My #WeeFreeCommunityLibrary talk is now up on YouTube! It talks about how I used #InternetInABox to create a little local library in my neighborhood. It's a quick little snack of a talk at only ~20 minutes long.

https://www.youtube.com/watch?v=QqAUO_HZYwU

(Special thanks to Bsides Seattle for recording and putting these up as a perk of being a speaker. #BsidesSeattle #BSidesSeattle2026 )

4/

I've been thinking about #uncertainty from risk POV, & Doug Hubbard's concepts of calibrated estimators. My team does weekly calibrations for #estimating uncertainty. Listening to Choi-Greene talk about AI's certainty - confidently wrong, sometimes - I couldn't help but think that having calibrated, specific uncertainty on events, plans, projects, #technology would become MORE valuable in the future.

@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security

3/

@bsidesseattle #BSidesSeattle #BSidesSEA #2026 #cybersecurity #infosec #cyber #security

Last year #BSidesSeattle, #llm / #genai / #agentic AI looked like hype that might blow over. This year acceptance, realistic / grounded direct topics.

Emily Choi-Greene's applying AI to Threat Modeling was a great kick off session. Best part was genAI's confidence - & the value of uncertainty.

#BSidesSeattle #BSidesSEA 2026 thoughts:

2/

Brian Myers' talk "Waking Up to AI: An Adventure in Governance" was fabulous. I heard him @ #BsidesPDX Oct on #British #Library #ransomware, so knew it'd be good.

The realistic, slow walk through for companies caught off guard by #AI and #LLMs - and the supply chain issues it brings up - reinforced the idea that weaknesses and strengths can be amplified by AI; leaving me wondering where are the brakes (so we can go fast).

#infosec #cyber #security

Excellent #BSidesSeattle #BSidesSEA 2026. Unpacking a few thoughts:

1/

Super enjoyed "The Security Policy Rollout Survival Guide" by Maya Kaczorowski. Great talk! Wish it had been a 1 hour. She may mean something else but this is my take home:
1) who set the policy is who should enforce
2) a pilot project is actually a #decision, not #research. Treat it as such
These may not be #hot #new #information to others, but it really resonated with me. Thank you Maya! Great talk.

@bsidesseattle

Tomorrow at 1PM at BSidesSeattle, come see:

Cloud Misconfigurations: Oh look something fluffy, poke poke poke
(also known as: Permission Granted: How Misconfiguration Became the Breach)

Yes, it starts fluffy.
No, it does not stay fluffy.

I’ll talk about:
- Why most cloud “breaches” don’t require elite attackers
- The Top 10 Ways We Grant Permission
- The Toxic Trilogy in the wild
- And how Policy as Code turns “please don’t” into “not allowed”

If you’ve ever opened a security group “just temporarily”…
This talk is about you!!

1PM. Post-lunch. Bring your coffee. @sashatheflamingo will bring the tequila!!
#CyberSecurity #CloudSecurity #BSidesSeattle #infosec

It's the last week of the #BSidesSeattle CFP. Get your submissions in by Friday so we have something to do over Thanksgiving weekend while the Macy's parade plays in the background.

https://www.bsidesseattle.com/submit-to-present.html

#security #cfp #bsidesseattle