Of the Field

BSidesOK 2026

osted in Tulsa, OK, BSides Oklahoma is a free information security conference focused on practical, hands-on training for improving security. As the premier security conference for the state of Oklahoma, it draws speakers from across the country and attendees from several surrounding states. Each BSides event is community-driven and built by and for members…

Visit the official site

25Voices

28Underwriters

0Exhibitors

21On the bill · sessions

45Companies · in total

§I

The Voices

Programmed at BSidesOK, in alphabetical order.

Aaron Crawford

Andrew Lemon

Principal Security Engineer · Alias

Anthony Hendricks

Legal Problem Solver and Litigator · Crowe & Dunlevy

Antonio Cobo

Donovan Farrow

CEO, Founder · Alias Forensics

Filipi Pires

Principal Security Engineer and Security Researcher · Zup Innovation

Geoff Wilson

Founder · Go Security Pro

Gordon Rudd

CEO · Stone Creek Coaching

Jason Rohlf

VP of Solutions · Onspring

Joe Sullivan

Consultant · Rural Sourcing

Julio Tirado

Karthikeyan Govindaraj

Vice President · BlackRock

Kris Wall

Logan Evans

Founder · Sugar Security

Michael Gough

Incident Response Principal · NCC Group

Nick Harris

Senior Security Analyst/Architect · Oklahoma Turnpike Authority

Ochaun Marshall

Developer and Security Consultant · Secure Ideas

Phillip Wylie

Offensive Security Instructor · INE

Richard Cascarino

Consultant and Lecturer

Rob Richardson

Samuel Kimmons

Adversary Emulation Lead · Recon InfoSec

Sourya Biswas

Principal Security Consultant, RM&G Practice · NCC Group

— and 3 more, by name unsung —

§II

Underwritten By

The houses behind the program. Tiers as disclosed.

Alias CybersecurityDiamond

CyberOne SecurityPlatinum

FortinetPlatinum

Nozomi NetworksPlatinum

VorlonPlatinum

ZafranPlatinum

CorelightGold

CriblGold

Go Security ProGold

IntezerGold

Oligo SecurityGold

OU Polytechnic InstituteGold

PBSnowGold

RubrikGold

SemgrepGold

Consumer ReportsSilver

CyberBase AISilver

MOKNSilver

OptivSilver

QualysSilver

Reach SecuritySilver

Red Threat SecuritySilver

Vector Pulse AISilver

ISACA Central Oklahoma ChapterCommunity Partner

ISSACommunity Partner

Oklahoma Information Sharing and Analysis Center (OK-ISAC)Community Partner

PCI Security Standards CouncilCommunity Partner

TechlahomaCommunity Partner

§III

The Programme

Selected from 21 sessions on the bill.

10:00 am
Hardening the OS: Fighting 0-Days with Modern Exploit Defenses
As advanced threats evolve, defending against zero-day exploits has become increasingly challenging. Old-school mitigations like DEP and ASLR are largely ineffective against today’…
10:00 am
Offensive Engineering: Applying DevOps Principles to Offensive Security
Most offensive security programs start off with a small, one-person team, a few created or borrowed scripts and tools, and operate largely on trust and muscle memory. In teams I’ve…
10:00 am
The Adversary Doesn't Care About Your Compliance Score
Cybersecurity standards exist for good reason; they establish a floor. But floors aren’t ceilings, and adversaries like Volt Typhoon are playing a game our frameworks weren’t desig…
1:00 pm
Extending Shared Threat Models with the Application Attack Matrix
Shared threat frameworks have transformed how defenders describe adversary behavior and coordinate response. As attackers increasingly target software supply chains, application ru…
1:00 pm
Hunting Smarter, Not Harder: Building Threat Hunting Pipelines with Python (Featuring ESXi Hunting)
Blue teams are swimming in logs, alerts, and noise—but not always the right visibility. Especially when it comes to ESXi and virtualization, most detection tools stop at the OS lay…
1:00 pm
The Mentor's Roadmap to Your Cyber Career
The job market is tough and there are numerous paths shrouded in mystery one can take in their cyber security career. Join us as a veteran of the industry demistifies the field and…
11:00 am
Burned-Out Admins: Your Most Exploitable Vulnerability
Your organization has invested in EDR, SIEM, zero-trust architecture, and a SOC—yet your most critical security vulnerability might be sitting in the next room, responding to their…
11:00 am
“I’m in Danger”: From Alert Chaos to CTEM
As the digital attack surface expands beyond traditional endpoints and into the realms of identity, cloud misconfigurations, and shadow IT, the standard “patch-all-critical” approa…
11:00 am
Operation Moonlander: Dismantling the Anyproxy/5socks Botnet
Hear about how in 2025, the FBI and Dutch National Police conducted a coordinated takedown of a decades-old botnet that enabled millions of dollars of criminal activity by foreign …

Intermission

Part the Second · For the Buyer

What does it mean when 45 companies show up — and 1 bet on three roles at once?

“45 companies. one are betting more than once.”

The numbers below are derived from the speakers, sponsors, and exhibitors on this page — cross-referenced into one ledger. They are the only thing here that 10times.com cannot tell you.

№ 01Fig. 01 — Composition of the House

1All threespeak · spons · exh

27Sponsoringsponsor only

0Exhibitingexhibitor only

17Speakingspeaker only

The Triple-Threat

Go Security Pro

№ 02Fig. 02 — The Voices, by Seniority

32% of the speakers carry senior titles — C-suite, Founder, VP, or Director-level.

C-suite28%
Founder / Owner416%
VP-level28%
Manager / Lead416%
Engineer · IC416%
Research / Science14%
Other roles832%

Of 25 on the bill · classified by free-text title

№ 03Fig. 03 — The Heaviest in the Room

01Go Security ProSp·G1V
02Alias CybersecuritySp·D
03Consumer ReportsSp·S
04CorelightSp·G
05CriblSp·G
06Cyberbase.aiSp·S
07CyberOne SecuritySp·P
08FortinetSp·P
09IntezerSp·G
10ISACA Central Oklahoma ChapterSp·C
11ISSASp·C
12MokNSp·S
13Nozomi NetworksSp·P
14Oklahoma Information Sharing and Analysis Center (OK-ISAC)Sp·C

№ 04Fig. 04 — By Tier

diamond1

4% of 28

platinum5

18% of 28

gold9

32% of 28

silver8

29% of 28

community partner5

18% of 28

№ 05Fig. 05 — The Missing · who's at peer events but not here

These companies sponsored two or more peer events recently, but aren't on this program. For an organizer, that's a list of warm prospects.

IBM×5 peers
Datadog×4 peers
Palo Alto Networks×4 peers
Armis×3 peers
CGI×3 peers
Cisco×3 peers
Deloitte×3 peers
Expel×3 peers
Netskope×3 peers
Pluralsight×3 peers
Red Hat×3 peers
Slalom×3 peers

№ 06Fig. 06 — Adjacent Convocations · by shared underwriters

AWS Summit New York 2026June 17, 2026 · New York+ 4 shared
OWASP Global AppSec EU 2026 (Vienna, Austria)June 22, 2026 · Vienna+ 2 shared
California Government Technology Summit 2026August 25, 2026 · Sacramento+ 2 shared

BSidesOK 2026

Hardening the OS: Fighting 0-Days with Modern Exploit Defenses

Offensive Engineering: Applying DevOps Principles to Offensive Security

The Adversary Doesn't Care About Your Compliance Score

Extending Shared Threat Models with the Application Attack Matrix

Hunting Smarter, Not Harder: Building Threat Hunting Pipelines with Python (Featuring ESXi Hunting)

The Mentor's Roadmap to Your Cyber Career

Burned-Out Admins: Your Most Exploitable Vulnerability

“I’m in Danger”: From Alert Chaos to CTEM

Operation Moonlander: Dismantling the Anyproxy/5socks Botnet

“45 companies. one are betting more than once.”