#bsidessea — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #bsidessea, aggregated by home.social.
-
4/
I've been thinking about #uncertainty from risk POV, & Doug Hubbard's concepts of calibrated estimators. My team does weekly calibrations for #estimating uncertainty. Listening to Choi-Greene talk about AI's certainty - confidently wrong, sometimes - I couldn't help but think that having calibrated, specific uncertainty on events, plans, projects, #technology would become MORE valuable in the future.
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
-
4/
I've been thinking about #uncertainty from risk POV, & Doug Hubbard's concepts of calibrated estimators. My team does weekly calibrations for #estimating uncertainty. Listening to Choi-Greene talk about AI's certainty - confidently wrong, sometimes - I couldn't help but think that having calibrated, specific uncertainty on events, plans, projects, #technology would become MORE valuable in the future.
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
-
4/
I've been thinking about #uncertainty from risk POV, & Doug Hubbard's concepts of calibrated estimators. My team does weekly calibrations for #estimating uncertainty. Listening to Choi-Greene talk about AI's certainty - confidently wrong, sometimes - I couldn't help but think that having calibrated, specific uncertainty on events, plans, projects, #technology would become MORE valuable in the future.
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
-
4/
I've been thinking about #uncertainty from risk POV, & Doug Hubbard's concepts of calibrated estimators. My team does weekly calibrations for #estimating uncertainty. Listening to Choi-Greene talk about AI's certainty - confidently wrong, sometimes - I couldn't help but think that having calibrated, specific uncertainty on events, plans, projects, #technology would become MORE valuable in the future.
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
-
4/
I've been thinking about #uncertainty from risk POV, & Doug Hubbard's concepts of calibrated estimators. My team does weekly calibrations for #estimating uncertainty. Listening to Choi-Greene talk about AI's certainty - confidently wrong, sometimes - I couldn't help but think that having calibrated, specific uncertainty on events, plans, projects, #technology would become MORE valuable in the future.
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
-
3/
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
Last year #BSidesSeattle, #llm / #genai / #agentic AI looked like hype that might blow over. This year acceptance, realistic / grounded direct topics.
Emily Choi-Greene's applying AI to Threat Modeling was a great kick off session. Best part was genAI's confidence - & the value of uncertainty.
-
3/
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
Last year #BSidesSeattle, #llm / #genai / #agentic AI looked like hype that might blow over. This year acceptance, realistic / grounded direct topics.
Emily Choi-Greene's applying AI to Threat Modeling was a great kick off session. Best part was genAI's confidence - & the value of uncertainty.
-
3/
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
Last year #BSidesSeattle, #llm / #genai / #agentic AI looked like hype that might blow over. This year acceptance, realistic / grounded direct topics.
Emily Choi-Greene's applying AI to Threat Modeling was a great kick off session. Best part was genAI's confidence - & the value of uncertainty.
-
3/
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
Last year #BSidesSeattle, #llm / #genai / #agentic AI looked like hype that might blow over. This year acceptance, realistic / grounded direct topics.
Emily Choi-Greene's applying AI to Threat Modeling was a great kick off session. Best part was genAI's confidence - & the value of uncertainty.
-
3/
@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security
Last year #BSidesSeattle, #llm / #genai / #agentic AI looked like hype that might blow over. This year acceptance, realistic / grounded direct topics.
Emily Choi-Greene's applying AI to Threat Modeling was a great kick off session. Best part was genAI's confidence - & the value of uncertainty.
-
#BSidesSeattle #BSidesSEA 2026 thoughts:
2/
Brian Myers' talk "Waking Up to AI: An Adventure in Governance" was fabulous. I heard him @ #BsidesPDX Oct on #British #Library #ransomware, so knew it'd be good.
The realistic, slow walk through for companies caught off guard by #AI and #LLMs - and the supply chain issues it brings up - reinforced the idea that weaknesses and strengths can be amplified by AI; leaving me wondering where are the brakes (so we can go fast).
-
#BSidesSeattle #BSidesSEA 2026 thoughts:
2/
Brian Myers' talk "Waking Up to AI: An Adventure in Governance" was fabulous. I heard him @ #BsidesPDX Oct on #British #Library #ransomware, so knew it'd be good.
The realistic, slow walk through for companies caught off guard by #AI and #LLMs - and the supply chain issues it brings up - reinforced the idea that weaknesses and strengths can be amplified by AI; leaving me wondering where are the brakes (so we can go fast).
-
#BSidesSeattle #BSidesSEA 2026 thoughts:
2/
Brian Myers' talk "Waking Up to AI: An Adventure in Governance" was fabulous. I heard him @ #BsidesPDX Oct on #British #Library #ransomware, so knew it'd be good.
The realistic, slow walk through for companies caught off guard by #AI and #LLMs - and the supply chain issues it brings up - reinforced the idea that weaknesses and strengths can be amplified by AI; leaving me wondering where are the brakes (so we can go fast).
-
#BSidesSeattle #BSidesSEA 2026 thoughts:
2/
Brian Myers' talk "Waking Up to AI: An Adventure in Governance" was fabulous. I heard him @ #BsidesPDX Oct on #British #Library #ransomware, so knew it'd be good.
The realistic, slow walk through for companies caught off guard by #AI and #LLMs - and the supply chain issues it brings up - reinforced the idea that weaknesses and strengths can be amplified by AI; leaving me wondering where are the brakes (so we can go fast).
-
#BSidesSeattle #BSidesSEA 2026 thoughts:
2/
Brian Myers' talk "Waking Up to AI: An Adventure in Governance" was fabulous. I heard him @ #BsidesPDX Oct on #British #Library #ransomware, so knew it'd be good.
The realistic, slow walk through for companies caught off guard by #AI and #LLMs - and the supply chain issues it brings up - reinforced the idea that weaknesses and strengths can be amplified by AI; leaving me wondering where are the brakes (so we can go fast).
-
Excellent #BSidesSeattle #BSidesSEA 2026. Unpacking a few thoughts:
1/
Super enjoyed "The Security Policy Rollout Survival Guide" by Maya Kaczorowski. Great talk! Wish it had been a 1 hour. She may mean something else but this is my take home:
1) who set the policy is who should enforce
2) a pilot project is actually a #decision, not #research. Treat it as such
These may not be #hot #new #information to others, but it really resonated with me. Thank you Maya! Great talk. -
Excellent #BSidesSeattle #BSidesSEA 2026. Unpacking a few thoughts:
1/
Super enjoyed "The Security Policy Rollout Survival Guide" by Maya Kaczorowski. Great talk! Wish it had been a 1 hour. She may mean something else but this is my take home:
1) who set the policy is who should enforce
2) a pilot project is actually a #decision, not #research. Treat it as such
These may not be #hot #new #information to others, but it really resonated with me. Thank you Maya! Great talk. -
Excellent #BSidesSeattle #BSidesSEA 2026. Unpacking a few thoughts:
1/
Super enjoyed "The Security Policy Rollout Survival Guide" by Maya Kaczorowski. Great talk! Wish it had been a 1 hour. She may mean something else but this is my take home:
1) who set the policy is who should enforce
2) a pilot project is actually a #decision, not #research. Treat it as such
These may not be #hot #new #information to others, but it really resonated with me. Thank you Maya! Great talk. -
Excellent #BSidesSeattle #BSidesSEA 2026. Unpacking a few thoughts:
1/
Super enjoyed "The Security Policy Rollout Survival Guide" by Maya Kaczorowski. Great talk! Wish it had been a 1 hour. She may mean something else but this is my take home:
1) who set the policy is who should enforce
2) a pilot project is actually a #decision, not #research. Treat it as such
These may not be #hot #new #information to others, but it really resonated with me. Thank you Maya! Great talk. -
Excellent #BSidesSeattle #BSidesSEA 2026. Unpacking a few thoughts:
1/
Super enjoyed "The Security Policy Rollout Survival Guide" by Maya Kaczorowski. Great talk! Wish it had been a 1 hour. She may mean something else but this is my take home:
1) who set the policy is who should enforce
2) a pilot project is actually a #decision, not #research. Treat it as such
These may not be #hot #new #information to others, but it really resonated with me. Thank you Maya! Great talk. -
Interesting. #Microsoft just forced #BSidesSEA to enforce ID verification with tickets 3 days before the event.
Refunds are available if you believe this could affect you by the fash or just bullshit.
-
Y'all
I had such an amazing experience at #BSidesSeattle this year.
That area's tech scene feels so alive.I wrote up some of my thoughts on the event.
-
"Learn the difference between 'helping' and being 'helpy'"
~ @wendynather at #BSidesSEA - this is very useful. Just pointing out that an article does not make a specific point you'd like to see is "helpy". Pointing out that many people already knew what an article states also does little for the world. Being actually helpful looks different & is more work. 1/2
-
A pain in the SaaS: Scalable Detection in the Age of Data Sprawl
Alan Braithwaite -
What Your Exposed APIs Are Leaking
Tristan Kalos -
Unpacking Session ID Security: Entropy, Encoding, and Math (Oh My!)
Jake Karnes -
The Day After 'Day One': A Security Leader's Guide to Surviving M&A Without Day Drinking
Hilary Young -
Human Fingerprints: Building Better Tabletop Exercises with Realistic Adversary Tradecraft
Chloe Tucker -
“If you’re in your comfort zone, you’re in the wrong role.”
“Lean into things that scare you - that’s how you grow.”
— @leisures -
Quantum Computing: The Coming Revolution in Security and Cryptography
Shalini Menon -
Really good talk from Heather Flanagan on a subject near to my heart:
Beyond Humans: The Event Horizon for Identity & Access Management -
#BSidesSeattle #BSidesSEA
Hardening GitHub Actions: Protecting your pipeline from attackers
Magno Logan -
"Learn the difference between 'helping' and being 'helpy'"
~ @wendynather at #BSidesSEA
(If all you are doing is pointing at things and saying "look I found all these problems" you're not helping, you're being helpy... Being "helpy" allows you to claim that you're part of the process and a valuable part of the team and it makes you visible in meetings but doesn't actually improve anything.)
-
Day Two of #BSidesSEA kicks off with @wendynather doing one thing she does like no other: delivering hard truths and hard days with soft words and soft smiles so that people will really listen.
Always love seeing her speak. 💚
-
Listen up. It’s Wendy Fucking Nather preaching what we need to hear about the security poverty line.
@wendynather here at #BsidesSEA lighting it up at 9AM for the keynote.
-
I am very glad to be here for the day 2 Keynote at #BSidesSeattle from the legendary Wendy Nather
Falling Off the Edge, And How to Help
-
My first time seeing @Tarah in person today at #bsidessea and she was a magnetic presenter though her topic was depressing (the state of everything is not Wheeler's fault obviously).
-
End of Day1 at #BSidesSeattle
How Attackers (or Red Teamers) navigate Azure using Key Vault Lateral Movement
Christiano Bianchet
-
There's No One Coming to Save Us: Small and Underfunded Organizations In An Age of Chaos
Tarah Wheeler -
Secure Your World in 2025!
By CISA employees Alexander Salazar Jr and RJ Niesen
-
Why Empathy is THE Critical (and Underrated) Cybersecurity Skill
From Ralph Hogaboom and Liz Lewis-Lee
-
Hey #BSidesSeattle
Anyone want to sing Karaoke tonight?!?!
A few of us are meeting up at Palmer's East around 8:30ish to socialize and sing together
If you are seeing this, you are invited :)7853 Leary Wy, Redmond, WA 98052
-
This talk by Vasilii Ermilov on Github Actions was pretty interesting among the morning bunch, wish I understood more about the scanning tools he was using to pull from HackerOne. #bsidessea
-
#BSidesSeattle #BSidesSEA
A Guide for Managing and Mitigating Insider Threats
Andrew Spottswood -
I have been looking forward to this session on one of my favorite topics:
Implementing SPIFFE for Zero Trust Multi-Cloud Workload Authentication
From Nivathan Athiganoor Somasundharam
-
That moment when someone tells you, "Whoa, you've gotta have the hardest t-shirt here!" and you gently correct them and let them know that as it turns out, in fact, "I think you'll agree, @wendynather has the hardest t-shirt here."
-
That moment when someone tells you, "Whoa, you've gotta have the hardest t-shirt here!" and you gently correct them and let them know that as it turns out, in fact, "I think you'll agree, @wendynather has the hardest t-shirt here."
-
That moment when someone tells you, "Whoa, you've gotta have the hardest t-shirt here!" and you gently correct them and let them know that as it turns out, in fact, "I think you'll agree, @wendynather has the hardest t-shirt here."
-
That moment when someone tells you, "Whoa, you've gotta have the hardest t-shirt here!" and you gently correct them and let them know that as it turns out, in fact, "I think you'll agree, @wendynather has the hardest t-shirt here."