Summary

TL;DR: Every AI Talk from BSidesLV, Black Hat, and DEF CON 2024

Get up to speed on >60 AI talks in 15 minutes

Every AI Talk from DEF CON 2024

A list of all of the talks, abstracts, recordings, slides, papers, and tools for the Main Track and >10 villages

Every AI Talk from BSidesLV and BlackHat USA 2024

A list of all of the talks, abstracts, recordings, slides, papers, and tools from BSidesLV and BlackHat USA

Software Supply Chain Vendor Landscape

An analysis of over 20 supply chain security vendors, from securing source code access and CI/CD pipelines to SCA, malicious dependencies, container security, SBOMs, code provenance, and more

Cache Me If You Can: Messing with Web Caching

In this talk, Louis covers 3 web cache related attacks: cache deception, edge side includes, and cache poisoning.

Starting Strength for AppSec: What Mark Rippetoe can Teach You About Building AppSec Muscles

Netflix’s Layered Approach to Reducing Risk of Credential Compromise

Dev Akhawe’s Follow-up on Figma’s Experience Switching to WebAuthN

The good, the bad, and the lessons learned.

Grow Your Best Employees or Lose Them

Travis McPeak recommends

Travis McPeak: Why Companies don't 'Just Patch'

Why patching in the real world is hard, and what to do about it.

Riana Pfefferkorn: I Have a Lot to Say About Signal’s Cellebrite Hack

Stanford Internet Observatory Research Scholar [Riana Pfefferkorn](https://twitter.com/Riana_Crypto) shares her thoughts on legal implications of the Cellebrite hack.

How Figma Switched Their Okta to Only Allow Phish-proof WebAuthn/FIDO Multi-factor Authentication

An excellent Twitter thread by Dev Akhawe on the value of making this switch, and challenges and lessons learned along the way.