Descriptions are after the schedule:

9:00 am
Weaponizing Empathy: Social Engineering & the Manipulation of Trust
Cristiana Brafman Kittner
Trust is essential, particularly in cybersecurity. But what if that trust is weaponized? This presentation explores the alarming reality of social engineering, where the very principles of psychological safety are manipulated to exploit vulnerabilities. We will dissect the human element of cyberattacks, revealing how manipulators leverage techniques like mirroring and perceived urgency to bypass even the most sophisticated technical defenses. Through in-depth case studies, including the breaches at Equifax and Maersk, we introduce the concept of ‘Indicators of Compromise’ (IOCs) for Social Engineering that reveal emotional manipulation tactics, techniques and procedures (TTPs). Finally, we will equip attendees with practical strategies for cultivating genuine psychological safety within their teams while simultaneously building resilience against its malicious exploitation. This session will challenge you to rethink the human factor in cybersecurity, emphasizing the critical need for awareness and proactive defense against emotional manipulation.

10:00 am
Practical OSINT Techniques for OSINT Investigations
Ritu Gill
This talk will explore case examples and OSINT techniques relevant to online investigations. It will cover practical methodologies, tools, and lesser-known strategies used in OSINT investigations, providing insights into effective information gathering and analysis.

10:00 am
Social Engineering with AI
Brett Gustafson
AI and LLMs are all the rage, but how do we leverage this into social engineering? We’ll discuss practical methods to use AI for phishing, deep fakes (voice and audio) and more. Learn how to execute on these emerging technologies and hear stories of how they’ve been used in the field.

10:30 am
Overlooked OSINT: Turn User Experiences into Actionable Security Intel
Becky Gaylord
This presentation helps security teams and researchers enhance their exposure management by tapping into overlooked sources of intelligence to reveal vulnerabilities affecting products, customers and reputations.
We’ll examine how user forums and community discussions can uncover security weaknesses that traditional methods miss. These spaces often host users who have created workarounds for security issues because their insights went unheard by manufacturers.
Our exploration will cover two compelling case studies: Security weaknesses in one of the most popular pick ups sold in America and vulnerabilities in a global access building control system with a single point of failure.
These examples show how this approach can revolutionize Cyber Threat Exposure Management. We’ll discuss integrating user experience feedback into security research, techniques for mining user forums for security-relevant information, and how threat actors also exploit this information. We’ll provide recommendations for blue and purple teams to incorporate these OSINT techniques into their practices. We’ll also explore ethical considerations and responsible disclosure processes for discovered vulnerabilities.
Attendees will gain a new perspective on user experience data in security research, practical techniques for incorporating forum OSINT into security practices and insights into discovering real-world vulnerabilities.

11:00 am
Deanonymizing Dark Web Hidden Services: Capitalizing on User Mistakes and Querying Internet of Things Databases
Tim Farmer
The dark web is commonly acknowledged to be an anonymous obfuscated part of the internet. However, the same vulnerabilities that exist for users on the clearnet exist on the dark web as well. This includes searching for usernames/monikers and other unique identifiers on the dark web. In this presentation, Tim will cover what information to be on the lookout for to deanonymize dark web users and hidden services.

11:00 am
Red Team: Are We The Baddies?
Rebecca Markwick
This talks takes a look at how certain applications of social engineering during Red Team engagements can not only undermine security within organisations, but also have the potential to cause long term harm to individuals. A deep dive into how traditional mentalities negatively effect the desired end goals and outcomes and what we can do to change engagements, and the industry, for the better.

11:30 am
Navigating Challenges in Physical Penetration Testing: The Rise of New Tools Beyond the USB Rubber Ducky
Raymond Evans
Physical penetration is critical to security assessments, providing invaluable insights into an organization’s current physical security controls against adversaries. A staple in the toolbox of every pentester, devices like the USB Rubber Ducky have long served as the backbone for simulating malicious attacks via seemingly benign hardware. However, their usage comes with significant challenges, especially as security environments grow increasingly complex and aware.
This talk discusses employing hardware-based tools such as the USB Rubber Ducky in physical penetration tests. We will explore the common hurdles that pentesters face, including the increased security measures to detect and deter such devices and the evolving landscape of digital security that demands more sophisticated approaches.
A significant portion of the presentation will focus on real-world examples where physical penetration tools have been employed. These case studies will highlight successful strategies and lessons learned from the field, providing attendees with a practical understanding of how such devices can be both a boon and a bane in security testing.
The session will culminate with the reveal of a new tool designed to overcome the limitations of traditional hardware-based penetration testing devices. This solution promises to enhance the effectiveness and stealth of physical security assessments, equipped with advanced capabilities to evade detection and execute a broader range of exploits more safely and efficiently.

1:00 pm
Bridging the Gap: How OSINT helps with Social Engineering
Stephen Nelson
In today’s interconnected world, Open-Source Intelligence (OSINT) has become a powerful tool in the cybersecurity domain, particularly in the context of social engineering. This presentation explores how OSINT enables attackers to craft highly convincing social engineering campaigns by leveraging publicly accessible data. From mining employee social media profiles to analyzing corporate websites and metadata leaks, adversaries use OSINT to manipulate trust, bypass defenses, and exploit human vulnerabilities. Drawing on real-world case studies and practical examples, this session will uncover how threat actors identify and exploit publicly available information to achieve their objectives. Attendees will gain insight into how OSINT supports the development of realistic pretexts, phishing schemes, and other social engineering tactics, effectively bridging the gap between reconnaissance and exploitation. On the defensive side, the presentation will emphasize how organizations can proactively use OSINT to mitigate these threats. Strategies such as digital footprint reduction, threat monitoring, and employee training will be discussed, highlighting how to turn OSINT from a potential risk into a valuable defensive asset. This session aims to provide a balanced perspective, empowering attendees with the knowledge to understand the dual-edged nature of OSINT in the context of social engineering. By the end, participants will have actionable takeaways to improve their organizational security posture, identify vulnerabilities before they are exploited, and foster resilience against human-centric cyber threats.

2:00 pm
The State of OSINT in the Face of AI
Cynthia Hetherington
Open-source intelligence is evolving fast—and artificial intelligence is both a disruptor and a game-changer. This session explores how AI is reshaping OSINT practices, from accelerating research to introducing new risks like hallucinated data. Learn where the field stands today, what threats and opportunities AI presents, and how investigators can stay sharp in a shifting digital landscape.

2:00 pm
Social Engineer Humans, Not Lizards: How We Decide & React from the Perspectives of Neuroscience & Cybersecurity
Kate Mullin and Ashling Lupani
Many in the social engineering community adversely impact the credibility of presentations and themselves by using the debunked triune brain theory. Using false concepts such as an amphibian, reptilian, or lizard brain to explain how we decide and react detracts from accurate information at best, and at worst skew materials to make them entirely incorrect. This may impair the ability to communicate with customers and to react appropriately when in social engineering engagements.
Providing insight from current brain science to use in identifying potential weaknesses, attacks, and defenses for the human system, this session is a presentation interrupted by the real science including a discussion on “amygdala hijacking” and how the amygdala works. This session challenges prevailing misinformation while imparting attainable science on the real brain doing decision making – a human one.

3:00 pm
A Punctuated Equilibrium History of National Security OSINT
Brian Nussbaum
Changes in OSINT policies and institutions are often precipitated by major events, technological changes, or intelligence failures. This presentation will cover the post-1947 birth of modern Cold War OSINT in the US intelligence community, including the formative role of “the Yale Report,” the Foreign Broadcast Information Service (FBIS), and related undertakings of that period. It will then examine the major changes to US intelligence community OSINT efforts in the post-2001 era, especially the impacts of social media and new online technologies that exploded the amount of publicly available information. Finally, it will discuss important questions that continue to influence national security OSINT discourse, such as 1) the status of institutional arrangements (“Should there be an OSINT agency?”), 2) the relationship between open and secret intelligence sources, and 3) how the intelligence community views OSINT relative to other disciplines.

3:00 pm
Hillbilly Storytime: Pentest Fails – Social Engineering Edition
Adam Compton
Social engineering is more than just smooth-talking your way past security—it’s about understanding human behavior, exploiting trust, and, sometimes, realizing too late that your plan had a massive flaw. Whether you’re a seasoned social engineer or just getting started, mistakes will happen. From botched pretexts and skeptical employees to unexpected technical hiccups, this talk dives into real-world social engineering fails, what went wrong, and what you can learn from them. Along with the mishaps and mistakes, I’ll also share a few just plain funny situations I’ve found myself in—because sometimes, reality is stranger (and more hilarious) than fiction. Expect tales of well-intentioned but disastrous disguises, overzealous security guards, and pretexts that went sideways in the worst possible ways. All stories are true (but the names have been changed to protect the guilty and the embarrassed). If you want to hear how not to do social engineering—or just want a good laugh at my expense—come join in for another round of Hillbilly Storytime.

4:00 pm
The Invisible Trail: OSINT Techniques for Finding Missing Persons
Griffin Glynn and Micah Hoffman
Time is of the essence when someone goes missing, and leveraging digital resources can make all the difference in efforts to find them. Join Micah and Griffin as we explore the power of OSINT tools and techniques in finding missing and exploited individuals. Through an interactive case study, we’ll empower you with essential, free OSINT tools and techniques to enhance your investigative skills. You’ll learn to expertly navigate social media platforms, gather and analyze data, and more. By the end of the session, you’ll walk away with a practical toolkit ready to apply to your real-world cases.

4:00 pm
Weaponizing Curiosity: The Psychology Behind Social Engineering Success
Swati Babbar and Kashif Memon
Curiosity is one of the most powerful human emotions—and social engineers know exactly how to exploit it. Whether it’s a fake urgent email, a well-crafted pretext, or a seemingly innocent USB drive left in a parking lot, attackers manipulate psychological triggers to bypass security defenses.
This session will break down the science of social engineering, explaining how attackers exploit cognitive biases, emotional responses, and trust mechanisms to manipulate individuals. We’ll analyze real-world case studies of successful social engineering campaigns, including high-profile breaches that started with a simple human curiosity trap.
Attendees will leave with a deep understanding of the psychological principles that drive social engineering success and practical strategies for designing better defenses—both at an individual and organizational level.

4:30 pm
Realtime OSINT: School Lockdown
Josh Huff
In this talk I share the lessons learned during an emergency lockdown event at my son’s high school.
What are your options? How can you stay informed quickly? How can you help keep your child informed (and calm). This talk is from an OSINT professional and enthusiast, but most importantly a parent that was laser focused on every piece of intel I could get a hold of during a stressful afternoon.

4:30 pm
Behind My Ring: How Social Engineering Shaped My Marriage
Jordan Bonagura
This talk will explores the subtle and often unnoticed role social engineering plays in shaping personal relationships, particularly in the context of marriage. This session offers a deeply personal reflection on how trust-building tactics and psychological manipulation can influence the dynamics of a romantic relationship. Drawing from real-life experiences, the presentation sheds light on the emotional and psychological tools used by individuals to gain trust, manipulate decisions, and achieve personal objectives, often without the victim even realizing it. Through this lens, we examine how social engineering can go beyond traditional scams, influencing everyday decisions, and, in some cases, leading to long-term consequences. By sharing lessons learned from this personal journey, the session encourages individuals to become more aware of social engineering tactics, cultivate healthy boundaries, and safeguard their relationships from covert manipulation.

Speaker Bios:

Swati Babar
Swati is a CISSP-certified Security Engineer with over six years of experience in threat and vulnerability management, risk analysis, and security operations. She specializes in designing mitigation strategies, analyzing system vulnerabilities, and leading security operations at scale. She has led large-scale security campaigns, collaborated with engineering teams to reduce builder churn while maintaining security controls. Swati is passionate about bridging the gap between security awareness and execution, with a focus on scalable security culture improvements.

Rae Baker
Rae Baker is the foremost expert in Maritime Intelligence, focused on hunting vessels and tracking elusive AIS signals in her role as Senior OSINT Analyst in Adversary Intelligence. Rae specializes in Human Targeting and Corporate Reconnaissance, utilizing her skills to chart illicit organizations. These practiced skills serve well in Rae’s volunteer positions with OSINT-oriented non-profits and speaking engagements at Recon Village; DEFCON, Shmoocon, and the Layer 8 conference. Further emphasis on her skills and knowledge can be demonstrated in the certifications and awards she’s achieved, including Associate of ISC2 (CISSP), SANS GOSI, AWS Solutions Architect, and Trace Labs OSINT CTF First Place Black Badge as well as the Most Valuable OSINT badge.

Jordan Bonagura
Jordan Bonagura is a senior security consultant for Secure Ideas. With more than 20 years of experience in information security, Jordan is passionate about helping companies and clients protect their data and applications from threats and vulnerabilities. As a principal security researcher, he led teams conducting vulnerability management, risk assessments, penetration tests, and boundary-setting to comply with standards for companies in different segments. Jordan contributed to significant projects, such as developing an integrated GNSS positioning system and an encryption communication protocol between ground and satellite at the Brazilian National Institute of Space Research. He also had the opportunity to speak at some of the most important security conferences around the globe, be a college professor and course coordinator, and consult for the Brazilian police in crime solving.

Adam Compton
Adam Compton has been a programmer, researcher, instructor, professional pentester, father, husband, and farmer. Adam has over two decades of programming, network security, incident response, security assessment, and penetration testing experience. Throughout Adam’s career, he has worked for both federal and international government agencies as well as within various aspects of the private sector.

Alethe Denis
Alethe Denis is a Senior Security Consultant at Bishop Fox. She is best known for social engineering, open-source intelligence (OSINT), and performing security assessments and trainings for both the private and public sectors with emphasis on critical infrastructure organizations. Alethe was awarded a DEF CON Black Badge at DEF CON 27 for Winning the 10th annual Social Engineering Capture the Flag (SECTF) contest. Using both OSINT and Social Engineering skills, she compromised her target Fortune 500 company using just a telephone. She, along with her teammates, received a bronze, silver, most valuable OSINT, and black badge award from a series of TraceLabs capture-the-flag contests, including first place in the August 2020 DEF CON edition of the TraceLabs Missing Persons OSINT CTF.

Raymond Evans
Raymond Evans is a security researcher having 9+ years of experience in cyber security. He has been working with companies such as Cybrary to provide students with hands-on training environments. Additionally, Raymond runs CTF events for conferences such as Nolacon, BSides STL, and various National Cyber Security Awareness month events.
His experience involves developing vulnerable environments to educate analysts on emerging CVEs and traditional skill sets. He also has experience in developing and executing tactics in environments to simulate real-world APT TTPs.

Tim Farmer
Tim Farmer is the Training Lead for the DarkBlue Intelligence Group at CACI. Tim previously served an all-source intelligence analyst in the U.S. Army and supported U.S. Army Special Operations, special operations forces, and conventional elements in the global war on terrorism (GWOT) campaign. Tim received certification from the U.S. Army OSINT Office as an OSINT instructor and is also a certified cryptocurrency and dark web investigator.

Becky Gaylord
As a cybersecurity and data privacy consultant, I boost security resilience by mitigating risks and reducing threat exposure. For more than 20 years, I’ve used social engineering and OSINT in a career long connected to Information Security. My go-to tools are empathy, influence and trust building. My primary focus is to shrink the attack surface by managing risk across the human layer. I have a red teaming mindset, insatiable curiosity and creativity. And I build ingenious solutions so humans can better defend against threats and businesses can identify critical exposure proactively. I have a Masters of Cybersecurity and many certifications, including CISSP.

Ritu Gill
Ritu Gill is an Intelligence Analyst with 18 years of experience working in open-source intelligence (OSINT). After a 12-year career with the Royal Canadian Mounted Police (RCMP), Ritu set up a consulting business providing OSINT training and research to law enforcement and related entities across North America. Ritu holds a Bachelor’s Degree in Criminology from Kwantlen Polytechnic University, and is actively involved in the OSINT community.

Griffin Glynn
Griffin Glynn is a recognized OSINT expert coming from a 20+ year career in the private sector, where he leveraged open-source intelligence in criminal investigations alongside all levels of law enforcement. He now dedicates his investigative efforts to applying OSINT in cases involving missing and exploited children, as well as counter-human trafficking efforts around the world.
In his role as Chief Investigations Officer at the National Child Protection Task Force, Griffin oversees their extensive casework, leading a team of skilled analysts to ensure precise and efficient investigative support of agencies investigating the exploitation of children. He also develops and delivers training programs in this arena, equipping law enforcement officers with essential skills to fight against these heinous crimes effectively.
Additionally, he has served as the Vice President of ClickSafe Intelligence since its inception, and supports their impact by drawing upon his extensive background focused on keeping children safe online.
In the OSINT community, Griffin goes by hatless1der, and has created or contributed to many community-focused projects including blogs, podcasts, webcasts, and other publications. He created and maintains the widely-popular Ultimate OSINT Collection startme page, and continues to be a respected voice in both the open source intelligence community, as well as the anti-trafficking and anti-exploitation space.

Brett Gustafson
Brett Gustafson is an Offensive Security Engineer at Evolve Security, specializing in network penetration testing, Active Directory exploitation, social engineering, and red teaming.

Cynthia Hetherington
Cynthia Hetherington is a leading voice in open-source intelligence (OSINT), corporate investigations, and digital risk management. As founder of Hetherington Group, she has spearheaded thousands of complex investigations for Fortune 500 companies, law enforcement, and government agencies. A recognized expert in the intersection of OSINT and emerging technologies, Cynthia brings over 25 years of experience navigating the evolving challenges of cyber investigations and data analysis. She is also the author of OSINT: The Authoritative Guide to Due Diligence, and founder of both OSINTAcademy.com and the OSMOSIS Association, the premier association for OSINT professionals.

Micah Hoffman
Passionate about helping people learn the OSINT (Open-Source Intelligence) skills they need to succeed, Micah Hoffman brings extensive knowledge in OSINT and cybersecurity, an engaging and expressive presentation style, and a genuine love of teaching to everything he does.
Having spent years mastering technical concepts, Micah simplifies them for his audiences, ensuring that everyone, from beginners to experts, can grasp the material. His ability to break down complex topics into manageable pieces makes his training style highly effective. In the technology world, his blend of technical expertise and educational prowess is truly special and has led him to create tools and resources that enhance efficiency and deepen investigative capabilities.
A regular guest on OSINT podcasts, webcasts, and at conferences, Micah is well-known to audiences around the world. As the former President of the OSINT Curious Project, the co-owner of the My OSINT Training online training academy, and the creator of the massively popular OSINT tool the “Whats My Name Project,” Micah continues to innovate and give back to the community, bringing OSINT to life for all.

Josh Huff
Josh Huff is a strategy consultant in the finance industry where he enhances the capabilities and insight of the information security team with open source intelligence (OSINT). Prior to working in finance, Josh ran the digital forensics lab at a private investigation firm. As a private investigator he was able to analyze an assortment of various electronics all while assisting the field investigators with OSINT to locate people and locations tied to case work.

Cristiana Brafman Kittner
Cristiana Brafman Kittner is a Cyber Threat Intelligence (CTI) executive and significantly, a Proud Terrier Class of 2002! Cris has extensive experience in incident response, threat hunting, vulnerability management and security operations. Her background includes leadership roles at Google Cloud, Mandiant, FireEye, and Decisive Analytics Corporation. Cris earned her Bachelors in International Relations and Military Strategy from Boston University and a Masters from the Georgetown School of Foreign Service. Cris is highly skilled in analyzing nation-state cyber espionage, conducting threat research, and ensuring regulatory compliance in technology transfers. She has deep expertise in international collaboration and strategic alignment within the Asia-Pacific region. A recognized speaker and published author, Cristiana is a thought leader in cybersecurity risks and intelligence analysis.

Ashling Lupiani
Ashling is a Cognitive Solutions Developer at City of Hope. She is a neuroscientist and biomedical engineer with experience in speech and gait research. She spent 5 years running neurorehabilitation engineering studies with human participants and conducting data analysis to investigate sensorimotor systems. She co-authored 5 papers and presented at conferences in Toronto and Boston, USA, COSAC APAC 2023, 2024, & 2025 and COSAC 28, 29, 30 and 2024.
Ashling earned a Bachelor of Arts in Neuroscience from Boston University, and a Master of Science in Biomedical Engineering from the Joint Department of Biomedical Engineering at UNC Chapel Hill and NC State. Ashling has volunteered with many educational and outreach organizations and is currently a member of the TSI Liaison Group.

Rebecca Markwick
With well over a decade of experience in training, education, and behaviour change,
alongside qualifications in advertising and branding, degrees in Literature, Creative Writing (RHUL), and a Publishing Masters (UCL), Rebecca has found herself in a unique position within the security industry. Situated at the intersection of STEM and the humanities with a
passion for making security accessible and achievable by all, she designs and develops security awareness and education programmes and creates culture strategy and interventions.
Her varied experience and eclectic background gives her skills that allow her to analyse and improve human factors within security in an effective and engaging way. A popular speaker and panellist, Rebecca can be found all over the conference circuit, bringing new ideas and challenging the status quo.
Her work covers all aspects of security, from user experience to behavioural nudges, data analytics to global cultural differences. Whether it’s cyber, physical, privacy, or risk focused security, Rebecca does it all. She works with Red Teams, Blue Teams, and Purple Teams in a role that covers more than one might think at first.

Kashif Memon
Security professional with seven years of hands-on experience in red team operations, cloud security, and DevSecOps. Currently working in vulnerability management, impact & risk management, and security automation. OSCP and AWS Certified.

Kathleen Mullin
Kathleen Mullin is an influential information security practitioner and international speaker with over twenty-five years of experience. She started her career in Accounting and Internal Audit before moving into Information Technology and Cybersecurity. She has been CISO at various organizations, focusing primarily on healthcare. Most recently, she is CIO|CISO for MyCareGorithm, a SaaS startup focused on transforming the Doctor/Patient experience.
Throughout her career, Kate has volunteered and contributed to information security as a profession, including serving on multiple board and advisory positions. Currently she is a Board member of the SABSA Institute (TSI) and Chair of the TSI EMEA-NA Liaison Group. She holds a Master of Business Administration from Florida Metropolitan University.

Stephen Nelson
With over eight years of experience in open-source intelligence (OSINT), I have honed the ability to uncover, analyze, and interpret publicly available information to deliver actionable insights for organizations across the public and private sectors. My career reflects a dedication to leveraging OSINT methodologies to address complex security, investigative, and operational challenges. I specialize in conducting comprehensive OSINT investigations, enabling clients to identify vulnerabilities, assess risks, and make informed decisions. My work has included threat actor profiling, digital footprint analysis, and uncovering hidden connections across vast datasets. Leveraging advanced tools and custom methodologies, I’ve delivered critical intelligence for enterprise clients, government agencies, and high-stakes projects. In addition to technical expertise, I have played a pivotal role in designing OSINT workflows and automating processes to increase efficiency and scalability. By developing custom tools and scripts, I’ve empowered organizations to harness the power of OSINT with precision and speed.
My contributions to the field extend to security awareness and education, where I’ve trained professionals on OSINT techniques, digital hygiene, and mitigating exposure. Through tailored training and real-world scenarios, I have helped organizations improve their resilience against data leakage and reconnaissance. Certified in industry-leading disciplines, including OSINT and related intelligence analysis frameworks, I have hands-on experience with advanced tools like Maltego, Spiderfoot, Shodan, and others, while maintaining proficiency in Python and PowerShell for developing bespoke solutions.
Collaborating on groundbreaking projects and contributing to open-source intelligence initiatives has further fueled my passion for innovation. My approach combines technical acumen with a deep understanding of the evolving threat landscape, delivering tailored solutions to enhance operational security and decision-making.
By bridging the gap between information and actionable intelligence, I help organizations transform OSINT into a strategic advantage, driving informed actions in today’s complex world.

Dr. Brian Nussbaum
Brian Nussbaum is an associate professor of Emergency Management and Homeland Security (EMHS), in the College of Emergency Preparedness, Homeland Security and Cybersecurity at the University at Albany. Dr. Nussbaum formerly served as senior intelligence analyst with the New York State Office of Counter-Terrorism (OCT), a part of the New York State Division of Homeland Security and Emergency Services (DHSES). He oversaw both terrorism and cyber threat analysis efforts at New York’s designated state fusion center, the New York State Intelligence Center (NYSIC). Additionally, Dr. Nussbaum served as the first-ever Visiting Professor of Homeland Defense at the United States Army War College in Carlisle, PA (2012-2013). Dr. Nussbaum’s work has appeared in journals including Computer Law & Security Review, Global Crime, Public Integrity, The Journal of Financial Crime, The International Journal of Intelligence and Counter-Intelligence, and Business Horizons.