BSidesDayton 2026 Recap

A Look Back at 2026

On Saturday, May 23, 2026, BSidesDayton returned with the theme "Going Offline – Decentralize, Disconnect, DIY". 100 attendees joined us at Fairborn City Church for talks, hands-on villages, a story-driven CTF, and an evening of food and drinks at the Wandering Griffin.

Thank you to everyone who spoke, volunteered, sponsored, and showed up. Here's a glimpse of what we built together.

BSidesDayton 2026 was made possible in part by our sponsors.

DEFCON Group 937

Photos from the Day

Annie Dai presenting on GEO satellite security — Annie Dai, Main Track

Guy Royse presenting on the Reticulum Network — Guy Royse, Main Track

Dave Hatter presenting on third-party risk — Dave Hatter, Main Track

Matt Scheurer presenting on DNS security — Matt Scheurer, Main Track

Attendees picking up conference badges at registration — Badge Pickup

BSidesDayton 2026 conference badges — 2026 Badges

Capture the Flag competition in progress — Capture the Flag

P25 Radio Village hands-on activity — P25 Radio Village

Main Track Talks

Don't Look Up: There Are Sensitive Internal Links in the Clear on GEO Satellites

Annie Dai | 60 Minutes

A broad scan of cleartext IP traffic across dozens of GEO satellites shows how critical infrastructure backhaul is exposed and what that means for defenders.

You've Probably Never Heard of the Reticulum Network

Guy Royse | 60 Minutes

Reticulum is a cryptography-based stack for resilient, decentralized communication when centralized infrastructure fails or gets cut off.

These aren't the Providers you are looking for: Compromising pipelines with Evil Terraform

Dakota Riley | 60 Minutes

Malicious Terraform providers can steer CI pipelines and deepen access, with attack paths, mitigations, and a live demo.

Definitely Not Secure (DNS)

Matt Scheurer | 60 Minutes

DNS fundamentals, live demos of common attacks, and practical defensive tactics for people who use DNS every day but rarely treat it as a primary attack surface.

Managing Third-Party Risk

Dave Hatter | 60 Minutes

Third-party dependencies increase breach, compliance, and disruption risk; the session uses cases like SolarWinds plus assessments, contracts, and monitoring to reduce exposure.

P0wning the Narrative: How I learned to alter reality and why compelling stories are more important than objective truth

Bryan K. Fite | 60 Minutes

Cognitive warfare, misinformation, and disinformation, from history to AI and deepfakes, with strategies threat actors use and practical defenses.

Secondary Track Talks

The secondary track ran offline and was not recorded.

You guys are getting paid? A story of how I got into hardware hacking.

Jeremy Hong | 30 Minutes

A path from a Dayton local meetup into hardware hacking, plus where the tooling stands today.

A Standard For Investigative Playbooks

Matthew Gracie | 60 Minutes

YAML investigation playbooks that tie alerts and artifacts to methodology and defensive tooling, with a demo in an open monitoring platform.

Villages

Hands-on spaces ran throughout the day from 10 AM to 5 PM.

Call Center Village

Voice-based social engineering with AI call agents and live operators, featuring the Escalation Desk CTF, Learning Line demos, and a British-style phone booth.

Radio Village

Software-defined radio, amateur radio, and RF exploration with affordable hardware and free tools.

P25 Radio Village

APCO Project 25 systems through DVMProject demos, Raspberry Pi hotspots, live FNE infrastructure, and hands-on encryption on retired public-safety gear.

Sticker Heist

A story-driven challenge built around a locked safe full of stickers, where teams use reconnaissance and open-source tools to beat the system.

Capture the Flag

Our story-driven CTF followed a single infrastructure outage from cause to recovery. Teams worked through five narrative chapters tied to the "Going Offline" theme, while Call Center Village ran its own Escalation Desk CTF alongside the main competition.

Cause: Fractured Foundations

Supply chain compromise and poisoned dependencies

Collapse: Pull the Plug

Operating without connectivity when services fail

Survival: Hand-Carried Secrets

Sneakernet and side-channel communication

Recovery: Cold Iron Archives

Backups, snapshots, and cold storage recovery

Trust: Web of Trust

Identity verification and rebuilding trust offline

Venue

BSidesDayton 2026 was held at Fairborn City Church in Fairborn, Ohio.

Fairborn City Church

206 W. Dayton-Yellow Springs Rd.

Fairborn, OH, United States, Ohio

After Party

We celebrated at Wandering Griffin Brewery & Restaurant from 5:30 PM to 10:00 PM, about a 10-minute drive from the venue. Attendees enjoyed complimentary hors d'oeuvres (pulled pork sliders, chicken sliders, and wings), non-alcoholic drinks, and a private bar for networking with speakers and fellow security professionals.