BSidesNYC 2024: A Free Cybersecurity Conference Like No Other

Professionals attend a cybersecurity conference.

Get ready for BSidesNYC 2024, a cybersecurity conference like no other! Powered by volunteers and driven by community spirit, this free event offers a high-octane mix of workshops, challenges, and talks from leading experts. Whether you’re a red teamer, blue teamer, or a cybersecurity entrepreneur, BSidesNYC has something for everyone, with five tracks of content, Capture the Flag competitions, hands-on activities, and so much more.

What You Need to Know

  • Date & Time 8:00 AM – 5:00 PM, John Jay College of Criminal Justice, 524 W 59th St., New York, NY.
  • Completely Free: Enjoy world-class cybersecurity content at no cost, with an option to support the event through donations.
  • Workshops: Dive into interactive workshops, like building Burp Suite extensions or mastering GenAI pentesting.
  • Capture the Flag (CTF): Take part in exciting CTF challenges that test both your offensive and defensive skills.
  • Villages: Learn new skills like lockpicking, soldering, and explore community-driven cybersecurity initiatives.

Keynote Highlights

Nick Coblentz – Supercharge Burp Suite with Kotlin

  • Why Attend: Get under the hood of Burp Suite as Nick Coblentz shows how to build custom extensions using Kotlin. This session is packed with real-world examples and a newly released open-source library to help you optimize your pentesting toolkit. Perfect for red teamers who want to streamline their work and solve complex challenges faster.
  • Bio: With over 15 years of experience in application penetration testing, Nick Coblentz is an expert in his field. He leads Virtue Security’s Application Penetration Team and actively contributes to the security community as a volunteer moderator for PortSwigger’s Discord server.

Lydia Stepanek – Making Anti-Phishing Tools for Everyone

  • Why Attend: Not all cybersecurity tools are accessible, but Lydia Stepanek is changing that! She’ll walk you through the journey of building an easy-to-use anti-phishing plugin that made waves by landing on Google Workspace’s Top Rated page. Learn from her successes and setbacks as she shares key insights into creating accessible security solutions for the masses.
  • Bio: Lydia is the Owner and Lead Engineer at Pen Loop Consulting, with a background in DevOps and software engineering at companies like MongoDB. Her cybersecurity blog has made headlines, and she’s passionate about making the internet safer for everyday users.

Ante Gojsalić – Mastering GenAI Pentesting

  • Why Attend: Get ready for a no-holds-barred workshop that takes you from zero to hero in evading GenAI application defenses. Ante Gojsalić will guide you through real-world hacking scenarios, teaching you how to identify and exploit weaknesses in GenAI systems. Bring your laptop for some hands-on hacking action at this cybersecurity conference session!
  • Bio: Ante Gojsalić is the Co-Founder and CTO of SplxAI, a fast-growing startup in GenAI security. With over a decade of experience in software development, Ante is a rising star in cybersecurity, working on projects for giants like Ford and GM.

May Brooks – Selling Cybersecurity: How to Get Buy-In

  • Why Attend: Whether you’re pitching to executives or explaining risks to non-technical stakeholders, communication is key in cybersecurity. May Brooks will teach you how to frame your message in ways that resonate, helping you secure buy-in and drive action. If you’ve ever struggled to get leadership on board with your cybersecurity initiatives, this talk is for you.
  • Bio: As the CEO and Founder of Helena, May Brooks has an extensive background in cybersecurity, serving as a CISO, consultant, and mentor. She’s also a board member of ISC2 and a co-author of CISSP courses.

DevSecYoad – Decoding Supply Chain Attacks: XZ Backdoor

  • Why Attend: Supply chain attacks are one of the biggest threats in cybersecurity, and DevSecYoad will break down how these attacks work, using real-world examples like the XZ backdoor. Learn the difference between vulnerabilities and full-scale attacks, and how you can defend against them using frameworks like NIST SSDF and OWASP.
  • Bio: DevSecYoad is the Co-Founder and CEO of Myrror Security, specializing in supply chain security. With 14 years of experience in DevOps and a key role in Microsoft’s response to the SolarWinds attack, DevSecYoad is a leading voice on defending against these complex threats.

The Bottom Line

BSidesNYC 2024 promises to be a game-changing cybersecurity conference, offering cutting-edge knowledge, hands-on challenges, and a thriving community atmosphere. Whether you’re looking to deepen your skills, network with industry leaders, or simply geek out over the latest tech, this is the event you can’t afford to miss. Register now and be part of the future of cybersecurity!