Presentations / Talks
Security conferences and presentations are one of the best ways to learn from experienced researchers and stay current with emerging threats. Talks from events like DEF CON, Black Hat, BSides, OWASP AppSec, and NahamCon regularly introduce novel attack techniques, reveal real-world vulnerability chains, and share hard-won insights from years of security work.
Conference talks cover the full spectrum of application security — from beginner-friendly introductions to deep technical dives into specific vulnerability classes, tool development, and exploit chains. Many of the most impactful security techniques were first presented at conferences before becoming standard parts of the penetration testing toolkit.
Beyond the technical content, talks provide valuable context that blog posts and writeups often miss: the thought process behind finding a vulnerability, dead ends that were explored, and the methodology that led to a discovery. Watching a skilled researcher walk through their approach is one of the most effective ways to develop your own security intuition.
Most major security conferences publish their talks on YouTube, making this knowledge freely accessible to anyone. The resources collected here span application security, bug bounty, penetration testing, and security tooling.
This page collects notable security presentations, conference talks, and video resources from across the application security community.
| Date Added | Link | Excerpt |
|---|---|---|
| 2026-04-22 2026 | DEF CON 33 Talks - YouTube Playlist news | DEF CON 33 Talks - YouTube Playlist |
| 2026-04-22 2026 | DEF CON 33 Call Index news | Index of DEF CON 33 calls for content, detailing opportunities for hackers to submit proposals for contests, events, villages, talks, and workshops. The document encourages innovative ideas and passion, serving as a central hub for all open calls related to DEF CON 33 programming, including returning villages, contests, and communities. |
| 2026-04-22 2026 | Black Hat USA 2025 Briefings Schedule news | Black Hat USA 2025 Briefings Schedule → blackhat.com |
| 2026-04-22 2026 | Black Hat USA 2025 - YouTube Playlist news | Black Hat USA 2025 - YouTube Playlist |
| 2026-04-22 2026 | Black Hat Official YouTube Channel news | Black Hat Official YouTube Channel |
| 2026-04-22 2026 | DEF CON 33 AppSec Village news | DEF CON 33 AppSec Village |
| 2026-04-22 2026 | DEF CON 33 Aerospace Village Talk Schedule news | Talk schedule from DEF CON 33's Aerospace Village features discussions on vulnerability disclosure in aviation, spacecraft cybersecurity vulnerabilities, purple teaming for space-cyber training using frameworks like Moonlight Defender, challenges of targeted DDoS attacks on satellite networks and the HYDRA framework, red teaming space systems with a focus on attack surface and TTPs, hardware hacking for the AV badge utilizing radio SAO and signal processing, and generating Indicators of Behavior (IoBs) with the SPARTA framework through active exploitation of space systems. |
| 2026-04-22 2026 | About NDC Security 2026 news | About NDC Security 2026 |
| 2026-04-19 2026 | DEF CON 33 Hacking Conference 2025 — USF news | Survey of DEF CON 33 highlights, including the AI, Blue Team, Car Hacking, ICS, IoT, and Red Team villages. It mentions hands-on hacking of a Rivian van and truck, the DEF CON CTF competition, and DARPA's AI Cyber Challenge focused on critical infrastructure. Key talks included a discussion on AI and proprietary vs. open-source AI with Jeff "The Dark Tangent" Moss and General Paul M. Nakasone. |
| 2026-04-19 2026 | DEF CON 33 (2025) — Security.World news | DEF CON 33 (2025) — Security.World |
| 2026-04-19 2026 | What to Expect from BSides, Black Hat, and DEF CON 2025 news | Survey of 2025 Hacker Summer Camp previews, detailing expected content at BSides Las Vegas, Black Hat, and DEF CON. Topics include password cracking techniques, financial system security risks, AI vulnerabilities, Apple zero-days, Windows Hello bypasses, satellite exploits, and government cybersecurity policy. Specific sessions cover custom password cracking rigs, LLM vulnerability analysis in the DARPA AI Cyber Challenge, and car hacking demonstrations. The events also feature networking opportunities, hiring tracks, and capture-the-flag competitions. → theregister.com |
| 2026-04-19 2026 | DEF CON 2025 — Open Source Security Foundation news | DEF CON 2025 — Open Source Security Foundation |
| 2026-04-19 2026 | DEFCON Conference — Official YouTube news | DEFCON Conference — Official YouTube |
| 2026-04-16 2026 | XBOW at Black Hat & DEF CON: AI Agents for Offensive Security news | Presentation slides detailing the live application of XBOW, an autonomous penetration testing platform, against real targets at Black Hat and DEF CON, revealing dozens of vulnerabilities with proof-of-concept exploits. The materials also cover techniques for using AI agents to minimize false positives in offensive security and discuss the platform's journey through zero-day discoveries and bug bounty programs. |
| 2026-04-16 2026 | 5 Takeaways from Black Hat x DEF CON 2025 news | Survey of takeaways from Black Hat x DEF CON 2025, highlighting concerns around Shadow AI and agent-to-agent interactions, SIEM fatigue, practical AI use cases in SOC operations, the importance of clear vendor messaging, and the growing influence of trusted voices in security purchasing decisions. The report notes acquisitions like SentinelOne's purchase of Prompt Security and Palo Alto Networks' acquisition of Protect AI as indicators of the burgeoning AI security market. |
| 2026-04-16 2026 | Black Hat USA 2025 Briefings Schedule news | Black Hat USA 2025 Briefings Schedule → blackhat.com |
| 2026-04-16 2026 | Cybersecurity Slides Collection news | Collection of cybersecurity presentations covering topics such as OWASP Top 10, DevSecOps, cloud security (AWS, GCP), IaC with Terraform and Ansible, Docker, Kubernetes, Git, Linux commands, regular expressions, social engineering basics, cryptography, and secure coding principles, including secure code review and design principles. |
| 2026-04-16 2026 | DEF CON 33 Archive: Videos, Slides, and White Papers news | Archive of DEF CON 33 presentations, including videos, slides, and white papers. This extensive collection offers access to materials from various talks, village sessions, and contest results. It also features badge files, music, photos, and a downloadable receipt for expense reporting. |
| 2026-04-13 2026 | Marcus Hutchinsthe cybersecurity researcher best known for stopping the WannaCry ransomware attackoffers his perspectives on Mythos | The Cyber Security Hub news | Marcus Hutchins—the cybersecurity researcher best known for stopping the WannaCry ransomware attack—offers his perspectives on Mythos | The Cyber Security Hub™ https://ift.tt/LnpWNh0 |
| 2026-04-13 2026 | GitHub - schwartz1375/genai-security-training beginner AI | Library of self-paced training modules for red teaming GenAI and AI/ML systems, covering adversarial attacks, privacy breaches, model manipulation, and system-level exploits like prompt injection and jailbreaking. It includes hands-on labs, theoretical content, and practical demonstrations utilizing tools such as the Adversarial Robustness Toolbox (ART), TextAttack, and SHAP, while also referencing OWASP LLM Top 10 and MITRE ATLAS frameworks. |
| 2026-04-13 2026 | GitHub - schwartz1375/genai-essentials beginner AI | Library of Jupyter notebooks for Generative AI and Large Language Models, progressing from core concepts to advanced topics. It covers LLM security considerations, basic agent introduction, Retrieval-Augmented Generation with local data, vision-language models, and deep dives into agent patterns like ReAct and Plan-Execute. The collection also details Model Context Protocol integration for tool extensions and offers practical AI-assisted code review prompts. |
| 2026-04-10 2026 | BSidesSLC 2026 news | Conference proceedings from BSides SLC 2026, an OWASP BASC event scheduled for April 11, 2026, in Boston, MA. This event focuses on application security trends, featuring presentations and hands-on workshops. Submissions for talks and workshops, open November 1, 2025, and close January 11, 2026, are being accepted for tracks including Leadership, Research, and Developer, covering topics like AppSec strategy, OSS security threats, State of AI, and secure coding practices. Submissions are subject to a blind review process and will be disqualified if identified as AI-generated or containing self-identifying elements. |
| 2026-04-10 2026 | Approov Events and Conferences news | Reference list of upcoming mobile app security events and conferences featuring discussions on DevSecOps, mobile app hardening, and Supercharging Sideloaded App Protection under the Digital Markets Act, including a joint webinar with Quokka and presentations at Black Hat USA and NowSecure Connect. |
| 2026-04-10 2026 | OWASP Global AppSec USA 2025 - CFP news | Call for presentations for OWASP Global AppSec USA 2025, taking place November 6-7, 2025, in Washington, D.C. Submissions are open March 12, 2025, through June 24, 2025, for tracks including BUILDER/DEVELOPER, BREAKER/TESTER, DEFENDER/OPS, MANAGER/CULTURE, and OWASP PROJECT SHOWCASE. Submissions should focus on clear, actionable content, avoid AI generation or marketing pitches, and align with OWASP's blind review process. |
| 2026-04-10 2026 | OWASP Global AppSec EU 2025 - GenAI Focus news | Conference of cybersecurity experts focusing on Generative AI security, featuring the OWASP GenAI Security Project. Sessions will cover secure AI adoption, incident response, risks of autonomous AI agents, and scaling community-driven security initiatives. Specific topics include Agentic Security Risks and general GenAI project business tactics. → genai.owasp.org |
| 2026-04-10 2026 | OWASP Global AppSec EU 2025 (Barcelona) news | Conference photos capture the OWASP Global AppSec EU 2025 event held May 26-30 in Barcelona, featuring over 700 cybersecurity experts. The agenda included keynote presentations, six specialized tracks, an exhibitor hall, Meet the Mentor Program, OWASP Projects Demo Room, and a Capture the Flag challenge. Eleven hands-on training opportunities were available from May 26-28, focusing on advanced application security skills for builders, developers, breakers, defenders, and managers. |
| 2026-04-10 2026 | OWASP Global AppSec USA 2025 (Washington DC) news | Conference proceedings from OWASP Global AppSec USA 2025 in Washington D.C. cover application security through six curated tracks: builder/developer, breaker, defender, manager-culture, and OWASP Projects. The event features keynote speakers, interactive sessions, and opportunities for networking among over 800 security experts. → genai.owasp.org |
| 2026-04-10 2026 | OWASP Global & Regional Events news | Events hosted by OWASP offer application security professionals opportunities to network and enhance career skills. These include global conferences like OWASP Global AppSec EU and USA, alongside regional AppSec Days in locations such as Italy, Germany, France, and Israel. Events cover diverse topics including AI security and DevSecOps, often featuring expos, Capture the Flags, and career fairs. OWASP also partners with other major conferences to provide member benefits. → owasp.org |
| 2026-04-10 2026 | OWASP AppSec Days Developer Security Summit news | Summit information for the OWASP AppSec Days Developer Security Summit, detailing its purpose as an event page. The entry provides guidance on modifying front-matter elements like `layout`, `title`, and `tags` to accurately represent specific OWASP projects or chapters, encouraging the inclusion of news, screenshots, features, or supporter information to enrich the page content. → owasp.org |
| 2026-04-10 2026 | OWASP 25th Anniversary Virtual Conference news | Conference CFP for the OWASP Foundation's 25th Anniversary Virtual Event, featuring tracks on Planning and Design, Implementation, Testing, Deployment and Maintenance, and Process and Culture. Submissions are due November 30, 2025, for sessions in February and September 2026, with a focus on clear, novel content and tangible takeaways. |
| 2026-04-10 2026 | AppSec & Cybersecurity Events Calendar 2026: 60+ Conferences news | Calendar of 60+ AppSec and cybersecurity events for 2026, organized by region and industry, offering detailed insights into speakers, agendas, and registration. Specific events include OWASP Netherlands Chapter Meetup, CYBERUK focusing on AI and resilience, OffensiveCon Berlin for exploit development and reverse engineering, AppSec Israel with a focus on secure coding and supply chain security, CyberWiseCon Europe covering AI-driven threats and resilience, CyCon discussing cyber conflict and international law, Infosecurity Europe for vendor evaluation, and Area41 showcasing practitioner-driven exploitation techniques and malware analysis. |
| 2026-04-10 2026 | Annual Computer Security Applications Conference news | Annual Computer Security Applications Conference |
| 2026-04-10 2026 | GPSEC Cybersecurity Conference news | Talks from GPSEC cover application security, cloud security, insider threats, Zero Trust architecture, Identity & Access Management, endpoint and network security, and Governance, Risk & Compliance. These sessions explore secure coding practices, vulnerability assessment, cloud-native security tools, behavioral analytics, IAM trends like AI-driven authentication, advanced endpoint protection, and IT governance frameworks, offering insights for various IT and security professionals. |
| 2026-04-10 2026 | IEEE Symposium on Security and Privacy 2026 news | Symposium proceedings from the 47th IEEE Symposium on Security and Privacy (May 18-21, 2026) featuring novel research in computer security and privacy, including systematization of knowledge (SoK) papers. The event solicits original contributions on theory, design, implementation, analysis, and empirical evaluation of secure systems, with a focus on practical relevance. Accepted papers will be published open access and presented via short talks and poster sessions. The submission process includes public meta-reviews, interactive rebuttals, and strict guidelines on anonymity and overlap with prior work. |
| 2026-04-10 2026 | The Elephant in AppSec Conference news | Conference for challenging the status quo in Application Security. This virtual, free event, inspired by the "The Elephant in AppSec" podcast, brings together top experts for two days of bold opinions and quality discussions on hard-hitting AppSec topics. Prepare to address issues often left unsaid in the industry. |
| 2026-04-10 2026 | RSA Conference 2026 news | RSA Conference 2026 |
| 2026-04-10 2026 | Cybersecurity Conferences 2026-2027 news | Directory of cybersecurity conferences and InfoSec events from 2026-2027, listing prominent gatherings like Black Hat USA, RSA Conference, and DEF CON, alongside specialized events from vendors such as Cisco, SSH Communications Security, and Microsoft. The resource covers a wide array of topics, including AI security, application security, GRC, and endpoint security, with options for physical, hybrid, and webinar formats, and also facilitates event sponsorship matching and speaking opportunities. |
| 2026-04-10 2026 | NDC Security 2026 news | NDC Security 2026 |
| 2026-04-10 2026 | The Best Security Conferences & Events 2026 news | Conferences covering IAM, CTI, AI, and cloud security are detailed, including Gartner IAM Summit, Apres-Cyber Slopes Summit, and Gartner Security & Risk Summit. RSA Conference, IEEE Symposium on Security and Privacy, NICE Conference, and FIRST conference are also listed. Black Hat and DefCon offer insights into the latest InfoSec research, development, and trends, with hands-on trainings and briefings for security professionals. |
| 2026-04-10 2026 | LASCON – Lonestar Application Security Conference news | LASCON – Lonestar Application Security Conference |
| 2026-04-06 2026 | HTB COAE: Introducing the new standard for AI Red Teaming beginner | HTB COAE: Introducing the new standard for AI Red Teaming |
| 2026-04-06 2026 | AI Agent Security Masterclass: Attacking and Defending Autonomous AI Systems - DEF CON Training beginner | Training covers attacking and defending autonomous AI agents, focusing on building secure agents, exploiting weaknesses, and implementing defenses against prompt injection, excessive agency, tool misuse, and MCP-based supply chain attacks. Participants will learn about AI agent architecture, RAG security, threat modeling AI systems, and practical red-teaming exercises against vulnerable agents, culminating in defense strategies like least privilege, sandboxing, and robust prompt controls. |
| 2026-04-06 2026 | Hacking Android and IOT Apps by Example - DEF CON Training LV 2026 beginner Mobile | Workshop slides from DEF CON LV 2026 detail hands-on techniques for hacking Android and IoT applications, focusing on the OWASP Mobile Security Testing Guide (MSTG) and MASVS. Participants will learn static and dynamic analysis methods, advanced instrumentation with Frida, Objection, and radare2, and how to bypass common security controls like certificate pinning and root detection. The training covers identifying vulnerabilities through app analysis without device access, efficient exploitation, and leveraging open-source tools for mobile security testing. |
| 2026-04-06 2026 | Black Hat USA 2026 Training Schedule news | Black Hat USA 2026 Training Schedule → blackhat.com |
| 2026-04-03 2026 | Black Hat Briefings - Wikipedia news | Briefings from the Black Hat computer security conference offer insights into reverse engineering, identity, and privacy. Topics covered include talks by security experts like Robert Lentz and Amit Yoran, as well as training sessions from vendors such as Cisco Systems and Offensive Security. The conference also features an "Arsenal" segment where researchers demonstrate open-source security tools, with past demonstrations addressing vulnerabilities like the Conficker virus and ATM jackpotting. |
| 2026-01-29 2026 | (96) NahamSec - YouTube beginner | HACK THE PLANET!! Hi! I'm NahamSec. I think everyone can be a hacker and I'm on a mission to prove that! |
| 2025-08-14 2025 | Introducing the OWASP Nettacker Project - Speaker Deck beginner | Library for automating information gathering, vulnerability scanning, and penetration testing engagements. OWASP Nettacker generates scan reports for applications and networks, identifying services, bugs, vulnerabilities, misconfigurations, and default credentials, with the ability to chain different scan methods. This tool, showcased at BlackHat Europe 2018 Arsenal, assists pentesters in their engagements. |
| 2025-08-14 2025 | Gibler - An Opinionated Guide to Scaling Your Company's Security - Google S beginner | The content provided is a title mentioning "Gibler - An Opinionated Guide to Scaling Your Company's Security - Google S." It appears to be a guide or resource focused on helping companies scale their security measures. The mention of "Google S" may suggest a connection to Google or a specific security initiative within Google. The content seems to emphasize the importance of enhancing security practices within a company as it grows and expands, possibly offering opinionated insights and recommendations on how to effectively manage and scale security measures. → docs.google.com |
| 2025-08-14 2025 | Frans Rosén Keynote at BSides Ahmedabad - YouTube beginner | Frans Rosén delivered a keynote speech at BSides Ahmedabad, which is available on YouTube. The content likely includes insights, information, or perspectives shared by Frans Rosén during the keynote address at the event. Viewers can watch the video to gain knowledge or understanding of the topics discussed by Frans Rosén at BSides Ahmedabad. |
| 2025-08-14 2025 | OWASP Videos beginner | The content is concise and simply states "OWASP Videos," indicating that there are videos related to the Open Web Application Security Project (OWASP). OWASP is a non-profit organization focused on improving software security. The videos likely cover various topics related to web application security, such as best practices, vulnerabilities, and tools. Viewers can expect educational content on how to secure web applications and prevent security breaches. |
| 2025-08-14 2025 | The security phoenix - from the ashes of DEV-OPS Appsec California 20… news | The content seems to discuss the concept of security rising like a phoenix from the challenges faced in the realm of DevOps and application security at the Appsec California 2020 event. It likely explores how security measures can evolve and improve despite setbacks, drawing parallels to the mythical phoenix that rises from its ashes. The content may delve into strategies for enhancing security practices in the context of DevOps and application security. → slideshare.net |
| 2025-08-14 2025 | (186) @Jhaddix Talks About Defcon, Burp Suite, Hacking, Bug Bounties and Ho news | The content discusses @Jhaddix's insights on Defcon, Burp Suite, hacking, bug bounties, and more in a concise manner. It likely covers topics related to cybersecurity, ethical hacking, and bug bounty programs. The content may provide valuable information and perspectives on these subjects from @Jhaddix's expertise. |
| 2025-08-13 2025 | AI Mastery for Cybersecurity Professionals beginner AI | Bundle of 10 EC-Council courses for cybersecurity professionals, covering AI-driven threat detection, bug bounty hunting using LLMs, network security, and defending against generative AI attacks like phishing and deepfakes. The courses provide hands-on skills for automating detection, strengthening defenses, and enhancing cyber intelligence, with practical applications using tools like Nuclei, HTTPX, Postman, and ChatGPT, and includes modules on LLM pentesting and crafting AI policies. |
| 2025-04-30 2025 | #burp #pentest #ai #hackerassociate #cybersecurity #infosec… | Harshad Shah intermediate AI Burp | Setting Up #Burp MCP Server on Claude Desktop #Pentest Modern App with #Ai ⇢ Learn how to set up a 𝗕𝘂𝗿𝗽 𝗠𝗖𝗣 𝗦𝗲𝗿𝘃𝗲𝗿 on your 𝗖𝗹𝗮𝘂𝗱𝗲 𝗱𝗲𝘀𝗸𝘁𝗼𝗽 in this easy-to-follow tutorial. ⇢ Get your server up and... |
| 2025-03-14 2025 | Stop Confusing Privacy & Anonymity (and Security) beginner | Stop Confusing Privacy & Anonymity (and Security) |
| 2025-01-23 2025 | Global AppSec San Francisco 2024 news | OWASP Global AppSec US Conference alongside 1200+ cybersecurity experts from September 23-27 at the Hyatt Regency San Francisco in San Francisco, CA. https:/... |
| 2025-01-04 2025 | [SEI' 24] Modern Systems Programming: Rust and Zig - Aleksey Kladov intermediate | Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube. |
| 2024-11-25 2024 | Vxcon2024 workshop news Mobile | Vxcon2024 workshop |
| 2024-11-13 2024 | [HackerNotes Ep.95 & Ep.96] Cookies, Caching & Attacking Chrome Extensions with MatanBer intermediate XSS | Library detailing attacks against Chrome Extensions, covering their components like content scripts, service workers, extension pages, and manifest files. It explains how to gain access to extension source code, identifies attack vectors for content scripts including DOM injection and clickjacking, and discusses attacking extension pages and service workers via misconfigurations in `web_accessible_resources` and `externally_connectable`. The entry also touches on debugging techniques and includes references to Heroctf-v6 writeups concerning cache API and service worker research. |
| 2024-08-18 2024 | media.defcon.org beginner | All DEF CON video presentations, music, documentaries, pictures, villages, and Capture The Flag data that can be found. |
| 2024-08-03 2024 | Testing Handbook - Burp beginner Burp | Watch the recording Testing Handbook: Burp Suite Professional https://appsec.guide → docs.google.com |
| 2023-09-22 2023 | IDOR - how to predict an identifier? Bug bounty case study intermediate Bug Bounty IDOR | IDOR - how to predict an identifier? Bug bounty case study https://www.youtube.com/watch?v=wx5TwS0Dres |
| 2023-09-22 2023 | How to turn SQL injection into an RCE or a file read? Case study of 128 bug bounty reports intermediate Bug Bounty RCE SQLi | How to turn SQL injection into an RCE or a file read? Case study of 128 bug bounty reports https://www.youtube.com/watch?v=ClnVdYf4PK0 |
| 2023-09-09 2023 | Def%20 con%2031%20 %20 living%20 next%20 door%20to%20 russia%20 %20 mikko%20 hypponen beginner | https://ift.tt/PRZSs4f |
| 2023-09-02 2023 | Irit Katriel- opening keynote: Error Handling: From Charles Babbage to Python 3.11 beginner | Irit Katriel- opening keynote: Error Handling: From Charles Babbage to Python 3.11 https://www.youtube.com/watch?v=rKBKHVvXuUI |
| 2023-08-13 2023 | Talks beginner | Talks https://ift.tt/BTwWGse |
| 2023-08-13 2023 | onhexgroup/Conferences beginner | onhexgroup/Conferences https://ift.tt/WTvdXC3 |
| 2023-08-13 2023 | Black%20 hat%20 usa%202023%20slides beginner | https://ift.tt/7qaLEAH |
| 2023-05-29 2023 | Slides: GraphQL Hacking intermediate GraphQL | Slides: GraphQL Hacking https://ift.tt/oLqt1GD |
| 2022-02-27 2022 | Favorite tweet by @ZAProxyCon beginner Bug Bounty | Favorite tweet: You're invited to #ZAPCon 2022! ⚡️ Whether you are just getting started, or have a decade of experience with ZAP, ZAPCon will level-up your AppSec skills. 100% Virtual. 100% Free! 🎟️ ... |
| 2022-01-13 2022 | Roadmap for learning smart contract security beginner | Roadmap for learning smart contract security |
| 2022-01-11 2022 | Open-Source Intelligence (OSINT) in 5 Hours - Full Course - Learn OSINT! beginner OSINT | Open-Source Intelligence (OSINT) in 5 Hours - Full Course - Learn OSINT! |
| 2021-12-07 2021 | Owasp bucharest 2017 antukh news | Owasp bucharest 2017 antukh → owasp.org |
| 2021-11-24 2021 | Fuzzing with Scapy: Introduction to Network Protocol Fuzzing beginner Fuzzing | Fuzzing with Scapy: Introduction to Network Protocol Fuzzing |
| 2021-09-07 2021 | Dan Miessler Talks About Recon/Automation Seclists Certifications Mental Health & More! news Recon | Dan Miessler Talks About Recon/Automation Seclists Certifications Mental Health & More! |
| 2021-08-21 2021 | The Scariest Things We Saw at Black Hat 2021 news Bug Bounty | The Scariest Things We Saw at Black Hat 2021 |
| 2021-08-14 2021 | DEFCONConference news | DEFCONConference |
| 2021-05-21 2021 | DevSecCon Global May news | Talks from DevSecCon Global May 2021 cover AI-driven application security, including AI-native tools for untethered development, agent sandboxes, CI/CD scans, and secure voice-to-code workflows. Sessions detail building AI-powered security scanners for community projects, implementing Zero Trust with deception engineering using "MCP Threat Trap" honeypots on Cloudflare Workers, and securing Model Context Protocol (MCP) servers for LLM integration. Experts discuss securing development at AI speed with Snyk, navigating AI's societal readiness, and building production-ready MCP infrastructure with Ragie, addressing challenges like OAuth, SDK fragmentation, and threats like tool poisoning and prompt injection. |
| 2021-05-20 2021 | CircleCityCon 8.0: Happy Little Conference news | CircleCityCon 8.0, themed "Happy Little Conference," was a cybersecurity event. Details on specific talks, workshops, or challenges are not provided in the title. The content does not mention any bug bounty payouts. |
| 2020-01-31 2020 | OWASP Videos beginner | The OWASP Foundation hosts videos on its website to educate about software security. OWASP is a nonprofit organization dedicated to enhancing software security. |
| 2020-01-31 2020 | Purple is the new black: Modern Approaches to Application Security beginner | The content discusses modern approaches to application security, highlighting the concept that "purple is the new black." This phrase implies a shift towards a more comprehensive and integrated approach to security that combines traditional blue team (defenders) and red team (attackers) strategies. By adopting a "purple team" mindset, organizations can enhance their security posture by fostering collaboration between defensive and offensive security teams to better protect against cyber threats. → slideshare.net |
Frequently Asked Questions
- Where can I watch security conference talks?
- Most major conferences publish talks on YouTube. Search for DEF CON, Black Hat, BSides, OWASP AppSec, NahamCon, and Bugcrowd LevelUp channels. Many conferences also post slides on their websites or speakers share them on their personal sites and social media.
- What are the best security conferences for beginners?
- BSides events (free or low-cost, held worldwide) and OWASP chapter meetings are excellent starting points. NahamCon (virtual, free) focuses on bug bounty and practical security. Wild West Hackin' Fest offers beginner tracks. For self-study, the DEF CON 101 track and PortSwigger's recorded workshops are highly recommended.
- How do security talks help with bug bounty hunting?
- Conference talks often reveal new attack techniques months before they become widely known, giving early adopters an advantage. Speakers share their methodology, tools, and thought processes — not just the final vulnerability. Understanding how experienced researchers approach targets helps develop your own hunting intuition.
Weekly AppSec Digest
Get new resources delivered every Monday.