Name: Faces in the Fog: Identifying Users through Unconventional Means
Start: 2026-06-01T14:30:00-0700
End: 2026-06-01T15:20:00-0700

Faces in the Fog: Identifying Users through Unconventional Means

Monday June 1, 2026 2:30pm - 3:20pm PDT

Track 3 - AppSec Track - Room 1420/1430 - Sponsored by Google Cloud Security - Hosted by OWASP

User enumeration remains one of the most prevalent yet under-discussed application security vulnerabilities across industries and organizations worldwide. Despite its critical role in the security landscape, many security teams overlook the implications of this core security flaw.

This talk will demystify user enumeration by exploring its various types, attack methods, and real-world impact on applications. Attendees will gain practical insights into identifying and mitigating these vulnerabilities with hands-on demonstrations of scripts, tools, and advanced techniques designed for faster detection by utilizing LLM technology. Whether a penetration tester, developer, or security professional, this session will equip you with actionable strategies to strengthen your defenses against user enumeration threats.

Speakers

Justin Larson

Principal Application Security Engineer, Redpoint Security

Justin Larson is a Principal Application Security Consultant with Redpoint Security. He started his career bouncing servers in the NOC of a SaaS company. He moved to the information security team within the same organization and then transitioned to specialize in application security... Read More →

Seth Law

Monday June 1, 2026 2:30pm - 3:20pm PDT
Track 3 - AppSec Track - Room 1420/1430 - Sponsored by Google Cloud Security - Hosted by OWASP 515 W Hastings St, Vancouver, BC V6B 5K3, Canada

Talk

BSides Vancouver 2026

Justin Larson

Seth Law

Get help with the event