Rain Baker
BSides Las Vegas · 2025
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2025-12
26:58
Tracking the Adversaries in the Middle
Lex Crielaars
BSides Amsterdam · 2025
TechnicalDetection EngineeringSocial EngineeringThreat IntelBlueCase Studies and Incidents AnalysisTalk
Open →2026-01
26:17
Sweeping Up Misconfiguration Crumbs Before Attackers Do
Avidan Avraham
BSides Newcastle · 2025
TechnicalAI SecurityDetection EngineeringNetwork SecurityTalk
Open →2025-12
53:06
Shining Light into Container Cluster Visibility
Nathaniel Quist
BSides Boulder · 2022
TechnicalCloud IAMContainer SecurityDetection EngineeringBlueTalk
Open →2022-12
20:51
Reasonable Rapid Recognition and Response to Rogues
Craig Bowser
BSides Charm · 2019
TechnicalDetection EngineeringGRCNetwork SecurityBlueTechnical Deep-divesTalk
Open →2021-05
28:46
It's Game Over Man — How to Train Your Blue Team
Paul Svenning
BSides Kristiansand · 2026
TechnicalDetection EngineeringThreat ModelingBlueTalk
Open →2026-02
23:28
Azazel System: Tactical Delaying Action via the Cyber-Scapegoat Gateway
Makoto SugitaSoya Aoyama
BSides Las Vegas · 2025
TechnicalDetection EngineeringNetwork SecurityBlueDemoTalk
Open →2025-12
23:57
The First Hour of Incident Response: Every Second Logs
George Chapman
BSides Exeter · 2026
TechnicalDFIRDetection EngineeringIntermediaryBlueTalk
Open →2026-05
15:27
A Convenient Truth
Ali Zadissa
BSides St. John's
TechnicalDetection EngineeringNetwork SecurityTalk
Open →2025-05
33:17
The Squid That Lost Its Shell
Simon Goldsmith
BSides Bristol · 2025
TechnicalDetection EngineeringThreat IntelTalk
Open →2025-01
31:19
Data Exfiltration Techniques: Wi-Fi, DNS, Email, ICMP, SSL, and QR Codes
George Nazarey
BSides Calgary
TechnicalDetection EngineeringNetwork SecurityWireless SecurityTalk
Open →2024-03
56:02
Cloud & Container Security: A Defensive Puzzle from Pipeline to SOC Operations
Ash Barker
BSides Exeter · 2026
TechnicalCloud IAMContainer SecurityDetection EngineeringBlueTalk
Open →2026-05
28:14
Six Hundred Degrees of IAM Admin: Battles with a Cloud Conscious Adversary
Suril Desai
BSides Seattle 2026
TechnicalCloud IAMDetection EngineeringIntermediaryBlueTalk
Open →2026-04
58:18
SyedZaidi
Syed Zaidi
BSides Calgary
TechnicalDFIRDetection EngineeringThreat IntelIntermediaryBlueTalk
Open →2024-03
40:52
It's Malware Time: A Bar Crawl from Skunked Homebrew to Rotten Apples
Erika Noerenberg
BSides Charm · 2019
TechnicalDetection EngineeringMalware AnalysisReverse EngineeringBlueCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2021-05
30:52
Embrace the Red: Enhancing Detection Capabilities with Adversary Simulation
Mauricio Velazco
BSides Charm · 2019
TechnicalActive DirectoryDetection EngineeringThreat IntelPurpleTechnical Deep-divesTalk
Open →2021-05
40:31
SOC: The Good, The Bad & The Ugly
Harish Kumar Gopalakrishnan
BSides Exeter · 2026
War StoriesCareer & Soft SkillsDetection EngineeringBlueTalk
Open →2026-05
44:57
Contextual Agentic Garbage Collector: Sweeping Up Misconfiguration Crumbs Before Attackers Do
Naor Kalbo
BSides Edmonton · 2025
TechnicalAI SecurityDetection EngineeringNetwork SecurityAdvancedTalk
Open →2025-10
25:24
Effective Monitoring for Operational Security
Russell MosleyRyan St. Germain
BSides Charm
TechnicalDetection EngineeringThreat IntelBlueTalk
Open →2021-05
40:06
Shadow AI Is Your New Data Exfiltration Channel
Chijioke Okoye
BSides Exeter · 2026
TechnicalAI SecurityDetection EngineeringGRCTalk
Open →2026-05
29:22
Identity Observability with Knowledge Graph: Beyond Monitoring to Enforcement
Chen Xi
BSides Seattle 2026
TechnicalCloud IAMDetection EngineeringCase Studies and Incidents AnalysisTechnical Deep-divesTalk
Open →2026-04
41:40
Ivan Marchany: How to Build a Cyber Home Lab
Ivan Marchany
BSides St. Pete · 2025
CareerDetection EngineeringThreat IntelVulnerability ResearchIntroTalk
Open →2026-03
33:34
The Journey of Security Automation
Peter Luo
BSides St. Pete · 2025
TechnicalDetection EngineeringDevSecOpsThreat IntelDemoTalk
Open →2026-03