Call for Papers
BSides Kraków 2025
27 Sep 2025
Wydział Informatyki, AGH, D-17 Kraków, Poland Kraków, Poland
bsideskrakow.pl
BSides events combine security expertise from a variety of platforms in search of the “next big thing” in information security. BSides is an open platform that gives security experts and industry professionals the opportunity so share ideas, insights, and develop longstanding relationships with others in the community. It is a rare opportunity to directly connect and create trusted relationships with key members of the community.
Call for Papers
14 Sep 2024
15 Jun 2025
You are required to submit the:
Title/abstract for your talk/workshop
I. Talk/Workshop/Training Submission Guidelines
> Talks will need to be up to 60 minutes long. (Recommended 45m presentation + 15m for Q&A)
Provide the Title and a descriptive Abstract of what you are presenting. Keep it short and to the point (up to 150 words). Please respect the limits!
> Workshops/Trainings can last all day.
Provide the Title and a descriptive Abstract of what you are presenting. Keep it short and to the point (up to 200 words). Please respect the limits!
NOTE:
The conference will be held in English ONLY.
All submissions - abstracts and workshops MUST be in English.
If more than one speaker will be presenting, then please include the details (name, Twitter, photos, etc.) for each one in your submission.
If you want to give a rookie or lightning talk, then contact our CFP email (contact@bsideskrakow.pl) for more info.
IMPORTANT:
We do not accept product or vendor-related pitches. We are a vendor-neutral conference and any sponsorships received are under the agreement of supporting the Security BSides Kraków initiative, by making it available to the security community. If your presentation involves an advertisement for a new product or service your company is offering, please do not submit it. In addition, we do not accept presentations submitted by third parties including (but not limited to) company representatives, management bureaus, etc. Security BSides Kraków presentations should be focused on topics that are of interest to (cyber) security/technology professionals, researchers, and enthusiasts, who are paying attention to the current trends and emerging issues. We are committed to keeping Security BSides Kraków informative, educational, and entertaining to the attendees and the community.
POSTSCRIPT:
- If you want to submit more than one talk/workshop, use the form to submit each one separately. You may submit as many as you like.
- Given the fact you have a lot of time to submit your talk, take your time and prepare the best talk you can :)
- Don't be afraid to submit your talk, this is a community event made by and for the community, Join and enjoy!
- We plan to announce the acceptance of your submission by the middle of July.
Topics we would like to hear about
Preference is given to talks that are up-to-date, innovative, and provide solutions as well as insight into problems.
- A.I. Security
- (anti)Forensics and Incident Response
- Application Security / DevSecOps
- Biometrics / Identity and Access Management
- Bio Hacking
- Cloud Security
- Compliance / Regulations / Standards / Risk Man
- Critical Infrastructure Security / Mission Critical Systems
- CyberSecurity
- Data Breaches for Stock Market Manipulation
- Database Security
- DDoS Extortion / Botnets / CEO Fraud / Compliance Extortion
- Ethical Hacking / Security Projects & Tools
- Firewalls / VPN / UTM
- Hardware Security
- Healthcare Security
- Internet of Things (IoT)
- Malware Analysis & Techniques
- Mobile Security
- National Security / CyberDefense
- Network Infrastructure
- Network Security / Monitoring
- Offense and Exploitation
- Open-source Intelligence (OSINT)
- Penetration Testing
- Physical Security
- Privacy & Issues
- Security Information and Event Management (SIEM)
- Security Management
- Transportation Hacking (Car, Bus, Airplanes, Ships, etc.)
- Threat Intelligence
- VoIP Security
- Vulnerability Scanners
- Web Application Security
- Wireless Security
all submitted sessions
event fee
Submitted sessions
- CTF
- Hacker Trivia
- Table tops
- Secure by Design or Secure by Luck? Rebuilding Pen Testing for AI-Era Development
- Building Cyber resilient culture with interactive crisis simulation
- Shifting left isn’t enough: time to shift mindset
- Behind Closed Doors - Hacking RFID Readers
- A completely pluggable DevSecOps programme, for free, using community resources.
- Offensive Use of LLMs: Current Capabilities & Risks
- MFA in Practice: Security trade-offs and engineering realities
- What's Wrong With Them? Turning Misunderstandings into Intercultural Insights
- Securing Real-Time Middleware: From Legacy Integration to Modern Threat Landscapes
- From Curiosity to Cybersecurity: A Practical Guide to Getting Started and Standing Out
- Enhancing open-source IDS & SIEM solutions into AI-enabled XDR & SOAR Solutions in Cloud Environment
- Turn Compliance into Your Competitive Edge: Build Sustainable AI and Tech Tools in 3 Simple Steps
- Why I Go to the Dark Web Every Day
- The Anatomy of a Pentest: Live and Uncensored
- Retrofitting Security: A Survival Guide for Legacy Systems
- The Birthplace of Lies: Hacking Analytics SDKs
- Python on Wheels: Hacking Automotive Systems
- Stop doing software security wrong - do it right!
- It is not a matter of if, but when your software will be attacked! — Are you ready?
- Beyond the Browser: OSINT from Radios, Satellites, and Spoofed Skies
- Spoofed Skies & Ghost Flights: A Hands-On OSINT Deep Dive into Aviation Deception
- I Know What You Did Last Summer: The Silent Echoes of OSINT
- Aqua Anarchy: Cyberpunk Strategies in Maritime OSINT Warfare
- Inside a $15M Cyber Heist: From Home Router Intrusions to Social Engineering
- Uncovering and Combating Brazil's Largest Financial APT: A Journey of Collaborative Intelligence
- Advanced Persistent Threats: How to Stay Effective for a Decade?
- Open Sesame: The API Defenders - A Superhero’s Quest for Digital Justice
- Evading EDRs for fun and profit (mostly profit): A quick and dirty overview
- Using OWASP Nettacker For Recon and Vulnerability Scanning
- Beyond 22 and 445: Hacking lesser-known ports and protocols
- Talking to payment cards over NFC
- # PASTA-Driven AI Red Teaming: Securing Agentive Systems Through Structured Threat Modeling
- Hacking Mainframes - How To Become SPECIAL...
- The Continuous Mindset
- Journeying through Data Spaces - New Path to Interoperability?
- Role Injection - Hijacking ChatML Compatible Agents
- How to scale threat modeling with AI for maximum impact
- Intel in the Wild: Advanced Campaigns & Infostealer Distribution
- "Clearing the Waters: DeOtter's Battle Against Obfuscated Phishing"
- DevSecOps with Microsoft Defender for Cloud
- "Incident Response: Combating Infostealer Attacks"
- The Wolf of Wall Steal: Inside Crypto Traffer Group Operations
- Securing the Cloud: Unveiling Vulnerabilities with AzurEye
- Confidential Containers, Certified by a Mainframe
- Trust me, I'm lying: Establishing Trust in the MLOps Lifecycle
- Shitty Add-on 101
- Hardware Hacking Curiosity
- Killing with Keyboards – How Your Digital Footprint Can Be Weaponized
- AWS Advanced Offensive Techniques, what defenders need to know.
- LLMs in AppSec: Why They Still Need a Chaperone
- AI vs. Fake News: Can a Bot Tell Fact from Fiction?
- Dancing to the DMA Tunes - Can Mobile Security Keep Up?
- The Multiverse of Madness Adversarial Attacks on AI
- Evading GenAI Application Defenses
- Phishing-as-a-Service and Content Moderation: Protecting Your SaaS Platform from Takedown Risks
- app.alert(1) is the new alert(1)
- Social Engineering for Covert Access Assignments
- Containing the Threat: Analyzing cryptomining campaigns
- Hunting Shadows: Open-Source Tactics for Cyber Threat Intelligence
- Veil of Silence: Unraveling the Ransom Screen Lock
- Malware Analysis: It's More Than Meets the Eye
- Keys to Freedom: Analysis and Resolution of Arab Ransom Locker Infections
- Be Ready: Protecting Microsoft 365 Data from Cyber Attacks