⚡ Secure Development Spotlight at BSides Luxembourg 2026!

𝗧𝗥𝗨𝗦𝗧 𝗔𝗡𝗗 𝗧𝗥𝗔𝗖𝗘𝗔𝗕𝗜𝗟𝗜𝗧𝗬: 𝗗𝗘𝗩𝗘𝗟𝗢𝗣𝗘𝗥 𝗢𝗕𝗦𝗘𝗥𝗩𝗔𝗕𝗜𝗟𝗜𝗧𝗬 𝗜𝗡 𝗧𝗛𝗘 𝗔𝗜 𝗣𝗢𝗪𝗘𝗥𝗘𝗗 𝗦𝗗𝗟𝗖 – Omar Rachid

As AI coding tools become deeply embedded in modern development workflows, organizations are facing a new challenge: developers are using them everywhere—often without visibility, governance, or consistent security oversight. This 40-minute talk explores how the rapid adoption of AI in the SDLC is exposing critical gaps in developer security skills and enterprise risk management.

The session focuses on how security leaders can build observability into the development lifecycle to better understand both developer behavior and the security posture of AI-generated code. It covers strategies for establishing developer risk baselines, improving secure coding practices, addressing AI-induced vulnerabilities, and building governance models that scale with modern AI-assisted engineering workflows.

Omar Rachid is an Application Security Engineer with over 10 years of experience helping organizations embed security into the software development lifecycle. His work sits at the intersection of AppSec, DevOps, and AI security, with a strong focus on practical risk reduction and secure adoption of emerging technologies.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AppSec #AISecurity #SDLC #DevSecOps #SecureDevelopment

⚡ Secure Development Highlight at BSides Luxembourg 2026!

𝗕𝗨𝗜𝗟𝗗𝗜𝗡𝗚 𝗦𝗘𝗖𝗨𝗥𝗘 𝗔𝗜: 𝗠𝗔𝗞𝗜𝗡𝗚 𝗧𝗛𝗥𝗘𝗔𝗧 𝗠𝗢𝗗𝗘𝗟𝗜𝗡𝗚 𝗔 𝗖𝗢𝗥𝗘 𝗣𝗔𝗥𝗧 𝗢𝗙 𝗗𝗘𝗩𝗘𝗟𝗢𝗣𝗠𝗘𝗡𝗧 – Diana Waithanji

As AI systems become deeply embedded in modern applications, security can no longer be an afterthought. This 40-minute talk explores how threat modeling can be integrated directly into the AI development lifecycle, ensuring vulnerabilities are identified and addressed early using a “shift-left” approach.

The session introduces practical methods for conducting effective AI threat modeling sessions, including frameworks like STRIDE, relevant OWASP research, and tools that help teams systematically identify and mitigate risks unique to AI systems. Beyond methodology, it also focuses on making threat modeling collaborative and engaging, ensuring active participation from both technical and non-technical stakeholders.

Diana Waithanji is a cybersecurity professional at SAP specializing in cloud infrastructure security. She is a TechWomen USA fellow at Google and an AFRIKA KOMMT alumna, with active roles in cybersecurity standards and community initiatives promoting diversity and secure digital development.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #ThreatModeling #SecureDevelopment #OWASP #AppSec

⚡ Story-Driven Security Talk at BSides Luxembourg 2026!

𝗙𝗥𝗢𝗠 𝗣𝗛𝗜𝗦𝗛𝗜𝗡𝗚 𝗧𝗢 𝗠𝗜𝗧𝗜𝗚𝗔𝗧𝗜𝗢𝗡: 𝗔𝗡 𝗘𝗔𝗥𝗟𝗬-𝗖𝗔𝗥𝗘𝗘𝗥 𝗜𝗡𝗖𝗜𝗗𝗘𝗡𝗧 𝗥𝗘𝗦𝗣𝗢𝗡𝗦𝗘 – Chris Beckman

Follow a real-world journey from chaos to control in this engaging 40-minute talk. What began as an overwhelming phishing campaign at a fast-growing AI startup quickly escalated into a serious operational threat—flooding inboxes, disrupting workflows, and even triggering convincing social engineering scenarios inside the company.

Through careful analysis of email data and infrastructure tracing, this session reveals how seemingly scattered attacks were linked back to a small set of IP ranges—and how an unexpected approach, combining technical investigation with responsible disclosure and human communication, led to resolution. This talk highlights a powerful lesson: not every security problem is solved with tools alone—sometimes collaboration and perspective make all the difference.

Chris Beckman is a Principal Security Engineer at TaxBit, specializing in AI security and architecture across startups and large organizations. His work emphasizes practical, real-world security decision-making shaped by hands-on experience in complex environments.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #CyberSecurity #IncidentResponse #Phishing #ThreatIntelligence #BlueTeam

⚡ Fresh Talk Alert for BSides Luxembourg 2026!

𝗦𝗣𝗥𝗘𝗔𝗗𝗜𝗡𝗚 𝗠𝗔𝗟𝗪𝗔𝗥𝗘 𝗪𝗜𝗧𝗛 𝗨𝗦𝗕 𝗞𝗘𝗬𝗦 - 𝗗𝗢𝗘𝗦 𝗜𝗧 𝗦𝗧𝗜𝗟𝗟 𝗪𝗢𝗥𝗞 ? – Didier Barzin, Mathieu Vajou

Uncover the reality behind one of the oldest yet most effective attack vector in this eye-opening 40-minute talk. Through a real-world experiment conducted in Luxembourg, where 250 USB drives were intentionally “lost,” this session reveals how often—and how quickly—people plug in unknown devices, often within minutes.

The findings highlight a critical truth: human curiosity and good intentions can still open the door to compromise. Learn why USB-based attacks continue to succeed, what motivates user behavior, and how organizations can strengthen awareness and defenses against this deceptively simple threat.

Didier Barzin is an information security enthusiast who combines defensive expertise with a hacker mindset. A strong advocate for open source and collaboration, he brings practical insights into real-world security challenges and user behavior.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #CyberSecurity #HumanFactor #USBThreats #SecurityAwareness

🤖 AI Security Takes the Stage at BSides Luxembourg 2026

𝗧𝗛𝗘 𝗛𝗜𝗚𝗛-𝗣𝗘𝗥𝗙𝗢𝗥𝗠𝗔𝗡𝗖𝗘 𝗙𝗨𝗘𝗟 𝗙𝗢𝗥 𝗦𝗢𝗖𝗜𝗔𝗟 𝗘𝗡𝗚𝗜𝗡𝗘𝗘𝗥𝗜𝗡𝗚 (𝗡𝗢𝗪 𝗜𝗡 𝗔𝗜 𝗙𝗟𝗔𝗩𝗢𝗥𝗦!) – Glen Sorensen

Unpack the hidden engine behind modern social engineering in this eye-opening 40-minute talk from the AI Security Village. As personal data becomes increasingly accessible, attackers are leveraging AI to scale highly targeted phishing, deepfake scams, and automated fraud—turning everyday digital footprints into powerful attack vectors.

This session bridges privacy, OSINT, and cyber threat intelligence, showing how exposed data is collected, weaponized, and used against individuals and organizations. Walk away with practical strategies to reduce your exposure, detect AI-driven targeting, and strengthen defenses against the next generation of social engineering attacks.

Glen Sorensen is a Solutions Engineer at DeleteMe and a former CISO/vCISO with over 20 years of experience across security engineering, operations, and GRC. He specializes in how AI and OSINT are used in modern social engineering and helps organizations translate risk into practical defense strategies.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #SocialEngineering #OSINT #CyberSecurity #ThreatIntelligence

Folks, we're proud to announce that Lunchtime (https://www.lunchtime.lu/glitter/index.asp) have chosen to help #BSidesLuxembourg2026 with catering!

BTW, check out there services!

Folks, we're proud to announce that SnT (https://www.uni.lu/snt-en/) have chosen to sponsor #BSidesLuxembourg2026 and they're our Platinum sponsors!

Merci Nastassia Sarash, du bass déi Bescht!

🧠 Another Deep Dive into AI Security at BSides Luxembourg

𝗧𝗛𝗘 𝗖𝗛𝗔𝗟𝗟𝗘𝗡𝗚𝗘𝗦 𝗢𝗙 𝗔𝗜-𝗔𝗦-𝗔-𝗦𝗘𝗥𝗩𝗜𝗖𝗘 𝗟𝗢𝗚𝗚𝗜𝗡𝗚 – Jeremy Snyder

Dive into a critical 40-minute session uncovering one of the biggest blind spots in modern AI adoption. As organizations rapidly embrace AI-as-a-Service, most usage remains unmanaged—creating “Shadow AI” environments where traditional logging and security controls fall short.

This talk breaks down why existing logging approaches fail for LLM-driven systems, highlighting the disconnect between client-side and server-side visibility. Learn how to rethink logging strategies for AI, close detection gaps, and build centralized visibility that actually supports effective security monitoring and response in AI-driven environments.

Jeremy Snyder is the founder and CEO of FireTail, an AI security platform, with a background spanning cloud security, M&A at Rapid7, and over a decade in cyber and IT operations. His work focuses on securing modern API and AI ecosystems at scale.

📅 Conference Dates: 6–8 May 2026 | 09:00–18:00
📍 14, Porte de France, Esch-sur-Alzette, Luxembourg
🎟️ Tickets: https://2026.bsides.lu/tickets/
📅 Schedule: https://hackertracker.app/schedule?conf=BSIDESLUX2026

#BSidesLuxembourg2026 #AISecurity #CloudSecurity #LLMSecurity #CyberSecurity #ThreatDetection