Welcome Back, BSides Chicago

This year’s BSides Chicago wasn’t just a cybersecurity conference—it was a reunion, a masterclass, and a celebration of the hacker spirit. Held in the heart of the Windy City, this community-driven event brought together security professionals, researchers, red teamers, blue teamers, and the ever-curious to share tools, tactics, and tales of the trenches. After a pandemic pause, it returned with more fire than ever before.

From hallway conversations to technical deep dives, every moment captured what makes BSides so vital: it’s the kind of con where your heroes are accessible, your ideas are welcomed, and your notes are just as likely to be written in a notebook as they are on a napkin during lunch.

🎤 Tarah Wheeler’s Keynote: Security, Sovereignty, and the Stakes of AI

When Tarah Wheeler speaks, the room doesn’t just listen—it leans in. Her keynote this year was nothing short of commanding. As an infosec executive, AI researcher, and international conflict analyst, Tarah brought both technical and geopolitical depth to the conversation. She reminded us that nation-state cyber incidents aren’t abstract—they’re real, escalating, and demand nuanced, ethical leadership in our field.

With her blend of high-level policy insight and raw hacker ethos, Tarah’s message landed: security today means building not just code, but capacity—across nations, cultures, and technologies. Whether quoting Enlightenment philosophers or dropping wisdom from her time at the World Series of Poker, she proved once again that intelligence, passion, and unconventional thinking are exactly what the cybersecurity world needs right now.

🛑 Locknote with John Hammond: Real Adversaries, Real Defense

To close the day, John Hammond delivered a locknote that hit like a well-aimed exploit. Known for his educational content and hands-on malware research at Huntress, John walked us through the very real threat landscape facing defenders today—from small business intrusions to state-level ransomware operations.

By the time John Hammond took the stage for the locknote, everyone felt it—October had been *a lot*. “It’s Cybersecurity Awareness Month,” he joked, “but I’m just aware of how burned out we all are.” From cascading breaches to cloud outages and back-to-back zero-days, John captured the collective exhaustion of defenders everywhere.

He walked through the chaos: the AWS hiccup that broke workflows, Microsoft’s 0-day exploit that caught people off guard, and DNS issues that hit not long after. It felt like a domino run of “this shouldn’t have happened,” and yet… here we were. John’s message landed clearly: security is a team sport, but the opposing team doesn’t play fair—and they’re not waiting for us to patch, plan, or even breathe.

With a mix of CTF-style storytelling, defensive realism, and a few “you can’t make this up” moments from his work at Huntress, John’s locknote was a rallying cry. It reminded SOC analysts, DFIR teams, and every alert-fatigued defender in the audience why we keep showing up: because someone has to catch what the others miss. And because—despite the madness—we still give a damn.

🏁 Kat Fitzgerald’s Final Run: Confound and Delay

Kat Fitzgerald’s talk, “Confound and Delay: Deception, Intrusion Logs, and a Whole Lot of Nope,” was a masterclass in subverting attacker expectations. With wit, experience, and a deep understanding of adversary behavior, Kat peeled back the layers of deception tech, honeypots, and good old-fashioned log misdirection.

This year also marked a bittersweet moment—Kat is stepping away from her role after running BSides Chicago for the past 9 years. Her contribution to the community has been immeasurable, and her legacy will echo through every badge scan, hallway chat, and lightning talk for years to come. We salute you, Kat—thank you for your vision, leadership, and for making Chicago a security home for so many.

💥 Community, Curiosity, and Chaos: Why BSides Still Matters

BSides Chicago reminded us why we do this. It’s not just about the CVEs or the zero-days—it’s about the people. The defenders building detections that catch real-world threats. The students asking brave questions. The researchers sharing their newest findings without gatekeeping. The hallway chats that turn into collaborations. The laughter. The late-night pizza.

To everyone who attended, spoke, volunteered, or just showed up to learn: you are the pulse of cybersecurity. Until next year, stay curious, stay bold, and never stop questioning the system.