Schedule

BSides Brisbane 2026: Time Travel - Journey through the past, present, and future of cybersecurity!

Join us for a dynamic and inclusive cyber security conference that transcends time, offering a welcoming environment for individuals at all stages of their professional journey.

Event Details

04 July 2026

QUT Gardens Point Campus - Z Block

Schedule

Please note this schedule is still in a draft state and is subject to change.

Time	Track 1 MC Kelsy Luengen	Workshops
08:00	Doors and Check In Open All Day Doors and Check In Open Welcome to BSides Brisbane! Head to the registration desk to check in, grab your badge, and collect your conference t-shirt. Coffee and tea will be available at the Cafe, so feel free to network with fellow attendees before the opening session.	Track 1 only 2 hours
08:15	Networking 45 mins Networking Take this opportunity to network with fellow attendees, catch up over coffee, and connect with members of the security community before the conference begins.
08:30
08:45
09:00	Welcome to BSides Brisbane & Opening 15 mins Welcome to BSides Brisbane & Opening Join us for the official opening of BSides Brisbane 2026. We'll kick off the day with a brief welcome, run through the schedule, and cover everything you need to know to make the most of your conference experience.
09:15	Keynote Joe Grand 45 mins Keynote Presented by: Joe Grand Talk Summary Keynote presentation details to be confirmed. Speaker Bio Joe Grand, also known as Kingpin, is an American computer engineer and hardware hacker. He was a member of the legendary hacker group L0pht Heavy Industries and was a co-host of Prototype This on Discovery Channel. He specialises in creating, exploring, manipulating, and teaching about electronic devices. Learn more at joegrand.com and grandideastudio.com.
09:30
09:45
10:00	Cowboys and Endianness Macca and James 30 mins Cowboys and Endianness Presented by: Macca and James Talk Summary In this talk, Macca and James take a chainsaw to the OSI model and ask a simple question: what happens when the protocol itself is the bypass? Starting from the gloriously unhinged world of custom binary protocols and cursed encapsulation stacks, the team demonstrates live how trivially modern security controls can be defeated when defenders are pattern-matching on protocols they expect to see. Equal parts education and crimes against networking, this talk will leave you questioning every assumption your security stack is quietly making about what ‘normal’ traffic looks like. Warning: may contain interpretive dance. Speaker Bio MacLeonard Starkey, better known as Macca, is a Brisbane-based security practitioner with over two decades of incident response experience across the public and private sectors. He currently hunts threats in industrial and operational technology environments at Dragos as a Senior Principal Threat Detection Engineer. Macca has contributed to well-known security publications and has been interviewed on the Risky Business podcast. He is driven by a strong desire to interfere with bad people who do bad things to good people. Despite lacking any talent, he is currently working towards a Ph.D in interpretive dance. James currently works as an AI Security Researcher within the SURGe team at Cisco Foundation AI, primarily creating headaches for LLMs and their owners. He calls Brisbane, Australia home and has spent much of his career supporting law enforcement and emergency services. When he's not causing problems in Python and Rust, he's being "that guy" about how Rust avoids the bugs of the past, or contributing to open source projects. He claims it's rarely DNS.	OFDS, Google Earth & KML Mapping Workshop Warren Finch 2 hours OFDS, Google Earth & KML Mapping Workshop Presented by: Warren Finch Workshop Summary This hands-on workshop begins with a detailed introduction to the Open Facility Data Standard (OFDS), Google Earth, and KML for visualising internet infrastructure and facility data. After the intro, attendees will work through a guided lab to create their own map. Please bring a laptop that you can use to install or run QGIS and access Google Earth. Tutor Bio Warren joined the Internet Society in June 2025 as an IXP Development Expert, focusing on supporting Internet infrastructure growth and interconnection initiatives across the Asia-Pacific region. With a career in IT that began in 1994, he brings a broad range of experience from technical consulting to Internet community training. He previously served as a Senior Network Analyst/Technical Trainer at APNIC, where he delivered technical workshops and provided support to Internet operators throughout the Asia-Pacific. His technical expertise spans Windows systems, CISCO equipment, virtualisation, technical support, and training delivery. Beyond technical skills, he is deeply committed to building capacity within Internet communities, helping individuals and organisations enhance their knowledge and operational capabilities. He actively contributes to knowledge sharing and is passionate about ensuring that communities have the skills and resources to access and develop the Internet in an inclusive way.
10:15
10:30	Morning Tea 15 mins Morning Tea It's time for a morning tea break! While food is not provided, there are many excellent cafes and restaurants just a short walk from the conference venue. Explore the local area and enjoy a well-deserved break.
10:45	Purple Teaming yo ICS Bruce Large 45 mins Purple Teaming yo ICS Presented by: Bruce Large Talk Summary In this presentation Bruce is going to build on where it all started for him with Blue Teaming yo ICS and present Purple Teaming yo ICS. In this presentation Bruce will outline the case for why Critical Infrastructure operators need to do purple teaming to ensure they are defensibly managing cyber security risks for their Operational Technology (OT). This presentation will start with a primer on purple teaming and walk through how critical asset operators should develop purple team assessments for their OT systems. This presentation will discuss methods to gather relevant Cyber Threat Intelligence to inform their assessments. Critically for asset operators this presentation will discuss why purple teaming needs to happen in a representative test lab environment initially to give both teams confident in their assessments. The presentation will discuss useful tools and techniques to support asset operators plan and execute their purple team assessment and finally Bruce will discuss how he built his home lab to support this presentation. Speaker Bio Bruce has 20 years experience working with IT and Operational Technology in network, telecommunications and system engineering roles. Bruce has worked in Electricity Generation & Transmission, Railway, Aviation, Emergency Services and Consulting industries. Bruce is the Founder and Principal Cyber Security Architect at BLARGE.
11:00
11:15
11:30	From Charger to Internal Network: Breaking a Smart EV Charger Brendan Scarvell 30 mins From Charger to Internal Network: Breaking a Smart EV Charger Presented by: Brendan Scarvell Talk Summary EV chargers are becoming a common part of home and business networks, but they often don’t get much security attention. This talk covers the discovery of a vulnerability leading to remote code execution in a smart EV charger. It also looks at how built-in IoTHotspot functionality can turn a compromised charger into a pivot point into internal networks. The session will walk through the research process, vulnerability discovery, exploitation, and the broader risks of increasingly connected charging infrastructure. Speaker Bio Brendan is a security researcher and co-founder of Signal 11, with a background spanning web application, network, hardware, and embedded device security. His work focuses on finding and exploiting vulnerabilities in real-world systems, with a particular interest in connected devices and the security risks created when consumer and business infrastructure overlap.
11:45
12:00	Lunch 60 mins Lunch It's time for a lunch break! While lunch is not provided, there are many excellent cafes and restaurants just a short walk from the conference venue. Explore the local area and enjoy a well-deserved break.	Track 1 only 1 hour
12:15
12:30
12:45
13:00	TBC TBC 60 mins TBC Presented by: TBC Talk Summary TBC Speaker Bio TBC	Competitive Cyber Tabletop Challenge Walkthrough Chris Djamaludin 90 mins Competitive Cyber Tabletop Challenge Walkthrough Presented by: Chris Djamaludin Workshop Summary This workshop runs twice — 13:00 and 15:15. Choose the session that suits your schedule. Step into a facilitated tabletop exercise (TTX) run as a mini CTF challenge. Work through a realistic cyber crisis scenario, make the calls that matter, and see how your decisions stack up against other players in the room. Designed for executives, board members, and technical practitioners alike, this 90-minute interactive session puts you at the decision table — not just watching from the sidelines. Your choices are scored as you progress, adding a competitive edge to the learning experience. Please bring your own laptop to participate in the challenge. Tutor Bio Chris is a Co-Founder and Chief Technology Officer for Crisis Commanded, an innovative crisis management product to help organisations prepare and respond to a variety of crisis situations. He is also a Technical Director with NSB Cyber specialising in red team operations and offensive security. Chris plays an active role in the technical development and training of the offensive security practice. His prior roles include penetration testing consulting firms, a top tier consultancy firm, academic institutions, and a multi-national oil and gas company. Most recently he was offensive security national lead at a consulting firm. Through his work and research in both the cyber security and engineering fields, Chris has developed extensive experience with respect to functional security testing involving vulnerability identification and exploitation.
13:15
13:30
13:45
14:00	TBC TBC 30 mins TBC Presented by: TBC Talk Summary TBC Speaker Bio TBC
14:15
14:30	Afternoon Tea 15 mins Afternoon Tea It's time for an afternoon tea break! While food is not provided, there are many excellent cafes and restaurants just a short walk from the conference venue. Explore the local area and enjoy a well-deserved break.	Track 1 only 45 mins
14:45	TBC TBC 30 mins TBC Presented by: TBC Talk Summary TBC Speaker Bio TBC
15:00
15:15	TBC TBC 60 mins TBC Presented by: TBC Talk Summary TBC Speaker Bio TBC	Competitive Cyber Tabletop Challenge Walkthrough Chris Djamaludin 90 mins Competitive Cyber Tabletop Challenge Walkthrough Presented by: Chris Djamaludin Workshop Summary This workshop runs twice — 13:00 and 15:15. Choose the session that suits your schedule. Step into a facilitated tabletop exercise (TTX) run as a mini CTF challenge. Work through a realistic cyber crisis scenario, make the calls that matter, and see how your decisions stack up against other players in the room. Designed for executives, board members, and technical practitioners alike, this 90-minute interactive session puts you at the decision table — not just watching from the sidelines. Your choices are scored as you progress, adding a competitive edge to the learning experience. Please bring your own laptop to participate in the challenge. Tutor Bio Chris is a Co-Founder and Chief Technology Officer for Crisis Commanded, an innovative crisis management product to help organisations prepare and respond to a variety of crisis situations. He is also a Technical Director with NSB Cyber specialising in red team operations and offensive security. Chris plays an active role in the technical development and training of the offensive security practice. His prior roles include penetration testing consulting firms, a top tier consultancy firm, academic institutions, and a multi-national oil and gas company. Most recently he was offensive security national lead at a consulting firm. Through his work and research in both the cyber security and engineering fields, Chris has developed extensive experience with respect to functional security testing involving vulnerability identification and exploitation.
15:30
15:45
16:00
16:15	TBC TBC 45 mins TBC Presented by: TBC Talk Summary TBC Speaker Bio TBC
16:30
16:45		Track 1 only 45 mins
17:00	CTF Announcements 15 mins CTF Announcements Join us for the CTF results and winner announcements. Prizes will be awarded to the top teams.
17:15	Thanks from BSides Brisbane & Conference End 15 mins Thanks from BSides Brisbane & Conference End A final thank you to all our attendees, speakers, sponsors, and volunteers for making BSides Brisbane 2026 possible. We'll wrap up the day with some closing remarks and announce the after-party details.

Event Details

Schedule

Doors and Check In Open

Networking

Welcome to BSides Brisbane & Opening

Keynote

Talk Summary

Speaker Bio

Cowboys and Endianness

Talk Summary

Speaker Bio

OFDS, Google Earth & KML Mapping Workshop

Workshop Summary

Tutor Bio

Morning Tea

Purple Teaming yo ICS

Talk Summary

Speaker Bio

From Charger to Internal Network: Breaking a Smart EV Charger

Talk Summary

Speaker Bio

Lunch

TBC

Talk Summary

Speaker Bio

Competitive Cyber Tabletop Challenge Walkthrough

Workshop Summary

Tutor Bio

TBC

Talk Summary

Speaker Bio

Afternoon Tea

TBC

Talk Summary

Speaker Bio

TBC

Talk Summary

Speaker Bio

Competitive Cyber Tabletop Challenge Walkthrough

Workshop Summary

Tutor Bio

TBC

Talk Summary

Speaker Bio

CTF Announcements

Thanks from BSides Brisbane & Conference End

Kelsy Luengen