BSides Canberra 2025: T-Shirts, Time Travel, and Why Mainframes Are Still Terrifying
Another year, another BSides Canberra in the books, and honestly? We're still recovering (in the best possible way).
SilentGrid returned as a gold sponsor, setting up shop in the hardware area with all the essentials: t-shirts, webcam covers, stickers, and enough snacks to fuel a small army of security enthusiasts. About those t-shirts... apparently word spread after last year because our entire supply, carefully calculated to last the full conference, vanished by 10:30am on day one. We're choosing to believe it's because of our impeccable design taste and not because people just really like free stuff. (Okay, it's probably both.)
Our booth also featured the return of VexBot, our AI-based CTF challenge that continues to prove surprisingly addictive. Watching attendees puzzle through it never gets old.
The Talks That Made Us Think (and Laugh)
The quality of presentations this year was exceptional. Here are some of our highlights:
Riley Kidd delivered something special: a talk that exploited Age of Empires across time itself. Starting with vulnerabilities from 1997 and progressing to modern exploits, Riley showed how exploitation techniques have evolved over nearly three decades. It was equal parts nostalgia trip and masterclass in exploit development. Nothing quite says "cybersecurity conference" like weaponizing your childhood memories.
Rajiv Shah brought his PhD in quantum physics to bear on a topic that often generates more hype than clarity: quantum computing and its threat to modern encryption. His insights on the actual energy requirements and complexity of quantum computers were a refreshing reality check against the breathless marketing claims we've all seen. It's the kind of talk that makes you simultaneously relieved (we're not quite there yet) and concerned (but we're getting closer).
Ben Williamson made Rust's safety features accessible through clever thought experiments that illuminated not just why Rust is secure, but why other languages struggle with vulnerabilities that attackers exploit daily. If you've ever wondered why memory safety matters (or what it even means), Ben's presentation was the primer you didn't know you needed.
"Alex" brought infectious energy to a talk about malware development and why it's harder than it looks. Their presentation style is exactly what you want at a security conference: technically solid but genuinely entertaining. Sometimes the best education comes wrapped in enthusiasm.
Matthew Flanagan gave us all an uncomfortable moment of clarity about next-generation firewalls. These are devices that organizations trust implicitly, often treating them as the foundation of their security architecture. Matthew's deep dive into their quirks and what's possible if you gain access to one was the kind of eye-opening talk that changes how you think about your infrastructure.
Annie Nie made mainframes, those mysterious relics that somehow still run critical systems everywhere, actually understandable to mere mortals. Then she demonstrated an unauthenticated remote code execution vulnerability with an attack path so elegant it was almost beautiful. Almost. Mostly it was terrifying.
SilentGrid Takes the Stage
This year we weren't just in the audience. Former SilentGrid team member Jayden Caelli presented on Kerberoasting in C# from an operational security perspective, diving into the practical considerations that matter when you're actually trying to stay undetected.
Richard Appleby took a different approach entirely, stepping away from hardcore technical content to explore how hacking has been portrayed in films over the years. From Hackers to Independence Day to The Matrix Reloaded to Blackhat, it was an entertaining reminder that Hollywood's version of our industry is... creative. Let's go with creative.
Black Bag Challenge: Door Kicking Edition
We also threw ourselves into the Black Bag Challenge, which culminated in the absolutely surreal experience of Ben literally kicking down a door to access a dark, D&D-themed room full of lasers. It's not every day that physical security testing involves what's essentially a dungeon crawl. Applying old skills in new contexts while learning fresh techniques? That's exactly what makes these challenges worthwhile (and ridiculously fun).
The Real Reason We Keep Coming Back
Here's the thing about BSides: yes, the talks are excellent. Yes, the technical challenges are engaging. But what truly makes this conference special is something harder to quantify.
It's the spontaneous conversations in hallways that turn into valuable professional connections. It's finally catching up with friends and former colleagues you haven't seen since last year. It's the impromptu drinks that extend into dinner, which somehow leads to karaoke. BSides isn't just a conference. It's a reunion of people who genuinely care about security, where ideas flow freely, collaborations spark naturally, and friendships deepen.
This unique combination of technical excellence and authentic human connection is what transforms BSides from just another industry event into something actually memorable. The presentations might teach you new techniques, but the community reminds you why you got into this field in the first place.
Same time next year?
