2.0 -//Pentabarf//Schedule//EN PUBLISH AQAFJM@@cfp.bsidespdx.org -AQAFJM Registration opens (all-day) en en 20251024T090000 20251024T090000 0.00000 Registration opens (all-day) PUBLIC CONFIRMED Other https://cfp.bsidespdx.org/bsidespdx-2025/talk/AQAFJM/ Talk 1 Registration Room PUBLISH UAS9ZC@@cfp.bsidespdx.org -UAS9ZC Opening remarks en en 20251024T093000 20251024T094500 0.01500 Opening remarks PUBLIC CONFIRMED Remarks https://cfp.bsidespdx.org/bsidespdx-2025/talk/UAS9ZC/ Talk 1 BSidesPDX 2025 Organizers PUBLISH 7TCNV8@@cfp.bsidespdx.org -7TCNV8 Day 1 Keynote en en 20251024T094500 20251024T104500 1.00000 Day 1 Keynote PUBLIC CONFIRMED Keynote https://cfp.bsidespdx.org/bsidespdx-2025/talk/7TCNV8/ Talk 1 Perri Adams PUBLISH HPQW7B@@cfp.bsidespdx.org -HPQW7B Meet the Sponsors (all-day) en en 20251024T105800 20251024T105800 0.00000 Meet the Sponsors (all-day) PUBLIC CONFIRMED Other https://cfp.bsidespdx.org/bsidespdx-2025/talk/HPQW7B/ Talk 1 Registration Room PUBLISH SJPXCX@@cfp.bsidespdx.org -SJPXCX CTF live challenges open for the day (all-day) en en 20251024T105900 20251024T105900 0.00000 CTF live challenges open for the day (all-day) PUBLIC CONFIRMED Other https://cfp.bsidespdx.org/bsidespdx-2025/talk/SJPXCX/ Talk 1 CTF Room PUBLISH QYQNDG@@cfp.bsidespdx.org -QYQNDG Accidental Honeypot: How I Ended Up Receiving Tens of Thousands of Emails Meant for "No One" en en 20251024T110000 20251024T112000 0.02000 Accidental Honeypot: How I Ended Up Receiving Tens of Thousands of Emails Meant for "No One" This talk is a follow-up to my 10-minute lightning talk from Hackboat. I’ll go deeper into the types of misdirected email I’ve received, the Python tooling I built to analyze the data, and the broader security, privacy, and ethical questions this raises. This is equal parts funny, unsettling, and surprisingly useful for anyone managing email infrastructure or threat modeling misconfiguration risks. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/QYQNDG/ Talk 1 Cory Solovewicz PUBLISH KLX7SV@@cfp.bsidespdx.org -KLX7SV Drone Blind Spots: Pentesting the Airspace Above Critical Infrastructure en en 20251024T113000 20251024T115000 0.02000 Drone Blind Spots: Pentesting the Airspace Above Critical Infrastructure **Who this talk is for:** • Offensive-security practitioners: penetration testers, red-teamers, and physical-security assessors who want to add an aerial dimension to their repertoire. • Defenders & Incident Responders: facility-security, SOC analysts, and OT/ICS staff responsible for protecting critical sites and infrastructure. • Aspiring newcomers: students, hobbyists, and those curious about where drones, radio frequency, and physical security intersect. **Helpful Knowledge:** • A working grasp of the standard pentest workflow and common physical-security controls (cameras, access systems, perimeters). • Basic awareness of FAA Part 107 / small-UAS regulations (key points and every acronym will be spelled out on slides). PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/KLX7SV/ Talk 1 Alec Hunter PUBLISH VFDN3T@@cfp.bsidespdx.org -VFDN3T How Zero Trusty is Your Network Access? en en 20251024T120000 20251024T124000 0.04000 How Zero Trusty is Your Network Access? This presentation is designed for security architects, blue teamers, and red teamers alike—anyone involved in selecting, testing, or bypassing Zero Trust Network Access (ZTNA) solutions. It provides value to defenders who want to validate vendor claims under real-world conditions, and to offensive security professionals interested in understanding how ZTNA solutions can be fingerprinted, evaded, or misconfigured in ways that expose internal assets. A foundational understanding of Zero Trust architecture is helpful, as is familiarity with common security controls like MFA, endpoint posture checks, and DLP. Attendees with experience in adversary simulation, web exploitation (e.g., OWASP Top 10), and network enumeration (e.g., Nmap) will find deeper value in the testing methodology presented. However, the session is structured to benefit both technically savvy practitioners and strategic stakeholders looking to cut through the noise and assess ZTNA solutions based on evidence—not just promises. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/VFDN3T/ Talk 1 Derron Carstensen PUBLISH FXWBEA@@cfp.bsidespdx.org -FXWBEA Securing GraphQL from Design to Production en en 20251024T130000 20251024T132000 0.02000 Securing GraphQL from Design to Production People who are already familiar with REST APIs and HTTP requests. No prior GraphQL required. We'll cover enough to highlight key aspects of GraphQL and how it could impact security decisions for blue and red teams. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/FXWBEA/ Talk 1 Corey Le PUBLISH YGBGET@@cfp.bsidespdx.org -YGBGET I'm not actually an SCCM admin...I just implied it en en 20251024T133000 20251024T135000 0.02000 I'm not actually an SCCM admin...I just implied it PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/YGBGET/ Talk 1 Garrett Foster PUBLISH D7VR9J@@cfp.bsidespdx.org -D7VR9J Redacted en en 20251024T140000 20251024T144000 0.04000 Redacted Anyone. Everyone has likely encountered these at some point. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/D7VR9J/ Talk 1 D3ada55 PUBLISH 8MC8MG@@cfp.bsidespdx.org -8MC8MG From Pi to Pwnage: Building a Wearable Hacking Station en en 20251024T150000 20251024T152000 0.02000 From Pi to Pwnage: Building a Wearable Hacking Station Hardware Enthusiast & Maker: Anyone who loves tinkering, building custom gadgets, and working with single-board computers like the Raspberry Pi. Aspiring Hardware Hacker: If you've been curious about building your own devices but felt intimidated, I break down the entire process, sharing the mistakes so you can avoid them. Cybersecurity practitioners looking for creative, low-cost ways for pentests, assessments, or just for fun. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/8MC8MG/ Talk 1 Stefan PUBLISH ZFZDA7@@cfp.bsidespdx.org -ZFZDA7 Beyond the Mask: The Snitchpuck en en 20251024T153000 20251024T155000 0.02000 Beyond the Mask: The Snitchpuck PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/ZFZDA7/ Talk 1 Rey PUBLISH GPX8BE@@cfp.bsidespdx.org -GPX8BE CFAA Plus: Moving Computer Law Past the World of the Boombox and Magnetic Tape en en 20251024T160000 20251024T164000 0.04000 CFAA Plus: Moving Computer Law Past the World of the Boombox and Magnetic Tape I'm sending a policy talk here mostly because Sen Wyden has established Portland as one of the most important constituencies in infosec policy. But this is also near to the heart of any hacker who hated what happened to everyone from Aaron Swartz to Marcus Hutchens to Paige Thompson and beyond, and anyone who's watched security programs get cut to the point of ineffectiveness and then experienced a preventable breach. I previously briefed democratic congressional staff on this topic. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/GPX8BE/ Talk 1 Falcon Darkstar Momot PUBLISH 8Z3EFS@@cfp.bsidespdx.org -8Z3EFS Closing remarks en en 20251024T170000 20251024T171500 0.01500 Closing remarks PUBLIC CONFIRMED Remarks https://cfp.bsidespdx.org/bsidespdx-2025/talk/8Z3EFS/ Talk 1 BSidesPDX 2025 Organizers PUBLISH XMFSQG@@cfp.bsidespdx.org -XMFSQG Friday Reception (evening) en en 20251024T171500 20251024T171500 0.00000 Friday Reception (evening) PUBLIC CONFIRMED Other https://cfp.bsidespdx.org/bsidespdx-2025/talk/XMFSQG/ Talk 1 Back Room in Talk 1 PUBLISH QYYSYK@@cfp.bsidespdx.org -QYYSYK BSides PDX Quiz Show en en 20251024T173000 20251024T183000 1.00000 BSides PDX Quiz Show PUBLIC CONFIRMED Event https://cfp.bsidespdx.org/bsidespdx-2025/talk/QYYSYK/ Talk 1 Steve Willoughby John Mechalas PUBLISH RZMNNX@@cfp.bsidespdx.org -RZMNNX Portland Hacker Foundation : Asymmetric Impact Year 1 en en 20251024T110000 20251024T112000 0.02000 Portland Hacker Foundation : Asymmetric Impact Year 1 People interested in making an impact in their community, and interested in learning how to start a 501(c)(3). PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/RZMNNX/ Talk 2 Dean Pierce PUBLISH JYWGKZ@@cfp.bsidespdx.org -JYWGKZ Instant API Hacker en en 20251024T113000 20251024T115000 0.02000 Instant API Hacker This presentation is designed for anyone interested in API security, regardless of experience level: Developers who want to understand how their APIs can be attacked Security professionals seeking to add API testing to their skillset IT managers and leaders who need to understand API security risks Students and beginners curious about getting started in API security Anyone interested in cybersecurity and how modern applications can be compromised No prior API hacking experience required. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/JYWGKZ/ Talk 2 Corey Ball PUBLISH A9ZD8V@@cfp.bsidespdx.org -A9ZD8V The Life and Death of a Municipal Surveillance Technology in Seattle en en 20251024T120000 20251024T124000 0.04000 The Life and Death of a Municipal Surveillance Technology in Seattle This presentation is for a technical audience interested in privacy and anti-surveillance. I'll discuss hashing (naming algorithms but not explaining them). I will also assume the audience will know what a rainbow table is and salting. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/A9ZD8V/ Talk 2 C.S. PUBLISH J7FAJ8@@cfp.bsidespdx.org -J7FAJ8 From walkie-talkies to Meshtastic: an overview of communication platforms en en 20251024T130000 20251024T132000 0.02000 From walkie-talkies to Meshtastic: an overview of communication platforms When traditional infrastructure fails, as it often does in the PNW, we may lose power, water, and even accessible roads. How do you plan to check in with your friends, family, share resources, and help others? In this talk, we’ll cover what options are available for long-distance remote communications between individuals: FRS, GMRS, CB, Amateur Radio, as well as Meshtastic. For the second half of the talk, we'll dive in deeper on Meshtastic: how it compares in terms of capabilities, legality, range, and ease of integration, as well as edge cases. By the end of the presentation, participants will be equipped with actionable knowledge to select affordable communication tools for their needs, ensuring they remain connected when it matters most. Those new to radio communications in general, and those new to Meshtastic will be most interested in listening. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/J7FAJ8/ Talk 2 Slava I. Maslennikov PUBLISH JJS3TQ@@cfp.bsidespdx.org -JJS3TQ Disaster Ready Digital Safety: Building resilient support systems for domestic violence survivors en en 20251024T133000 20251024T135000 0.02000 Disaster Ready Digital Safety: Building resilient support systems for domestic violence survivors Anyone! PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/JJS3TQ/ Talk 2 Naomi Meyer PUBLISH GKC3X3@@cfp.bsidespdx.org -GKC3X3 A History of Fuzzing en en 20251024T140000 20251024T144000 0.04000 A History of Fuzzing This presentation is for both people who are interested in fuzzing as a security method and practitioners who do it on a daily basis. Because I'll be starting at the beginning, attendees won't need any previous fuzzing knowledge or experience, but some knowledge of common software defects like memory corruption and some knowledge of general testing practice will help contextualize the topic. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/GKC3X3/ Talk 2 Rowan Hart PUBLISH 83PV9P@@cfp.bsidespdx.org -83PV9P Hackers + AI: Faster, Smarter, More Dangerous en en 20251024T150000 20251024T152000 0.02000 Hackers + AI: Faster, Smarter, More Dangerous This talk is for anyone in cybersecurity. Whether you’re a novice or an experienced professional, you’ll benefit from seeing real hacker AI tools in action. Attendees will gain an understanding of how criminals are already using AI to accelerate attacks—and why defenders need to adapt quickly. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/83PV9P/ Talk 2 Sherri Davidoff Matt Durrin PUBLISH FCGW8Y@@cfp.bsidespdx.org -FCGW8Y New phone, who dis? The quest for a true Burner Phone en en 20251024T153000 20251024T155000 0.02000 New phone, who dis? The quest for a true Burner Phone * Why would you want one? * Getting the phone - the easy part, right? * Prepaid cards * Don't cross the streams! * Signing up for service * Picking a number * Identity theft is a crime, Jim * Anonymous email * Location, location, location * Summary Target audience: Privacy advocates, political activists, and data-broker haters PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/FCGW8Y/ Talk 2 Mike Niles PUBLISH L9FEKD@@cfp.bsidespdx.org -L9FEKD PNW vs. Bay Area: Observations from the Seattle Startup Scene en en 20251024T160000 20251024T162000 0.02000 PNW vs. Bay Area: Observations from the Seattle Startup Scene Folks thinking about starting a startup, PNW folks considering relocating to Bay Area (or vice versa!) PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/L9FEKD/ Talk 2 Emily Choi-Greene PUBLISH XWDACA@@cfp.bsidespdx.org -XWDACA Automating Threat Modeling with Vision Models - Lesson learned en en 20251024T163000 20251024T165000 0.02000 Automating Threat Modeling with Vision Models - Lesson learned PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/XWDACA/ Talk 2 Pankaj Upadhyay MAYANK VATS PUBLISH YX9EAY@@cfp.bsidespdx.org -YX9EAY LLM Mayhem: Hands-On Red Teaming for LLM Applications en en 20251024T110000 20251024T130000 2.00000 LLM Mayhem: Hands-On Red Teaming for LLM Applications We welcome any attendee who is interested in learning about the resiliency of a LLM based application against an adversary set on causing it to output unintended content. No prior experience with red teaming or attacking LLMs is necessary, as we will cover the basics and ramp students up throughout the session. PUBLIC CONFIRMED Workshop https://cfp.bsidespdx.org/bsidespdx-2025/talk/YX9EAY/ Workshop A Travis Smith David Lu PUBLISH JH3GBP@@cfp.bsidespdx.org -JH3GBP So you’d like to present at a conference en en 20251024T130000 20251024T150000 2.00000 So you’d like to present at a conference PUBLIC CONFIRMED Workshop https://cfp.bsidespdx.org/bsidespdx-2025/talk/JH3GBP/ Workshop A Joe FitzPatrick PUBLISH UFVTME@@cfp.bsidespdx.org -UFVTME PentestMCP: A Toolkit for Agentic Penetration Testing en en 20251024T150000 20251024T170000 2.00000 PentestMCP: A Toolkit for Agentic Penetration Testing Security practitioners interested in automating their workflows with Generative AI, LLM agents, and MCP. Students interested in learning about agentic security. PUBLIC CONFIRMED Workshop https://cfp.bsidespdx.org/bsidespdx-2025/talk/UFVTME/ Workshop A Wu-chang Feng Zachary Ezetta PUBLISH CPJTNR@@cfp.bsidespdx.org -CPJTNR Binary Jiu-jitsu: White Belt Fundamentals en en 20251024T110000 20251024T170000 6.00000 Binary Jiu-jitsu: White Belt Fundamentals This workshop is geared towards complete beginners. Linux CLI experience would be helpful but can be learned on the fly. PUBLIC CONFIRMED Workshop https://cfp.bsidespdx.org/bsidespdx-2025/talk/CPJTNR/ Workshop B Joshua Connolly PUBLISH S9CDWJ@@cfp.bsidespdx.org -S9CDWJ Registration opens (all-day) en en 20251025T090000 20251025T090000 0.00000 Registration opens (all-day) PUBLIC CONFIRMED Other https://cfp.bsidespdx.org/bsidespdx-2025/talk/S9CDWJ/ Talk 1 Registration Room PUBLISH 3S83HA@@cfp.bsidespdx.org -3S83HA Opening remarks en en 20251025T093000 20251025T094500 0.01500 Opening remarks PUBLIC CONFIRMED Remarks https://cfp.bsidespdx.org/bsidespdx-2025/talk/3S83HA/ Talk 1 BSidesPDX 2025 Organizers PUBLISH JKBL8M@@cfp.bsidespdx.org -JKBL8M Day 2 Keynote en en 20251025T094500 20251025T104500 1.00000 Day 2 Keynote PUBLIC CONFIRMED Keynote https://cfp.bsidespdx.org/bsidespdx-2025/talk/JKBL8M/ Talk 1 Micah Lee PUBLISH 7V3ALW@@cfp.bsidespdx.org -7V3ALW Meet the Sponsors (all-day) en en 20251025T105800 20251025T105800 0.00000 Meet the Sponsors (all-day) PUBLIC CONFIRMED Other https://cfp.bsidespdx.org/bsidespdx-2025/talk/7V3ALW/ Talk 1 Registration Room PUBLISH QEAGEJ@@cfp.bsidespdx.org -QEAGEJ CTF live challenges open for the day (all-day) en en 20251025T105900 20251025T105900 0.00000 CTF live challenges open for the day (all-day) PUBLIC CONFIRMED Other https://cfp.bsidespdx.org/bsidespdx-2025/talk/QEAGEJ/ Talk 1 CTF Room PUBLISH FEKYPS@@cfp.bsidespdx.org -FEKYPS From Context-Switching Hell to AI-Powered Ops: Eliminating Security On-Call Toil with the Model Context Protocol en en 20251025T110000 20251025T112000 0.02000 From Context-Switching Hell to AI-Powered Ops: Eliminating Security On-Call Toil with the Model Context Protocol This talk is designed for security professionals who handle incident response or participate in on-call rotations, including SOC analysts, security engineers, detection engineers, and incident responders. It's particularly relevant for those looking to reduce the cognitive burden and operational friction of interrupt-driven investigations. Technical leaders considering AI-assisted tooling for their teams will also find valuable insights. While the examples use Databricks and PagerDuty, the concepts apply broadly to any security operations environment dealing with multi-tool workflows and context switching challenges. Participants will leave this presentation with concrete ideas for applying these concepts in their own environments. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/FEKYPS/ Talk 1 Will Urbanski PUBLISH KPQTX3@@cfp.bsidespdx.org -KPQTX3 Tag, You're Leaked: Surviving the tj-actions Supply Chain Attack en en 20251025T113000 20251025T115000 0.02000 Tag, You're Leaked: Surviving the tj-actions Supply Chain Attack ### Talk Outline **The Alert** - March 14, 1:01 PM: harden-runner's behavioral monitoring detects anomaly - Quick realization of scope: 24,000 affected repositories - Ashish and Mark were first responders to attack **The Attack** - Attack masqueraded as renovate[bot] with commit 0e58ed8 - All 361 version tags redirected to malicious commit - Memory scraping exfiltrated secrets to action logs - Brief demo: What the malicious base64 logs looked like **Initial Response** *Friday: Detection & Triage* - March 14, 22:20 UTC: StepSecurity reports compromise - Internal and external response of orgs *Saturday: Emergency Engineering* - Creating tj-scan/ghscan from scratch (live code snippet) - Scanning results reveal : 233 system.github.tokens, 151 github_tokens compromised - Discovering cloud.gov, CISA, and other government credentials leaked *Sunday: Disclosure Coordination* - Managing disclosure to 50+ organizations with leaked credentials - Reporting government credentials to CISA **What Actually Helped** *Quick Wins* - Demo: How harden-runner detected the attack - Demo: Using ghscan to check for similar compromises - Action pinning that doesn't break your workflows *Longer-term Improvements* - Migrating from static secrets to OIDC - Setting up runtime monitoring - Config changes that made the biggest difference **Resource** - Links to tools and response playbook (QR code) - Open invitation for questions and help PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/KPQTX3/ Talk 1 Mark Esler Ashish Kurmi PUBLISH E3QPU9@@cfp.bsidespdx.org -E3QPU9 Keep Your Return Address Close and Your Enemies Closer. How a kernel engineer and security researcher collaborated to tighten up Linux shadow stack en en 20251025T120000 20251025T124000 0.04000 Keep Your Return Address Close and Your Enemies Closer. How a kernel engineer and security researcher collaborated to tighten up Linux shadow stack Open source warriors, security ninjas and apprentices, kernel sorcerers, toolchain forgers, low level dwellers. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/E3QPU9/ Talk 1 Joao Moreira Rick Edgecombe PUBLISH M8J3NP@@cfp.bsidespdx.org -M8J3NP Nintendon't Look at my GitHub: DMCA Dodging and Other Shenanigans en en 20251025T130000 20251025T132000 0.02000 Nintendon't Look at my GitHub: DMCA Dodging and Other Shenanigans This talk was originally given at an internal conference for a small pentesting firm, with a mixture of technical pentesters and nontechnical project managers/executive staff in the audience and written to be accessible to all. Familiarity with Git/GitHub is recommended (and mostly a given, considering BSides' audience) but there is a brief explanation at the beginning in case it is helpful (and to set up a joke). PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/M8J3NP/ Talk 1 James Martindale PUBLISH 3Q9WWR@@cfp.bsidespdx.org -3Q9WWR Quantum Computing: Hype, Hope, and the Cybersecurity Horizon en en 20251025T133000 20251025T135000 0.02000 Quantum Computing: Hype, Hope, and the Cybersecurity Horizon Security Engineers / Architects – interested in threat modeling and cryptographic resilience CISOs / Security Leaders – making strategic decisions about long-term security posture Researchers / Students – wanting a no-nonsense intro to quantum’s real implications Crypto Curious – those overwhelmed by the jargon but want the signal, not the noise Technical Depth: Intermediate – no quantum physics or cryptography background required, but technical familiarity with cybersecurity concepts (PKI, encryption, risk modeling) will help. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/3Q9WWR/ Talk 1 Neha Srivastava PUBLISH H9ZHVX@@cfp.bsidespdx.org -H9ZHVX This is not a camera en en 20251025T140000 20251025T144000 0.04000 This is not a camera Hackers This talk was presented at DEFCON, a link to the video is here: https://drive.google.com/file/d/1-WCn2r5TLD2L9waDJggugB-DtkebX04Z/view?usp=sharing PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/H9ZHVX/ Talk 1 Mickey Shkatov Jesse Michael PUBLISH KRR9NX@@cfp.bsidespdx.org -KRR9NX Unwitting Hosts: How Residential Proxies Increase Risk en en 20251025T150000 20251025T152000 0.02000 Unwitting Hosts: How Residential Proxies Increase Risk Security analysts and IT administrators, we'll define all terms and concepts so it should be a pretty approachable entry level talk, but hopefully interesting to more advanced practitioners as well. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/KRR9NX/ Talk 1 Darin Smith Blake Anderson PUBLISH CJV8TZ@@cfp.bsidespdx.org -CJV8TZ An Unexpected Journey - Building a Cybersecurity Program from Scratch at a Risk-Taking State Agency en en 20251025T153000 20251025T155000 0.02000 An Unexpected Journey - Building a Cybersecurity Program from Scratch at a Risk-Taking State Agency Anyone looking for inspiration in what's possible with little resources and a whole lot of heart. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/CJV8TZ/ Talk 1 Ralph Hogaboom Liz Lewis-Lee PUBLISH QUPP8Z@@cfp.bsidespdx.org -QUPP8Z Closing remarks en en 20251025T160000 20251025T161500 0.01500 Closing remarks PUBLIC CONFIRMED Remarks https://cfp.bsidespdx.org/bsidespdx-2025/talk/QUPP8Z/ Talk 1 BSidesPDX 2025 Organizers PUBLISH TY88XJ@@cfp.bsidespdx.org -TY88XJ Afterparty @ Ctrl-H en en 20251025T170000 20251025T200000 3.00000 Afterparty @ Ctrl-H PUBLIC CONFIRMED Other https://cfp.bsidespdx.org/bsidespdx-2025/talk/TY88XJ/ Talk 1 BSidesPDX 2025 Organizers PUBLISH YTF7RW@@cfp.bsidespdx.org -YTF7RW Cracking the Domain: Evolution of Active Directory Password Attacks en en 20251025T110000 20251025T112000 0.02000 Cracking the Domain: Evolution of Active Directory Password Attacks PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/YTF7RW/ Talk 2 Zach Mead PUBLISH RKFEPJ@@cfp.bsidespdx.org -RKFEPJ From Suspicious Query to Real Incident: Deciding When Endpoint Alerts Really Matter en en 20251025T113000 20251025T115000 0.02000 From Suspicious Query to Real Incident: Deciding When Endpoint Alerts Really Matter Who: SOC analysts, detection engineers, incident responders, and security engineers designing endpoint detections. Background helpful: Basic familiarity with endpoint telemetry (Windows/Linux process logs, Sysmon, EDR/XDR data). No need for deep reverse engineering or malware expertise. Takeaway: A mental model and practical heuristics for designing, tuning, and escalating endpoint detections without drowning in alert fatigue. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/RKFEPJ/ Talk 2 Udochi Nwobodo PUBLISH ZRPCLV@@cfp.bsidespdx.org -ZRPCLV Okta Detection Engineering: From Logs to Detections en en 20251025T120000 20251025T124000 0.04000 Okta Detection Engineering: From Logs to Detections Intermediate (security engineers, detection engineers, incident responders) PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/ZRPCLV/ Talk 2 Fevin George PUBLISH EAZZL7@@cfp.bsidespdx.org -EAZZL7 Keeping PHI Out of the Model: Practical Patterns for Privacy Preserving LLMs in Healthcare en en 20251025T130000 20251025T132000 0.02000 Keeping PHI Out of the Model: Practical Patterns for Privacy Preserving LLMs in Healthcare Healthcare AI systems face two simultaneous pressures: deliver real utility (focusing on intake, documentation, triage and clinical guidance) and avoid exposing Protected Health Information (PHI) at any point in the lifecycle. This talk presents a practical, privacy by design workflow for Large Language Model (LLM) use in healthcare that teams can implement without stalling delivery. We begin with a concise threat model that traces how PHI can leak during training, inference, logging and analytics. From there, we build a layered architecture: (1) a deterministic de-identification pipeline that removes identifiers, tokenizes sensitive terms, and generalizes identifiers before prompts or training (2) input, output and system guardrails that block prompt injection, redact emergent PHI, enforce tone/policy and create auditable traces (3) Retrieval Augmented Generation (RAG) constrained to pre approved, up to date clinical sources to reduce hallucinations and citation drift (4) a hosting decision rubric for on-device/on-premises vs cloud going over points like maximal control, scale etc. while also discussing relevant compensating controls On top of that foundation, we cover where Privacy Enhancing Technologies (PETs) fit. This would go over Differential Privacy for training to resist membership/attribute inference, Federated Learning with Secure Aggregation to keep raw data local while learning across institutions, Confidential Computing for data in use protection at inference/training time, and Machine Unlearning to honor “right to be forgotten” events without full retrains. The aim is for attendees to leave with a minimal threat to control matrix, a rollout checklist and concrete patterns they can adopt in hospital or vendor environments. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/EAZZL7/ Talk 2 Anoop N. Snahil PUBLISH QNBEK7@@cfp.bsidespdx.org -QNBEK7 The Hardware Procurement Iceberg: A Framework For Keeping Embedded Research Fun, Cheap, and Ethical en en 20251025T133000 20251025T135000 0.02000 The Hardware Procurement Iceberg: A Framework For Keeping Embedded Research Fun, Cheap, and Ethical Any and all novice to intermediate hardware security researchers that want to improve their workflows by testing bugs/throwing PoCs at live physical targets. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/QNBEK7/ Talk 2 yltsi PUBLISH AJD8HP@@cfp.bsidespdx.org -AJD8HP Kidnapping a Library: How Ransomware Taught the British Library to Follow Well-Known Best Practices en en 20251025T140000 20251025T144000 0.04000 Kidnapping a Library: How Ransomware Taught the British Library to Follow Well-Known Best Practices This talk is for a general audience interested in understanding how a specific ransomware attack unfolded at a major cultural institution. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/AJD8HP/ Talk 2 Brian Myers PUBLISH XWLBHM@@cfp.bsidespdx.org -XWLBHM From Assistant to Adversary: When Agentic AI Becomes an Insider Threat en en 20251025T150000 20251025T152000 0.02000 From Assistant to Adversary: When Agentic AI Becomes an Insider Threat This is a technical presentation connecting concrete examples of generative AI system attacks to the ramifications viewed through the lense of agents as insider threats. While the audience doesn't need to have deep understanding of LLMs, the presentation will cover some basic aspects of how LLMs work and why that translates to gullibility, and give examples of agentic systems with dangerous agency. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/XWLBHM/ Talk 2 Jason Martin PUBLISH SD9L8Z@@cfp.bsidespdx.org -SD9L8Z Towards Agentic Incident Handling en en 20251025T153000 20251025T155000 0.02000 Towards Agentic Incident Handling Incident responders, threat analysts, threat researchers, SOC managers, and practitioners interested in the intersection of AI, agents, and security. PUBLIC CONFIRMED Presentation https://cfp.bsidespdx.org/bsidespdx-2025/talk/SD9L8Z/ Talk 2 Cristian Fiorentino PUBLISH FWLJ7B@@cfp.bsidespdx.org -FWLJ7B Capture The Flag (CTF) With Hints en en 20251025T110000 20251025T130000 2.00000 Capture The Flag (CTF) With Hints Short descriptions of some of our CTF exercises can be found at https://edurange.org/scenarios.html PUBLIC CONFIRMED Workshop https://cfp.bsidespdx.org/bsidespdx-2025/talk/FWLJ7B/ Workshop A Jens Mache Richard Weiss PUBLISH AX3LJT@@cfp.bsidespdx.org -AX3LJT Long range, cheap comms through Meshtastic en en 20251025T140000 20251025T160000 2.00000 Long range, cheap comms through Meshtastic PUBLIC CONFIRMED Workshop https://cfp.bsidespdx.org/bsidespdx-2025/talk/AX3LJT/ Workshop A Slava I. Maslennikov Ryan PUBLISH LRA3HH@@cfp.bsidespdx.org -LRA3HH Tabletop Exercises De-Cryptid en en 20251025T110000 20251025T130000 2.00000 Tabletop Exercises De-Cryptid Engineers seeking buy-in for their security recommendations, managers building team cohesion, leaders dusting off IR plans, or anyone who thinks work should be more fun (because, let’s face it, security is stressful). No prior exercise experience required - just bring your organization's context and a willingness to think like an adversary. Whether you're planning for 3 people or 30, this workshop offers the tools to create exercises that prepare your team for the inevitable. Please bring a laptop if possible. PUBLIC CONFIRMED Workshop https://cfp.bsidespdx.org/bsidespdx-2025/talk/LRA3HH/ Workshop B Chloe Tucker PUBLISH UJPGWQ@@cfp.bsidespdx.org -UJPGWQ Introductory firmware reverse engineering en en 20251025T140000 20251025T160000 2.00000 Introductory firmware reverse engineering The goal of this workshop is to introduce common reverse engineering principles to wide audience. Beyond C programming basics, no other experience is required to follow along. The target firmware is an RTOS running on an ARM application processor, but that doesn't matter. We will be relying on Ghidra and its decompiler as our main reverse engineering tool. PUBLIC CONFIRMED Workshop https://cfp.bsidespdx.org/bsidespdx-2025/talk/UJPGWQ/ Workshop B Aleks Nikolic