BSides Berlin 2021

28 August Online
A community-driven information security conference and community.
BSides Berlin is an event for and by information security community members. The goal is to expand the spectrum of conversation beyond the traditional confines of space and time. It creates opportunities for individuals to both present and participate in an intimate atmosphere that encourages collaboration. It is an intense event with discussions, demos, and interaction from participants. It is where conversations for the next-big-thing are happening.
Due to the pandemic and travel restrictions, BSides Berlin 2021 will be online and FREE! The event will be held at the Socio online conference platform.
Stay tuned by following us on Twitter (@SidesBer), or subscribing to our mailing list.

BSides Berlin is part of the Security BSides organization. This event is organized by Natalie Pistunovich (@NataliePis) and Sina Yazdanmehr (@SinaYazdanmehr).


The first ever Berlin BSides took place in 2010, and the second ever one made a comeback in 2020 after a decade!


Fabian Fäßler
LiveOverflow YouTube Channel
Read more →
Joel Noguera
Founder & Security researcher
SwordBytes Security
Read more →
Vasant Chinnipilli
Security Architect
Independent Consultant

Read more →
Misha Yalavarthy
Security Engineer

Read more →
Antonio Cobo
Delivery Manager

Read more →
Harsh Bothra
Security Consultant
RedHunt Labs

Read more →
Michał Ogorzałek
IT Security Consultant

Read more →
Aditya K Sood
Cyber Security Leader, Advisor and Practitioner
Read more →
Anna-Katharina Wickert
PhD student
Technische Universität Darmstadt
Read more →
Sourya Biswas
Technical Director
NCC Group

Read more →


09:00 - 09:50


09:50 - 10:00

Welcome Words


10:00 - 10:40

Opening Keynote

Controversial Security
Because this talk could offend somebody (and “offensive security” is trademarked) this talk is called “controversial security”. The original bsides berlin took place at cbase, the root of many privacy oriented movements, and now a YouTuber is giving the keynote. And in case this is not controversial enough, we will continue by exploring some unpopular opinions and bad security takes.

10:40 - 11:30

Rooting out security risks lurking in your CI/CD pipelines

Continuous integration and delivery (CI/CD) pipelines have become central to the daily operations of several organizations in recent years. It plays a critical role in your technology infrastructure and gives access to various resources, ranging from development and production environment to analytics keys and code signing credentials. Such an important function makes CI/CD pipelines a highly attractive target for hackers. So, now more than ever, it is vital to understand how to build and strengthen the security posture and framework of CI/CD pipelines, so organizations can mitigate the risk of attacks. However, the process of applying security to the CI/CD pipeline isn’t straightforward. The objective of the tallk is to simplify this process as much as possible and share offensive and defensive attack techniques to build a secured CICD ecosystem.

11:30 - 11:55

Impostor syndrome in the IT world from a conference speaker's perspective

Have you ever compared yourself with other team members and felt like a fraud? Have you ever felt unworthy of your job promotion? Have you ever doubted of your successes? Do you know someone who could have answered “Yes” to any of those questions? These are symptoms of Impostor Syndrome; it affects most of the people working in IT. It affects conference speakers as well. I will share with you my struggles public speaking and how I fight impostor syndrome on every conference. Hopefully this talk will help you to fight impostor syndrome on your day job and help others who might be suffering in your area of influence.

11:55 - 12:20

Exploiting Vulnerabilities in Cookie Based Authentication

Cookies are a widely used way to enable authentication in many of the applications out there. Over time, there has been a lot of security implications in Cookie-Based Authentication and new methods such as token-based authentication has entered the picture. Although many modern applications are adapting Token-Based authentication, Cookie-Based Authentication is still alive and can be observed in the wild. In this talk, we will look at various attack scenarios that can be exploited in the wild if the application is using cookies for authentication, tracking, personalization, or some value reflections.

12:20 - 13:10

Networking & Lunch Break

13:10 - 14:00

Psychology of the Phish: Leveraging the Seven Principles of Influence

According to the X-Force Threat Intelligence Index 2020, produced by IBM X-Force Incident Response and Intelligence Services, phishing is still the number one attack vector in use today. Security professionals often overlook the “social” aspect of “social engineering”, focusing on tool deployment instead. The success of phishing is predicated on exploiting normal human behavior for nefarious purposes. This session looks at phishing through this psychological lens, specifically on how the Seven Principles of Influence as expounded by Robert Cialdini are leveraged by attackers.This session will cover: • Why phishing is popular • Seven principles of influence • How phishers exploit psychology • Security controls against phishing • Tales from the trenches - real life phishing anecdotes from my experience.

14:00 - 14:25

How secure are webinar platforms?

You definitely must have attended (or maybe even organized?) online webinars - especially in current, online world. But have you wondered what kind of security issues may lurk in these platforms? We have - in the search for a webinar platform that would suit ourselves, we have tested the security of 14 of them. As a result, in half of tested platforms we have identified high or critical vulnerabilities – among others various access control issues (for example allowing unprivileged attendees to become a host/presenter), and sensitive data leakage. Alarming number of issues were identified within the very first minutes of testing – a red flag indicating the generic problem: insecure design and missing SSDLC. Reporting the security problems to vendors was far from perfect as well, to put it mildly. The problem is not limited to just webinar and online meeting platforms, but also multitude of other web applications - which utilize websockets for instant two-way communication with the browser: commonly used for chat, helpdesk, online trading to mention a few. The chances are high the security best practices shared at the end of presentation will apply to your application as well.

14:25 - 14:50

{Internet of Things or Threats}: Anatomizing the Structure of IoT Botnets

This talk is primarily structured to demonstrate attacks that are happening via IoT devices running in the wild. The demonstrations will highlight: detecting and compromising IoT C&C panels, and live attacks executing from the compromised IoT devices as launchpads. We will cover more than 10 C&C panels related to different IoT botnets to infections. The demonstration will help the audience to understand the IoT threats occurring in real-time. In addition, we will also discuss the inherent techniques and tactics opted to analysis IoT bot binaries and detecting C&C panels.

14:50 - 15:10

Networking & Coffee Break

15:10 - 15:35

Go is Memory Safe isn't it?

One of the features of the programming language Go is that it is memory-safe. For example, if you want to access an invalid memory address, e.g., a field of a slice, in a "hello world" example without concurrency and the unsafe API, you will get a runtime error. However, when using the "correct code", it is possible to access the memory. In this talk, I'll shortly introduce you to the problem, hopefully provide you an idea of the limitations of Go's memory safety, and offer you some resources for your deep-dive.

15:35 - 16:25

Threat Modeling for Detection and Response

Detection teams are tasked with engineering tailored detections for their systems. It's helpful to use threat models (TM). However, TMs are designed with Product Security teams in mind. My TM aims to serve as a practical, easy-to-iterate guide to enable Detection teams to build effective detections.

16:25 - 17:00

Closing Keynote

Following the Breadcrumbs: Hacking behind the scenes
The learning path in InfoSec is one of the main reasons that makes this field so catching and attractive. Behind every discovery, there is an extensive research process with a methodology and a mindset that makes all that work possible. “What things do I need to learn?”, “What is the best path to follow?”, “How can I learn to find bugs like those?” These are the kind of questions you probably ask yourself while reading a blog about a particular bug. I have thought about them for a long time, until I asked myself, what is happening behind the scenes of these huntings? I truly believe that the mindset, the creative thinking and the learning process behind bug hunting are as valuable as the techniques and results. During this talk, we will focus on a series of bugs in “modern” desktop applications, where we will talk about the knowledge required to start looking for similar bugs, what resources could we use to learn, and of course, what questions we should ask ourselves when trying to identify similar vectors.

17:00 - 17:10

Closing Remarks


17:10 - 18:00


Get your FREE Ticket


BSides Berlin is FREE this year! You need to get a free ticket just to get access to the online conference platform.


Due to the pandemic and travel restrictions, BSides Berlin 2021 will be online and FREE!

Review committee

Xavier René-Corail
GitHub Security Lab
Read more →
Luca Melette
Head of Research Team
Security Research Labs
Read more →
Pascal Zenker
Information Security Analyst
Read more →
Vincent Ulitzsch
Security Researcher
Security Research Labs
Read more →
Ellen Körbes
Head of Product
Read more →
Katharina Fey
Software researcher
Self employed
Read more →
Edward Medvedev
SRE Lead
Read more →

Sponsors & Partners

Blaze Information Security
GopherCon Europe
We Hack Purple
Yes We Hack