Past Event - April/2015
April 6th 2015 NY Info Security Meetup agenda:
Fireside Chat with Dan Reynolds
VP, Chief of Security and Information Architecture Omnicom Media Group
Daniel Reynolds has more than 15 years of commercial IT Industry experience and eight years of military computing experience. He has worked for Omnicom Media Group since 2002 in multiple capacities of IT management, security and architecture disciplines. Reynolds’ background involves work in government, financial, insurance, manufacturing and advertising business sectors.
Reynolds holds the CISSP, CISM, and CISA certifications as well as a host of several other technical certifications. While a senior manager, he still believes in getting in the trenches with his teams providing leadership from the front and direct mentoring. Being hands on and a lead from the front individual contributes to his continued successes.
Alert Logic has more than a decade of experience pioneering and refining cloud solutions that are secure, flexible and designed to work with hosting and cloud service providers. We deliver a complete solution that lives in the cloud, but is rooted in real expertise.
Whether your company is transitioning infrastructure to the cloud, taking advantage of managed hosting services, or continuing to rely on owned data centers, Alert Logic offers intrusion detection, vulnerability assessment and log management solutions that are coupled with 24×7 monitoring and expert guidance services from our security operations center. www.alertlogic.com
Stephen Coty is the Chief Security Evangelist at Alert Logic in Houston TX and a member of ISSA, Infragard and the HTCIA. Before coming to Alert Logic He was the Manager of Cyber Security for Rackspace Hosting. Prior to Rackspace He has worked at several companies including Wells Fargo Bank, Applied Materials, Stanford Medical Center and The Netigy Corporation. He has been in the Information Technology field since 1992 with a Focus on Security as of 1999 where he started as a penetration tester and auditor. Research has been his primary focus since 2007.
ANATOMY OF AN ATTACK: It Takes an Expert to Stop Attackers
An up-close look at today’s world of cybercrime, the evolution of hackers to attackers, and how it affects the corporate IT landscape.
The global cybercrime market increased to over $13 billion dollars of business losses in 2013, and this threat continues to grow. Recent headlines tell us about the Veterans Affairs database breach where healthcare organization’s patient data was exposed, and also incidents of state-sponsored hacking aimed at the energy industry and most recently – the Target Breach. Additionally, the recent Adobe compromise of potentially 29 million online accounts reminds us that all businesses are under attack. Global security providers are seeing threat sophistication increase significantly while IT security and system admins struggle to keep up with new attack techniques.
Attacks have advanced far beyond the early threats of tech-savvy kids wreaking havoc on computer networks. Today’s attackers are fast, well-funded and organized. Our discussion will take you into the world of cybercrime and give you an insider’s look into how attackers operate and what you can do to protect your information in the cloud.
Join Alert Logic on June 9th for a conversation as we discuss:
• A profile of today’s evolved hackers
• What attackers are really after, why and how they’re getting it
• Strategies you can implement to protect against attacks
• How to leverage cyber-security experts to augment your internal team
“How DevOps Becomes DevOpsSec”
All code has security bugs, but how do you ensure your DevOps process is locked down?
Bugcrowd will share how to tie security into every aspect of your current DevOps process. We’ll highlight the 4 keys to helping your development team produce safer, more secure code, and why 2015 is the year DevOps becomes DevOpsSec.
4 things you’ll learn:
Why DevOps is a double edged sword.
How to introduce DevOpsSec with or without DevOps.
How a company accelerates their security ROI.
The key to decreasing friction between dev and security teams.
Eliminating all bugs is close to impossible, but by evolving your current DevOps security practices, you’ll increase the security effectiveness of your developers and build cadence with your security team.
Leif is a Senior Security Engineer at Bugcrowd, the innovator in crowdsourced security testing for the enterprise. Prior to joining Bugcrowd, Leif was a Senior Application Security Engineer at Redspin, performing application security assessments. During his time at Redspin he also served as the Application Team Lead, liaising with clients at the engineering and sales level. He has also made minor contributions to the Firebug project. Leif attended the University of California, Santa Barbara where he studied Computer Science; he was most recently invited to be part of the department’s “Array of Talks” panel, a speaker series that he helped develop during his time as an undergraduate student.
Cyphort has developed Next Generation Distributed Software Platform to provide the broadest enterprise visibility and accurate detection of advanced threats & evasion techniques, and zero-day attacks by utilizing behavioral analytics, machine learning, and Long-Data Security-Analytics.
Advanced Malware Defense 2.0 – Key Requirements and Innovations
Salil Panicker is a Sr. Systems Engineer for Cyphort. In this position, Salil is responsible for overseeing pre-sales engineering, acting as a solutions architect for Cyphort’s Advanced Threat Defense platform, and finally a trusted adviser for malware forensics and mitigation. Prior to Cyphort, Salil spent 10+ years at Intel Security working with customers and accounts teams to develop the correct solution fit based upon the customer’s technical and business requirements, using the complete portfolio of Intel Security’s services.
Salil has also held Sr. Sales Engineering positions at Foundstone and NetForensics. Salil has a Bachelor of Science degree in Computer Science from Rutgers University.
“Having worked for a number of intelligence agencies, and seeing both ‘offensive and defensive’ cyber capabilities, I began to better understand the shortcomings of current security offerings. And once I met Dr. Fengmin Gong, we began collaborating on a software-based product that would be much more proactive around the types of incidents and the adversaries themselves.”
— Co-Founder and CTO Ali Golshan