Winter 2026

Show and Tell of Real Application Security Flaws Found in Top Companies

Friday, February 6, 2026 at 4:30pm
Shriram 108

Join us for a real-world deep dive into application security with Rotem Bar, a bug bounty hunter and security researcher who works full-time at Palo Alto Networks. In this show-and-tell session, Rotem will walk through real application security vulnerabilities he has personally discovered in major global companies, explaining how they were found, why they mattered, and what developers and security teams can learn from them.

Speaker: Rotem Bar
Rotem Bar is a bug bounty hunter and researcher. He currently hacks full time at Palo Alto Networks. In his free time, he hacks and finds vulnerabilities in top companies worldwide.

Software Security in the Vibe Coding Era

Friday, January 30, 2026 at 4:30pm
Shriram 108

Speaker: Varun Badhwar
Varun Badhwar is a three-time cyber security founder and CEO of Endor Labs, focused on securing the software supply chain. Previously, he founded RedLock (acquired by Palo Alto Networks), where he built Prisma Cloud to $300M+ ARR in 3 years. He has also founded CipherCloud, led platform security at Salesforce, and advised Fortune 500s at KPMG.

WiCS x Women in Applied Cyber Meeting

Thursday, January 29, 2026 at 4:00pm
Women’s Community Center

Join us this Thursday for a Women in Applied Cyber (WAC) meeting co-hosted with Women in Computer Science (WiCS)! Food will be provided, and there will be a mixer following a short presentation. We hope to see you there!

🍯 Honeypot Dreams & Stranger Things 🐝

Friday, January 23, 2026 at 4:30pm
Shriram 108

This presentation shares the hands-on experience of a cohort from the Stanford IT Experiential Development Program in deploying and operating honeypots using open-source infrastructure and software. We will walk through the operational decisions involved – including design, tooling, and security considerations. This session will also highlight attacker behaviors observed in the wild, including the techniques and motivations of the adversaries. Attendees will have a chance to attack the honeypots during the session.

Speakers: Xavier Jimenez, Nelia Lanets, and Alex Keller

Reversing Everything with Claude Code

Friday, January 16, 2026 at 4:30pm
Shriram 108

Everything you touch is a black box… until you make it talk. In this session, Zane shows how Claude Code turns “reverse engineering” from a grind into a fast and furious workflow: capture a little evidence, ask the right questions, and let an AI agent do the tedious digging while you steer the investigation responsibly. We will tour real-world targets across the difficulty spectrum:

  • Sniffing and decoding campus washing-machine telemetry.
  • Extracting an undocumented Fire TV control protocol into clean API docs and a working Python library.
  • Battling a Bluetooth-only pocket printer with an ESP32 proxy.
  • Off the deep end with a suspicious Android projector firmware and a hunt for embedded malware.

Expect practical demos, honest caveats (hallucinations happen), and a playbook for using agentic tools - checklists, narrow scopes, and parallel strategies - to reverse “everything”.

Speaker: Zane St. John
Zane St. John ‘27 is a creative technologist interested in breaking things (responsibly) to build them better.