Event Details
Saturday, 12th July 2025
Time left:
Schedule
Please note this schedule is still in a draft state and is subject to change.
| Time | Track 1
Kelsy Luengen
|
Track 2
Nick Young
|
|---|---|---|
| 08:00 |
Doors and Check In Open
All Day
Doors and Check In OpenWelcome to BSides Brisbane! Head to the registration desk to check in, grab your badge, and collect your conference t-shirt. Coffee and tea will be available at the Cafe, so feel free to network with fellow attendees before the opening session. |
|
| 08:45 |
Welcome to BSides Brisbane & Opening
15 mins
Welcome to BSides Brisbane & OpeningJoin us for the official opening of BSides Brisbane 2025. We'll kick off the day with a brief welcome, run through the schedule, and cover everything you need to know to make the most of your conference experience. |
|
| 09:00 |
Bypassing Intel CET with Counterfeit Objects
Thomas Pitt
30 mins
Bypassing Intel CET with Counterfeit ObjectsPresented by: Thomas Pitt Speaker BioThomas Pitt is a senior security researcher at Microsoft on the GHOST team. His background is in both offensive and defensive security, with experience spanning from serving as a cyber specialist in the Australian Army, to roles at ParaFlare and Thales. Talk SummaryIntelβs Control-Flow Enforcement Technology (CET) provides hardware-assisted control-flow integrity for x86 processors. Despite its effectiveness, some techniques can bypass CETβs protections. This presentation will explore Counterfeit Object-Oriented Programming (COOP) to bypass the Intel CET Shadow Stack, using a Chrome sandbox escape targeting the SwiftShader software renderer within the GPU process as a case study. |
|
| 09:15 | ||
| 09:30 |
Breaking and Defending Entra ID: Recon, Privilege Escalation, and Real-World Attack Paths
Cameron Fairbairn
60 mins
Breaking and Defending Entra ID: Recon, Privilege Escalation, and Real-World Attack PathsPresented by: Cameron Fairbairn Speaker BioCameron Fairbairn is a cyber security architect and the CTO of Proaxiom Cyber. With 28 years in IT and 15 years specialising in cyber security, he has extensive experience in offensive and defensive security, cloud security, and security operations. Cameron is passionate about practical security implementations and adversary-centric defense strategies. Talk SummaryThis presentation explores the attack surface of Microsoft Entra ID, demonstrating how adversaries can enumerate, exploit, and escalate privileges in cloud and hybrid environments. We will walk through real-world attack chains and outline effective mitigation strategies to strengthen Entra ID security. |
Developer centric security: AppSec for 2025 and beyond
Ben Gittens
30 mins
Developer centric security: AppSec for 2025 and beyondPresented by: Ben Gittens Speaker BioBen Gittens is a software developer and security champion with a passion for bridging the gap between development and security teams. He has extensive experience in building and securing large-scale applications and is an advocate for DevSecOps principles. Talk SummaryApplication security is often seen as a roadblock for developers. This talk explores a new paradigm for AppSec that puts developers at the center, empowering them with the tools and knowledge to build secure applications from the start. We will look at emerging trends and technologies that will shape the future of application security. |
| 09:45 | ||
| 10:00 |
Do not obey in advance Cyber Security in the Fight Against Techno-Authoritarianism
Dr Joel Panther
30 mins
Do not obey in advance Cyber Security in the Fight Against Techno-AuthoritarianismPresented by: Dr Joel Panther Speaker BioJoel is a cyber security researcher, penetration tester, and educator with over 15 years' experience in system administration, security, and consulting. His PhD produced a framework for designing dynamically generated penetration testing laboratories, and his current research focuses on offensive security skills development. Talk SummaryThis talk covers real-world examples where encryption, anonymity tools, and similar technologies have helped activists, journalists, and citizens evade state surveillance and censorship. Discussion and case studies highlight how digital resistance strategies have been used to counter oppression. |
|
| 10:15 | ||
| 10:30 |
Morning Tea
30 mins
Morning TeaIt's time for a morning tea break! While food is not provided, there are many excellent cafes and restaurants just a short walk from the conference venue. Explore the local area and enjoy a well-deserved break. |
|
| 10:45 | ||
| 11:00 |
Shadow of a Doubt - A Deep-Dive into Shadow OT
Rhiana Cooke
30 mins
Shadow of a Doubt - A Deep-Dive into Shadow OTPresented by: Rhiana Cooke Speaker BioRhiana is a Cyber Security Specialist and Mechatronics Engineer with a passion for OT security. As an OT Cyber Security Architect at Secolve, she has worked in both mining and manufacturing, gaining experience with control systems, mobile equipment, and cyber security operations. Talk SummaryThis talk will highlight why shadow OT is one of the most prevalent cyber issues in the field. Iβll walk through why shadow OT is being deployed, the methods used for its detection, and share real-world examples of incidents Iβve worked on. |
Pretty Privilege β How Pleasing Words and Visuals Will Help You Get Ahead.
Abby & Alex
60 mins
Pretty Privilege β How Pleasing Words and Visuals Will Help You Get Ahead.Presented by: Abby & Alex Speaker BioAbby is a Senior GRC specialist at Division 5 and has been in cyber security for 5 years. Her job is to help clients ensure they have safe and resilient environments via risk assessments, tabletop exercises, and Essential Eight audits. In addition to her work at Division 5, Abby has been a university lecturer, is a whiz at PowerPoint, and loves a good board game. Alex is a freelance writer and editor across a variety of industries including travel, fashion and lifestyle, and cyber security. Her work in cyber has seen her editing hundreds of reports across offensive, defensive, and strategy assessments. She is passionate about words, loves an Oxford comma, and can't get enough of romance novels. Talk SummaryIn an industry full of technical excellence, complex problem solving, and ever-evolving attack methods, reports, presentations, business cases, and other documentation can seem like an afterthought or a boring admin function. However, paying attention to the words and visuals you use when talking to clients, industry peers, or your boss can enhance the impact of your communication and deliver a much more powerful narrative. Our talk will outline why presentation is important, who should care, and how to take your work to the next level, so you can reap the benefits of pretty privilege. |
| 11:15 | ||
| 11:30 |
Deception in Depth Mindset; How to capture an APT
Brent Muir
30 mins
Deception in Depth Mindset; How to capture an APTPresented by: Brent Muir Speaker BioBrent has over 18 years of experience in the cyber security industry. After 12 years in Australian government and law enforcement leading national cyber teams, he led the global digital forensics and incident response team for a Fortune 500 bank. Talk SummaryThis session will introduce the strategy of designing and deploying deception strategies across your environments by leveraging the Mitre Engage adversarial framework. A real-world case study will demonstrate how to implement a deception strategy geared towards the adversaries targeting your organisation. |
|
| 11:45 | ||
| 12:00 |
Lunch
60 mins
LunchIt's time for a lunch break! While lunch is not provided, there are many excellent cafes and restaurants just a short walk from the conference venue. Explore the local area and enjoy a well-deserved break. |
|
| 12:15 | ||
| 12:30 | ||
| 12:45 | ||
| 13:00 |
Threat Hunting with Better Data Visualisation
Tatsuya Hasegawa
30 mins
Threat Hunting with Better Data VisualisationPresented by: Tatsuya Hasegawa Speaker BioTatsuya Hasegawa is a threat hunter and data visualisation developer with an extensive list of security certifications. He is a board member of the ISACA Nagoya Chapter, a committee member of the SECCON Open Conference, and a contributor to the open-source project msticpy. Talk SummaryThis session offers best practices for threat hunting with data visualisation. Tatsuya will discuss the challenges of typical SIEM dashboards and introduce more effective approaches, including advanced charts and custom visualisations. Using a practical example with a public dataset, he will demonstrate how to build a unique hunting dashboard and provide attendees with the next steps to level up their threat hunting skills. |
Beyond Passwords: The Present and Future War on Your Online Identity
Sam Gillespie
60 mins
Beyond Passwords: The Present and Future War on Your Online IdentityPresented by: Sam Gillespie Speaker BioCurrently a leader in Identity Defense at Okta, Sam Gillespie brings a unique perspective from his background in game development, where he contributed to Fruit Ninja. He later blended game design with data science at Arkose Labs to create state-of-the-art bot detection solutions. With a decade on the front lines of cyber security, Sam is known for his fast-paced and approachable delivery. Talk SummaryEver wonder why password breaches are still so common? This talk exposes the shocking economics behind credential stuffing attacks and how easy it is for bad actors to profit. Weβll explore the industryβs fight back, from bot detection to Passkeys, and dive into the looming shift towards an βidentified webβ to see how emerging tech like generative AI could either secure or undermine our digital future. |
| 13:15 | ||
| 13:30 |
Fortify Your WordPress: Essential Security Strategies to Keep Hackers Out!
Adriana
30 mins
Fortify Your WordPress: Essential Security Strategies to Keep Hackers Out!Presented by: Adriana Speaker BioWith over a decade of experience in IT development, systems administration, and cyber security, Adriana specialises in managing complex IT projects, ensuring software security, and maintaining system integrity. She is a committed member of the OWASP community, contributing to the continuous improvement of secure software practices. Talk SummaryThis talk covers essential security practices for WordPress, including strong authentication, regular updates, and proactive defenses. We will discuss key security threats like brute force attacks, SQL injection, and malware, and explore advanced protection techniques to keep your site safe. |
|
| 13:45 | ||
| 14:00 |
SkyJACKER: Why SDR is more Dangerous than Nail Clippers
Ryan Williams
30 mins
SkyJACKER: Why SDR is more Dangerous than Nail ClippersPresented by: Ryan Williams Speaker BioRyan 'D8RH8R' Williams is a hacker, researcher, and builder of systems that weren't meant to exist. He spends his time reverse-engineering technology, exploring communication networks, and crafting bespoke offensive hardware. His work spans offensive security, adversarial R&D, and privacy consulting. Talk SummaryThis talk explores how modern aviationβs reliance on insecure systems turns the skies into a playground for those who know where to listen. From ADS-B tracking to ACARS manipulation, this session will break down how software-defined radio (SDR) allows for passive eavesdropping, real-time aircraft spoofing, and unexpected attack surfaces. |
Planning a pentest: A Data-Driven Approach
Johannes Van Der Merwe
30 mins
Planning a pentest: A Data-Driven ApproachPresented by: Johannes Van Der Merwe Speaker BioJohan is a cybersecurity leader with over 19 years of experience, a Masters degree in Control Engineering, a certificate in applying disruptive technologies for business applications from MIT Sloan school of Management and a graduate from an executive management program from the Gordon Institute of Business Science. He has spent about 9 years in senior leadership roles, incl the roles of CISO and Head of Security Advisory for Orange Cyberdefense ZA and leader of the next-generation Threat and Risk Assessments for BDO Australia. He describes himself as the glue, to bridge the gap between technical expertise and business outcomes, and has led global teams to that affect in tackling some complex cyber challenges with practical, results-driven solutions. From advising executives on risk and resilience to building high-performing security practices that span continents, his focus is providing the right people with effective, actionable intelligence. Talk SummaryUsing data from prior pentest reports to inform your penetration testing plan. We take the findings in the CyberCX hack report and show how a security manager (like CISOβs, CSOβs, ISMS Managers, etc) can use that to build an understanding which could inform their testing approach in the same way lists and frameworks currently do (e.g. OWASPβs top 10 list for API and web application vulnerabilities, and MITREβs ATT&CK framework):
|
| 14:15 | ||
| 14:30 |
Afternoon Tea
30 mins
Afternoon TeaIt's time for an afternoon tea break! While food is not provided, there are many excellent cafes and restaurants just a short walk from the conference venue. Explore the local area and enjoy a well-deserved break. |
|
| 14:45 | ||
| 15:00 |
Better AppSec through better DevEx
Daniel Ting
45 mins
Better AppSec through better DevExPresented by: Daniel Ting Speaker BioDan has over a decade of experience in IT and cyber security, covering a broad range of specialist technical and leadership roles. Prior to CyberCX, these include roles such as Head of Product, Human-centred Designer, Solutions Architect, Project Manager, Systems Administrator, an AppSec and Product Security educator, a senior security architect, a penetration tester and a data science researcher. Today at CyberCX, as a technologist, they leverage their diverse experiences to sherpa and help all roles in engineering teams build safer, more trustworthy, and secure products balancing business, experience, and technical needs. They also have presented at various security conferences including DefCon, BSides Melbourne, and Christchurch Hacker Conference, on various security topics. But at the end of the day, they are just a nerd learning and sharing knowledge to make our community a safer place. Talk SummaryGood developer experience and cyber security, almost sounds like oxymorons together. But, is it really? How can we make both better, together? We will explore how we can both improve our developer experience and application security together. How application security and the developer experience overlap, and practical steps that weβve observed to have outsized impact on improving both AppSec and DevEx together, that you can take back to your teams and start doing today. |
Beyond Identity: The Future of Trust, Attestation, and Assurance
Adam Aurisch
45 mins
Beyond Identity: The Future of Trust, Attestation, and AssurancePresented by: Adam Aurisch Speaker BioAdam Aurisch is the Manager for Information Security and IAM at QUT, with a wealth of experience implementing cutting-edge IAM solutions across public and private sectors. He has played a pivotal role in major global identity projects with organizations like Mastercard ID Services and RealMe in New Zealand, and is committed to balancing robust security with user-centric design. Talk SummaryJoin Adam Aurisch as he explores the intersection of Self-Sovereign Identity (SSI) and enterprise IAM practices. Drawing from extensive experience across public and private sectorsβincluding projects with Mastercard ID Services and RealMe in New ZealandβAdam will share practical insights into integrating modern identity solutions within complex environments. |
| 15:15 | ||
| 15:30 | ||
| 15:45 |
From Head Tattoos to Malware: A History of Steganography
James Bannan
30 mins
From Head Tattoos to Malware: A History of SteganographyPresented by: James Bannan Speaker BioJames is a Principal Consultant with CyberCX specialising in Microsoft Azure architecture, security, and automation with over 25 years of industry experience. He is a published author, a former Microsoft MVP, and a current Microsoft Certified Trainer. Talk SummaryThis presentation traces the fascinating history of steganography, from ancient methods like hidden tattoos to modern digital techniques. It explores its applications in both cyber security and cybercrime, examining the ongoing battle between secrecy and detection in the digital age. |
The importance of threat modelling, and how to get started
Heath Moodie
30 mins
The importance of threat modelling, and how to get startedPresented by: Heath Moodie Speaker BioHeath Moodie is a Senior ICS Threat Intelligence Analyst for Dragos APAC. A 5-year RAR veteran and strategy nerd, he is passionate about Cyber Threat Intelligence and its practical application. Talk SummaryThis talk will help you understand the core questions to ask when starting a CTI capability, why you should use simple threat models, how to build out your first threat model, and provide actionable templates for getting started in βHelping to understand and solve problemsβ. |
| 16:00 | ||
| 16:15 |
Novel Threats & Nation States: Mastering the ABC'S of Incident Response
DJ
45 mins
Novel Threats & Nation States: Mastering the ABC'S of Incident ResponsePresented by: DJ Speaker BioDylan is a cyber security leader specialising in digital forensics, incident response, and security advisory. He has spent the last 8 years helping some of the world's leading brands investigate, respond to, and recover from cyber incidents. He actively contributes to open-source projects and has contributed to the MITRE ATT&CK framework. Talk SummaryThis session will take you through the βABCsβ of incident response: identifying compromised Accounts, uncovering hidden Backdoors, and detecting suspicious Command & Control (C2) infrastructure. Using a real-world scenario, I will highlight how a nation-state adversary was detected operating in the shadows of a compromised environment. |
Rolling the Risk Dice with GenAI: Early Bets and Emerging Insights
Dr. Gowri Ramachandran and Mr. Atticus D'Mello
45 mins
Rolling the Risk Dice with GenAI: Early Bets and Emerging InsightsPresented by: Dr. Gowri Ramachandran and Mr. Atticus D'Mello Speaker BioDr. Gowri Ramachandran and Mr. Atticus D'Mello form a research team that are investigating the effectiveness of Generative AI in risk assessment contexts, focusing on its potential, limitations, and real-world applicability through early experiments. Talk SummaryThis talk presents ongoing research evaluating how effective Generative AI is in supporting risk assessment tasks. We will share early findings, discuss key challenges, and showcase live demos that highlight both the promise and the pitfalls of using GenAI in this context. |
| 16:30 | ||
| 16:45 | ||
| 17:00 |
CTF Announcements
15 mins
CTF AnnouncementsJoin us for the CTF results and winner announcements. Prizes will be awarded to the top teams. |
|
| 17:15 |
Thanks from BSides Brisbane & Conference End
15 mins
Thanks from BSides Brisbane & Conference EndA final thank you to all our attendees, speakers, sponsors, and volunteers for making BSides Brisbane 2025 possible. We'll wrap up the day with some closing remarks and announce the after-party details. |
|