#bsidessea — Public Fediverse posts

4/

I've been thinking about #uncertainty from risk POV, & Doug Hubbard's concepts of calibrated estimators. My team does weekly calibrations for #estimating uncertainty. Listening to Choi-Greene talk about AI's certainty - confidently wrong, sometimes - I couldn't help but think that having calibrated, specific uncertainty on events, plans, projects, #technology would become MORE valuable in the future.

@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security

3/

@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security

Last year #BSidesSeattle, #llm / #genai / #agentic AI looked like hype that might blow over. This year acceptance, realistic / grounded direct topics.

Emily Choi-Greene's applying AI to Threat Modeling was a great kick off session. Best part was genAI's confidence - & the value of uncertainty.

#BSidesSeattle #BSidesSEA 2026 thoughts:

2/

Brian Myers' talk "Waking Up to AI: An Adventure in Governance" was fabulous. I heard him @ #BsidesPDX Oct on #British #Library #ransomware, so knew it'd be good.

The realistic, slow walk through for companies caught off guard by #AI and #LLMs - and the supply chain issues it brings up - reinforced the idea that weaknesses and strengths can be amplified by AI; leaving me wondering where are the brakes (so we can go fast).

#infosec #cyber #security

Excellent #BSidesSeattle #BSidesSEA 2026. Unpacking a few thoughts:

1/

Super enjoyed "The Security Policy Rollout Survival Guide" by Maya Kaczorowski. Great talk! Wish it had been a 1 hour. She may mean something else but this is my take home:
1) who set the policy is who should enforce
2) a pilot project is actually a #decision, not #research. Treat it as such
These may not be #hot #new #information to others, but it really resonated with me. Thank you Maya! Great talk.

@bsidesseattle

Y'all
I had such an amazing experience at #BSidesSeattle this year.
That area's tech scene feels so alive.

I wrote up some of my thoughts on the event.

https://blog.gitguardian.com/bsides-seattle-2025/

#BSidesSEA

#BSidesSeattle #BSidesSEA

A pain in the SaaS: Scalable Detection in the Age of Data Sprawl
Alan Braithwaite

#BSidesSeattle #BSidesSEA

What Your Exposed APIs Are Leaking
Tristan Kalos

#BSidesSeattle #BSidesSEA

Unpacking Session ID Security: Entropy, Encoding, and Math (Oh My!)
Jake Karnes

The Day After 'Day One': A Security Leader's Guide to Surviving M&A Without Day Drinking
Hilary Young

#BSidesSeattle #BSidesSEA

Human Fingerprints: Building Better Tabletop Exercises with Realistic Adversary Tradecraft
Chloe Tucker

#BSidesSeattle #BSidesSEA

“If you’re in your comfort zone, you’re in the wrong role.”

“Lean into things that scare you - that’s how you grow.”
— @leisures

#BSidesSeattle #BSidesSEA

Quantum Computing: The Coming Revolution in Security and Cryptography
Shalini Menon

#BSidesSeattle #BSidesSEA

Really good talk from Heather Flanagan on a subject near to my heart:
Beyond Humans: The Event Horizon for Identity & Access Management

#BSidesSeattle #BSidesSEA

#BSidesSeattle #BSidesSEA
Hardening GitHub Actions: Protecting your pipeline from attackers
Magno Logan

I am very glad to be here for the day 2 Keynote at #BSidesSeattle from the legendary Wendy Nather

Falling Off the Edge, And How to Help

#BSidesSEA

End of Day1 at #BSidesSeattle

How Attackers (or Red Teamers) navigate Azure using Key Vault Lateral Movement

Christiano Bianchet

#BSidesSEA