BSidesSF 2026 ran on 21st-22nd March 2026 at City View at Metreon in downtown San Francisco. The event takes place on the weekend immediately before RSA Conference. This year, around 2,500 attendees came together across 92 talks, 8 workshops, 11 interactive sessions, and a CTF, supported by roughly 235 volunteers.
BSidesSF is built differently from RSAC. The conference is 100% volunteer-run and non-profit, and the room is full of engineers, researchers, and operators who are actively building the systems other companies talk about. The 2026 edition carried the theme “BSidesSF: The Musical!” and both keynotes explored AI in security.
A few takeaways from the weekend
BSidesSF was a chance to spend a chiller weekend with people we do not get to see often. The Indian security community in San Francisco has quietly built some of the most interesting cybersecurity companies in the city. Catching up with Vivek Ramachandran, whose company SquareX was recently acquired by Zscaler, was one of the highlights. Time with the teams at Fourcore and Bugbase reinforced the same instinct: that India has the engineering depth to produce category-defining cybersecurity companies on the global stage.
The two BSidesSF keynotes both explored AI in security, and the recurring theme across both was the same as the broader practitioner conversation right now. Identity, trust, and the widening gap between what AI agents are permitted to do and what they actually do in production. These are the open questions the next generation of cybersecurity platforms will need to solve.
BSidesSF is the right room for an early-stage cybersecurity company. The practitioner-first format means the entire weekend is about substance, and security is evolving fast enough right now that weekends like this are where the direction of change shows up before it reaches the broader market.
BSidesSF works because it is built by the practitioners it is built for. There is no vendor stage performance, no marketing arc, just engineers and researchers thinking out loud about where security is going next. The Indian cybersecurity community walking these halls is a real signal of where this industry is being built from, and Osto is glad to be part of that community.
A lot is being built. A lot more is coming.