First Talk

Intended Consequences

Usability with, and in face of, auditors.


Mika Boström


The unholy trinity of security, usability and auditor agreeableness comes off as an extreme tradeoff, with one out of three considered an acceptable compromise. This talk covers an approach, with real examples, that has made it possible to cover all three at the same time.

Second Talk

A talk about certain stuffs…


Bigezy (@bigezy_)


This talk will be about about the fusion of real data modeling and the development of tools to instrument impact for individual state machines that work in a system of devices. It will be a mix of the scientific discoveries that are being made by the analysis of real ICS data and the emergence of tools that can model impact of incidents in digitally controlled systems that provide for critical functions in industrial settings. Or something even more interesting if I am drunk when the talk starts. I will be at the Phoenix early for those interested in making the talk a bit more colorful by plying the speaker with drinks before the talk.

About Bigezy

Bigezy is a critical infrastructure defender and has spoken at many conferences including Blackhat, Defcon, Troopers, Hackito, H2HC, and many others. He also hold a defcon black badge from Defcon 11 for wardriving. During Defcon 24 he released Pinworm a tool for man in the middle of social media metadata and also released a different toolset CyPSA for cyber physical impact analysis at BsidesLV. Between those two releases bigezy somehow found the time to captain the victorious Hacker Jeopardy team “We fucked it up!” 11 beers drank during the final round.

We’re always happy for more talks, so if you’ve implemented Meltdown on your smartwatch, want to walk us through the highlights of a CTF, or have some insight into upcoming privacy regulations, we’re interested!

Drop a message to with a title, synopsis and rough length, and don’t worry if you haven’t spoken before.