Of the Field

BSidesOK 2026

osted in Tulsa, OK, BSides Oklahoma is a free information security conference focused on practical, hands-on training for improving security. As the premier security conference for the state of Oklahoma, it draws speakers from across the country and attendees from several surrounding states. Each BSides event is community-driven and built by and for members…

Visit the official site

40Voices

28Underwriters

0Exhibitors

21On the bill · sessions

50Companies · in total

§I

The Voices

Programmed at BSidesOK, in alphabetical order.

Aaron Crawford

Andre Piazza

Cybersecurity Strategist

Andrew Lemon

Principal Security Engineer · Alias

Andrew Peters

Security Engineer at Alias Cybersecurity · Alias Cybersecurity

Andy Lewis

Technical Marketing Manager at ReversingLabs · ReversingLabs

Anthony Hendricks

Legal Problem Solver and Litigator · Crowe & Dunlevy

Antonio Cobo

Camron Borders

Special Agent, FBI (Oklahoma City Cyber Task Force) · FBI

Cary Hooper

Offensive Security Engineer

Donovan Farrow

CEO, Founder · Alias Forensics

Filipi Pires

Principal Security Engineer and Security Researcher · Zup Innovation

Geoff Wilson

Founder · Go Security Pro

Gordon Rudd

CEO · Stone Creek Coaching

Gregg Robbins

AVP of IT Security Services, Watco Companies · Watco Companies

Ian Anderson

Director of Enterprise Security, Network, and Monitoring, Oklahoma Gas & Electric · Oklahoma Gas & Electric

James Honeycutt

Jason Rohlf

VP of Solutions · Onspring

J Fridley

Senior Solutions Engineer at Oligo Security · Oligo Security

Joe Sullivan

Consultant · Rural Sourcing

Jonathan Kimmitt

Chief Information Security Officer, Alias Cybersecurity · Alias Cybersecurity

Julio Tirado

Karthikeyan Govindaraj

Vice President · BlackRock

— and 18 more, by name unsung —

§II

Underwritten By

The houses behind the program. Tiers as disclosed.

Alias CybersecurityDiamond

CyberOne SecurityPlatinum

FortinetPlatinum

Nozomi NetworksPlatinum

VorlonPlatinum

ZafranPlatinum

CorelightGold

CriblGold

Go Security ProGold

IntezerGold

Oligo SecurityGold

OU Polytechnic InstituteGold

PBSnowGold

RubrikGold

SemgrepGold

Consumer ReportsSilver

CyberBase AISilver

MOKNSilver

OptivSilver

QualysSilver

Reach SecuritySilver

Red Threat SecuritySilver

Vector Pulse AISilver

ISACA Central Oklahoma ChapterCommunity Partner

ISSACommunity Partner

Oklahoma Information Sharing and Analysis Center (OK-ISAC)Community Partner

PCI Security Standards CouncilCommunity Partner

TechlahomaCommunity Partner

§III

The Programme

Selected from 21 sessions on the bill.

10:00 am
Hardening the OS: Fighting 0-Days with Modern Exploit Defenses
As advanced threats evolve, defending against zero-day exploits has become increasingly challenging. Old-school mitigations like DEP and ASLR are largely ineffective against today’…
10:00 am
Offensive Engineering: Applying DevOps Principles to Offensive Security
Most offensive security programs start off with a small, one-person team, a few created or borrowed scripts and tools, and operate largely on trust and muscle memory. In teams I’ve…
10:00 am
The Adversary Doesn't Care About Your Compliance Score
Cybersecurity standards exist for good reason; they establish a floor. But floors aren’t ceilings, and adversaries like Volt Typhoon are playing a game our frameworks weren’t desig…
1:00 pm
Extending Shared Threat Models with the Application Attack Matrix
Shared threat frameworks have transformed how defenders describe adversary behavior and coordinate response. As attackers increasingly target software supply chains, application ru…
1:00 pm
Hunting Smarter, Not Harder: Building Threat Hunting Pipelines with Python (Featuring ESXi Hunting)
Blue teams are swimming in logs, alerts, and noise—but not always the right visibility. Especially when it comes to ESXi and virtualization, most detection tools stop at the OS lay…
1:00 pm
The Mentor's Roadmap to Your Cyber Career
The job market is tough and there are numerous paths shrouded in mystery one can take in their cyber security career. Join us as a veteran of the industry demistifies the field and…
11:00 am
Burned-Out Admins: Your Most Exploitable Vulnerability
Your organization has invested in EDR, SIEM, zero-trust architecture, and a SOC—yet your most critical security vulnerability might be sitting in the next room, responding to their…
11:00 am
“I’m in Danger”: From Alert Chaos to CTEM
As the digital attack surface expands beyond traditional endpoints and into the realms of identity, cloud misconfigurations, and shadow IT, the standard “patch-all-critical” approa…
11:00 am
Operation Moonlander: Dismantling the Anyproxy/5socks Botnet
Hear about how in 2025, the FBI and Dutch National Police conducted a coordinated takedown of a decades-old botnet that enabled millions of dollars of criminal activity by foreign …

Intermission

Part the Second · For the Buyer

What does it mean when 50 companies show up — and 4 bet on three roles at once?

“50 companies. four are betting more than once.”

The numbers below are derived from the speakers, sponsors, and exhibitors on this page — cross-referenced into one ledger. They are the only thing here that 10times.com cannot tell you.

№ 01Fig. 01 — Composition of the House

4All threespeak · spons · exh

24Sponsoringsponsor only

0Exhibitingexhibitor only

22Companies Speakingspeaker only

The Triple-Threat

Alias Cybersecurity·Go Security Pro·Oligo Security·Qualys

№ 02Fig. 02 — The Voices, by Seniority

25% of the speakers carry senior titles — C-suite, Founder, VP, or Director-level.

C-suite38%
Founder / Owner410%
VP-level25%
Director / Head of13%
Manager / Lead410%
Engineer · IC820%
Research / Science13%
Marketing / Brand13%
Other roles1640%

Of 40 on the bill · classified by free-text title

№ 03Fig. 03 — The Heaviest in the Room

01Alias CybersecuritySp·D2V
02Go Security ProSp·G1V
03Oligo SecuritySp·G1V
04QualysSp·S1V
05Consumer ReportsSp·S
06CorelightSp·G
07CriblSp·G
08CyberBase AISp·S
09CyberOne SecuritySp·P
10FortinetSp·P
11IntezerSp·G
12ISACA Central Oklahoma ChapterSp·C
13ISSASp·C
14MokNSp·S

№ 04Fig. 04 — By Tier

diamond1

4% of 28

platinum5

18% of 28

gold9

32% of 28

silver8

29% of 28

community partner5

18% of 28

№ 05Fig. 05 — The Missing · who's at peer events but not here

These companies sponsored two or more peer events recently, but aren't on this program. For an organizer, that's a list of warm prospects.

IBM×5 peers
Datadog×4 peers
Palo Alto Networks×4 peers
Armis×3 peers
CGI×3 peers
Cisco×3 peers
Deloitte×3 peers
Expel×3 peers
Netskope×3 peers
Pluralsight×3 peers
Red Hat×3 peers
Slalom×3 peers

№ 06Fig. 06 — Adjacent Convocations · by shared underwriters

OWASP Global AppSec EU 2026 (Vienna, Austria)June 22, 2026 · Vienna+ 2 shared
California Government Technology Summit 2026August 25, 2026 · Sacramento+ 2 shared

BSidesOK 2026

Hardening the OS: Fighting 0-Days with Modern Exploit Defenses

Offensive Engineering: Applying DevOps Principles to Offensive Security

The Adversary Doesn't Care About Your Compliance Score

Extending Shared Threat Models with the Application Attack Matrix

Hunting Smarter, Not Harder: Building Threat Hunting Pipelines with Python (Featuring ESXi Hunting)

The Mentor's Roadmap to Your Cyber Career

Burned-Out Admins: Your Most Exploitable Vulnerability

“I’m in Danger”: From Alert Chaos to CTEM

Operation Moonlander: Dismantling the Anyproxy/5socks Botnet

“50 companies. four are betting more than once.”