Community & Events

Two of our own headlined the boardwalk this year, one on beating help desks, one on staring down ransomware crews.

By SEVN-X  ·  July 14, 2026  ·  4 min read

Last Friday, the Bally's Atlantic City conference center filled up with the kind of crowd we love: practitioners who would rather trade real stories than sit through another vendor pitch. It was Boardwalk Bytes, the Information Security Conference now in its third year, and we were proud to be there again as a sponsor. Between the sessions, the villages, and the hallway conversations, it was a full day of the community doing what it does best.

If you have not been, Boardwalk Bytes is a little different. It was built by Don and Emily Dobson with a simple mission: keep the cost low, keep the learning high, and give everyone from students to CISOs a place to level up together. That spirit is exactly why we keep showing up. This year we had a little extra reason to, because two members of our team took the main stage in Traymore C.

// Stephen Bondurich: proving he is you

10:30 AM · Main Stage

I Am You, and I Can Prove It: Defeating and Redesigning Help Desk Identity Verification

Stephen Bondurich, Senior Security Consultant, SEVN-X

Stephen is one of our senior consultants and a genuinely skilled social engineer, the person we send in when a client wants to know how their people and processes hold up against a determined attacker. His talk went straight at one of the softest targets in almost every organization: the help desk.

The uncomfortable truth he laid out is that the scripts most help desks use to confirm who is on the phone were never designed to stop a motivated attacker. A name, a date of birth, the last four of an employee ID, these are the exact details that are cheapest to buy or guess. Stephen walked the room through how an attacker defeats that verification over the phone, then flipped the session into something more useful: how to redesign the process so it actually holds up. It was a great reminder that the strongest security controls in the world do not matter much if someone can talk their way past the front desk.

// Matt Barnett: dealing with shadows

2:20 PM · Main Stage

Dealing with Shadows: The Art of Threat Actor Negotiations

Matt Barnett, CEO & Co-founder, SEVN-X

Our CEO and co-founder Matt Barnett took the afternoon slot with a subject very few people can speak to from real experience. Matt has spent years leading incident response on high-stakes ransomware cases, and he has been in the room, or on the other end of the chat, when an organization is negotiating with the people who just encrypted everything they own. If you have caught him giving cyber commentary on NBC10 in Philadelphia, you already know he has a knack for making the scary stuff make sense.

His session pulled the curtain back on what threat actor negotiation actually looks like. Not the Hollywood version, the real one: the psychology, the pacing, what tends to work, and the moves that can quietly make a bad day so much worse. The room stayed locked in, because this is the part of incident response most people only ever read about in a headline. Matt has lived it, and he shared it with the calm you want from the person you would call at 2 AM.

// The rest of a genuinely good lineup

Matt and Stephen were in strong company. Mike Miller opened the day with a keynote on treating your career like a business continuity plan. Dr. Larry Snyder challenged the industry's favorite excuse in "Cybersecurity's Favorite Fiction: Human Error." Darin Fredde connected offensive rigor with the art of persuasion, and Phillip Wylie, Atdhe Buja, Chris Maenner, and Shesha Reddy Kandula covered everything from IoT attack paths to securing AI workloads in Kubernetes to the new breach paths opening up as enterprises adopt AI assistants. Add in the hands-on villages, from lockpicking with TOOOL to the IoT Village, and there was something worth your time in every hour.

 

// The Hacker Triathlon

This year we also tried something new: the SEVN-X Hacker Triathlon, a first for Boardwalk Bytes. Attendees earned their spot by surviving a rapid-fire quiz during the conference, and by the end of the day the top three scorers took the stage to compete. The three challenges each mapped to a different corner of security. First, contestants were handcuffed behind their backs and had to pick, shim, or slip their way free to clear the physical security round. Next came a hands-on-keyboard capture the flag in a Linux environment. And to finish, a man-versus-machine showdown where they had to talk an AI model into disobeying its own instructions. It was a blast for competitors and spectators alike, and everyone who played walked away with a prize.

 

// Why we keep coming back

Events like Boardwalk Bytes are the calm, useful side of an industry that usually only makes the news on its worst days. They are where knowledge gets shared for the right reasons and where the community gets a little stronger. That fits how we think about the work. Boutique focus, real practitioners, and a team that is as approachable as it is unstoppable. Thank you to the Dobsons and the whole crew for another excellent year, and to everyone who came up to say hello.

Want to talk help desk hardening, incident response, or what a real adversary would find first?

Meet the SEVN-X team →

Filed under: News, Community, Incident Response, Offensive Security

Matt Barnett & Ryan Bradbury
2 The heads of our tribe holding down the SEVN-X Booth at Boardwalk Bytes 2026.
Micheal McKeown
1 Michael looking sharp in front of the SEVN-X Booth!
Hacker Triathlon
3 The hacking has begun at the 2026 Hacker Triathlon!
Winners of the contest
4 And the winners are!
Lockpicks
5 Pick a lock any lock!