Established enterprises as well as startups have much to consider when deciding how to build, deliver and maintain information security products that make sense for their businesses and customers. The individuals tasked with creating and overseeing such offerings often have "product management" in their titles. What do these people do? What skills do they possess? This session explores the mindset of a product manager who focuses on information security solutions. Those new to this discipline will better understand whether they should consider such a role. Those already tasked with managing security solutions will benefit from hearing about a lightweight framework that can help them make better decisions about their products.
Lenny Zeltser VP of Products, Minerva Labs
Lenny is a seasoned business and tech leader with extensive experience in information security. He builds innovative endpoint defense solutions as VP of Products at Minerva. Beforehand, Lenny served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. He is also a senior instructor at SANS Institute. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.
Internet communications is cyclic; provisioning and security decisions are not made with one-off traffic units in mind. Traditional in-path firewalls are for this reason often stateful, but the value-add from such state-keeping comes with a healthy downside: the state-keeping is a new attack surface. Given the fate-sharing that goes on behind a firewall, if an attack against some internal resource has the capability of bringing the firewall down and thus affecting other internal resources, then the firewall implicitly becomes an effective force-multiplier for the attacker. There are other ways to do security, which take better account of an attacker's capabilities and alternatives. For example, protocol-aware rate limiting may offer cheaper deployment cost with a better worst-case outcome.
Paul Vixie Chairman and CEO, Farsight Security
Network accessible medical devices are ubiquitous in today’s clinical environment. These devices can be of great aid to healthcare professionals in assessing, treating and monitoring a patient’s condition. However, they can also fall victim to a number of systemic vulnerabilities that can expose personal health information or PHI, compromise the integrity of patient data in transit, and affect the availability of the devices themselves.
This talk looks at the methodology and approach to penetration testing of modern medical devices. It will provide an overview of the various stages of a medical device assessment, including discovery and analysis of a device’s remote and local attack surface, reverse engineering and exploitation of proprietary network protocols, vulnerability discovery in network services, compromising supporting systems, attacking common wireless protocols, exploitation of hardware debug interfaces and bus protocols and assessing proprietary wireless technologies.
It will also cover a number of real world vulnerabilities that the speaker has discovered during medical device penetration testing assessments. These include weak cryptographic implementations, device impersonation and data manipulation vulnerabilities in proprietary protocols, unauthenticated database interfaces, hardcoded credentials/keys and other sensitive information stored in firmware/binaries and the susceptibility of medical devices to remote denial of service attacks.
The talk will conclude with some suggestions on how some of the most common classes of medical device vulnerabilities might be remediated by vendors and also how hospitals and other healthcare providers can defend their medical devices in the meantime.
Robert Portvliet Technical director of red team services, Cylance
Robert Portvliet is technical director of red team services at Cylance with over 8 years’ experience in various disciplines of penetration testing. His focus is on embedded systems and wireless penetration testing and reverse engineering. Prior to joining Cylance, he was the network security service line lead for Foundstone and taught the ‘Ultimate Hacking: Wireless’ class at Blackhat 2011-2013
How many organizations have an effective strategic threat intelligence operation? Many have failed and many struggle to obtain executive buy in or even mild interest in any of their cyber threat intelligence reports. By examining the history of the POTUS's use of intelligence, some powerful lessons can be learned. For instance, one president created and relied on his own private intelligence group of peers. Another president ignored SIGINT completely because of a preference for "cloaks and daggers". Yet another president, told the intelligence community their analysis will support a decision he has already made! These are all important insights into executive leadership, their psychology, and how best to serve their intelligence needs. This presentation will highlight and summarize several key lessons which can be applied to create or improve upon a strategic threat intelligence program.
View presentationPaul Jaramillo Principal Consultant, CrowdStrike
Paul Jaramillo has over ten years of experience conducting incident response and enterprise security operations, including a career with the U.S. Department of Energy’s National Nuclear Security Administration. As a Principal Consultant based out of CrowdStrike’s St. Louis office, Paul participates in customer engagements ranging from breach response to proactive compromise and adversary assessments. Along with the Midwest office, Paul helps customers in taking the fight to the adversary.
Prior to his work at CrowdStrike, Paul was Sr. Manager of IT Security for a Fortune 500 energy company. In this role, he led a global team responsible for incident response, digital forensics, IT security risk management, security operations, and security awareness. Paul also was responsible for building a 10 person, 24/7 global incident response capability at a Fortune 100 international manufacturer. In addition, he has spent time on the offensive side of security as a pen tester for a Fortune 10 conglomerate, as well as 10 years in the telecommunications industry.
Paul has a Bachelors of Business Administration in Management Information Systems from the University of Oklahoma, which he attended as a National Merit and Regents scholarship recipient. Paul currently holds his CISSP and GCFA certification and has previously held EnCE, CCNA, and C|EH certifications. While working for the government, he held both DoD Top Secret and DoE Q clearances. Paul is also the founder of the St. Louis security conference ArchCON. Paul has most recently spoken at BsidesNOLA, ArchCon, BsidesSanDiego and the SANS Threat Hunting Summit.
Not matter what APT threat actor operate in the victims network, there is something in common they share and it's Internet for data exfiltration. I'd like to present a few Anti-APT techniques used by the threat actors in LatAm, Eastern Europe and other regions to bypass detections. All techniques are from real campaigns we track on.
Dmitry Bestuzhev Head of Global Research and Analysis Team for Latin America, Kaspersky
Dmitry Bestuzhev serves as Head of Kaspersky Lab’s Global Research and Analysis Team for Latin America, where he oversees the anti-malware development and investigations of the company’s experts in the region. Dmitry joined Kaspersky Lab in 2007 as a Malware Analyst and was responsible for monitoring the local threat landscape and providing preliminary analyses before going on to become Senior Regional Researcher for the Latin American region in 2008. In 2010, he was appointed to his current role.
In addition to supervising the work of the network of experts in Latin America, Dmitry’s current role also includes producing reports and forecasts for the region and is frequently sought out by international media and organizations for his expert commentary on IT security. Dmitry’s wide field of expertise covers everything from online fraud, through the use of social networking sites by cybercriminals, to corporate security and cyberwar and cyber espionage. Additionally, Dmitry participates in various educational initiatives throughout Latin America.
Dmitry has more than 17 years of experience in IT security across a wide variety of roles and is fluent in English, Spanish and Russian. He’s been working in analysis of targeted attacks for financial institutions, producing intelligence reports.
Detecting callouts to command-and-control (C2) servers used to be straightforward, but attackers in your network have found ways to communicate with the outside world even under the heaviest of scrutiny. In this talk, we discuss ways to use popular websites as means of getting commands and exfiltrating information. We examine the applications of asymmetric communication, from Internet-accessible computers to embedded devices to air-gapped systems. Finally, we give some suggestions to defenders, and discuss how to detect and mitigate risks that enable asymmetric malware.
Brandon Arvanaghi Security Engineer, Gemini
Brandon Arvanaghi is a security engineer at Gemini. Before Gemini, Brandon was a security consultant at Mandiant. Brandon has written tools to detect webshells, obfuscated malware, and to evade sandboxes in every language. He is the author of SessionGopher, CheckPlease, and a contributor to PowerShell Empire. Prior to working in the security industry, Brandon conducted research on automated attack plan generation at Vanderbilt University.
Detecting callouts to command-and-control (C2) servers used to be straightforward, but attackers in your network have found ways to communicate with the outside world even under the heaviest of scrutiny. In this talk, we discuss ways to use popular websites as means of getting commands and exfiltrating information. We examine the applications of asymmetric communication, from Internet-accessible computers to embedded devices to air-gapped systems. Finally, we give some suggestions to defenders, and discuss how to detect and mitigate risks that enable asymmetric malware.
Andrew Johnston Proactive Consultant, Mandiant
Andrew Johnston is a proactive consultant with Mandiant, a division of FireEye. His work focuses on gaining access to critical places and systems through covert tactics. Andrew also is the lead researcher of a team at Fordham University focused on using artificial intelligence to solve problems in the counterterrorism and national defense sphere. He holds a bachelor's degree from Fordham University with a dual major in computer science and applied mathematics.
The security industry has been talking about powerful concepts like good threat intelligence and attacker cost for a long time now, but most organizations are not using these concepts in their security programs, causing them to waste money, time, and energy on efforts that do not stop real attackers.
In this talk, we describe a security program built around adversary intelligence that actually matters. We describe how this program generates more accurate and precise priorities and objectives. We demonstrate how these new risk profiles, attacker playbooks, and attacker cost models can help inform better controls, strategies, and policies.
We focus on picking the controls that are most effective at reducing the risk of successful execution of the playbooks that attackers use everyday. This is only possible with a security program built around attacker intelligence.
We take a deep dive into the practicalities of implementation of these concepts at your organization. What metrics matter to show to management, how this impacts hiring, and how this modifies core workflows in the security team.
Finally, we will close with some of the concrete challenges we encountered in implementing this program and some suggestions on how to work around them.
Julian Cohen Automatic Playbook Testing
Julian Cohen is a risk philosopher. He has passion for creating thoughtful and effective security programs. Julian has been making a name for himself speaking about attackers and the necessity of focusing on offensive security tactics ever since he popped into this world. He is also putting all these ideas into practice at his startup, "Automatic Playbook Testing." In a previous life, Julian was a super spy hacker and an urban explorer.
The security industry has been talking about powerful concepts like good threat intelligence and attacker cost for a long time now, but most organizations are not using these concepts in their security programs, causing them to waste money, time, and energy on efforts that do not stop real attackers.
In this talk, we describe a security program built around adversary intelligence that actually matters. We describe how this program generates more accurate and precise priorities and objectives. We demonstrate how these new risk profiles, attacker playbooks, and attacker cost models can help inform better controls, strategies, and policies.
We focus on picking the controls that are most effective at reducing the risk of successful execution of the playbooks that attackers use everyday. This is only possible with a security program built around attacker intelligence.
We take a deep dive into the practicalities of implementation of these concepts at your organization. What metrics matter to show to management, how this impacts hiring, and how this modifies core workflows in the security team.
Finally, we will close with some of the concrete challenges we encountered in implementing this program and some suggestions on how to work around them.
Justin Berman CISO, Zenefits
Justin Berman is the CISO of Zenefits, but he’s not your typical CISO. Justin thinks very deeply about security concepts and processes that most take for granted. Reflecting on every detail of his program allows him to make more informed decisions where it matters most. Justin cares genuinely about the wellbeing of his team and the efficacy of his program. In a previous life, Justin was a professional photographer and a professional chef.
Adversarial Simulation, Red Team, Threat Emulation, Blue Team, Targeted Attack Simulation, Purple Team or Gold Team - So many labels and buzzwords. No matter what you call it or whatever color shirt you wear / team you identify most with - this talk offers something for you; no matter the camp you are in.
At MWR we've spent many years robbing banks, pulling off casino heists, breaching merchants, bringing down Critical National Infrastructure (CNI), flooding mines, stealing all the things and doxing big corps. But more importantly, we've also helped many of those clients make sure none of the stuff we did, could happen for real.
This presentation will take you on a journey showing you how our TTP's have evolved over the past few years - why we've evolved them, what works now, what doesn't and why - we'll also give you insights into what's coming next. There will be takeaways for everyone - whether your looking to up your offensive game, or as a defender looking to get a heads up on whats gonna be hitting you soon (as well as what to do about it!).
Having delivered assessments all around the world over several years; as part of and separate to regulatory frameworks such as CBEST, TIBER, iCAST, we've sparred with some heavy hitters and a lot of lessons have been learned - we'd like to share some of these with you. There might just be some entertaining tales too - like that one time we were fingered as a new and shiny Russian APT...
After obtaining an initial foothold on an environment, attackers are forced to embark in lateral movement techniques in order to be successful in identifying and exfiltrating sensitive information. To stay ahead of the bad guys, the Blue team needs to have a clear understanding of these techniques as well as the forensic artifacts these techniques leave behind on the victim hosts. Armed with this knowledge, we can proactively hunt for lateral movement in the environment before exfiltration can occur. This presentation will analyze Lateral Movement from both a Red and Blue team perspective and introduce Oriana, a lateral movement hunting tool that can assist the Blue team in catching the adversary.
Many organizations participate in Security Awareness training. Whether it is something that is produced internally or supplied by a third-party vendor, the goals are the same: educate the user to prevent becoming the next big breach in the news. We all know the phrase ‘you can’t patch humans’, but what metrics can we use to see if our awareness efforts are effective? Believe it or not, Security Analysts have access to a lot of valuable information that can show us just how effective these programs are… and no, I’m not just talking about the results of your last phishing campaign.
Kendra Cooley Senior Security Operations Engineer, MailChimp
Kendra has over five years of experience in several areas of Information Security including user administration, security operations and compliance. She focuses primarily on Incident Response and user education. Kendra holds a Bachelor’s degree in Digital Forensics and the CISSP certification.
Kendra speaks regularly at Security related events and is an advocate for practicing proper security hygiene. In her free time she enjoys drinking wine and memorizing movie lines.
Cranes, trains, building controls, oil rigs, and …ceiling fans? Recent developments have made secure wireless protocols more common, but the fact is there’s still a swarm of simpler RF controls in the wireless world around us. Luckily, the onset of Software Defined Radios (SDRs) means analyzing these insecure signals is easier than ever! We'll explore the basics of capturing and reversing simple RF control signals with the affordable RTL-SDR. With a little exploration through this menagerie of signals, we can unravel the mysteries of their operation and better understand what risk they pose to the environments we protect.
These days, most adversaries will attempt to run code somewhere on your network in order to establish a command and control channel; application whitelisting is a key security control. This talk will demonstrate a number of common and less common techniques for being able to run code or interact with a locked down environment, seen through the eyes of an operational simulated attacker.
Advanced mathematics made simpler: Spectral Hypergraph Analysis for mortals. Imagine lighting up and "shining" your network logs through a special prism that would separate behaviors into a "spectrum" that would indicate to you things that are going on on your network. Some of the those things might be important discoveries with security implications. Doing this would be like how astronomers determine the materials that are burning in a distant star, using a special telescope to get the spectrum of that star's light. It turns out that there is a mathematical way to do this on network logs, involving a generalization of the Fourier Transform over high dimensional graphs. This talk will explain this technology in accessible ways, and show examples of its use in discovering "bad stuff" on a very large network.
View presentationRichard Lethin President, Reservoir Labs
Richard Lethin is President at Reservoir Labs, a private research laboratory in New York City. Reservoir performs R&D for in the area of high performance computing, which includes projects developing new technologies for high speed communication processing with applications to cyber security. Some of these results are available as products, including the ENSIGN tensor decomposition tool and the R-Scope networks sensor. Richard formed Reservoir after completing his Ph.D. at the MIT AI Laboratory in 1997, where for his thesis he contributed to the development and analysis of a massively parallel message-driven computing system called the J-Machine, under the supervision of Professor William Dally. Prior to MIT, Richard worked as an engineer at the startup company Multiflow, founded by Dr. Josh Fisher, John O’Donnell and John Ruttenberg, that developed the world’s first of the now ubiquitous Very Large Instruction Word (VLIW) computer architectures, and where he was responsible for the floating point data paths. Richard is also Associate Professor (Adjunct) in Electrical Engineering at Yale, where he teaches courses including Computer Architecture for Cognitive Computing.
YARA has recently included a module that enables researchers the creation of more fine grained rules for malware written for the .NET framework. These files contain valuable metadata embedded which can enable us to pinpoint a specific threat and reduce our number of false positives detections.
This presentation will focus on the peculiarities of obtaining indicators of compromise from .NET malware samples and writing reliable YARA rules using its latest module. I’ll be showing real world examples and releasing a convenient tool that can query metadata information from large sets of .NET files
Santiago Pontiroli Security Analyst | Global Research and Analysis Team (GReAT), Kaspersky Lab Latin America
Santiago Pontiroli joined Kaspersky Lab as a Security Researcher in October 2013. His principal responsibilities include the analysis and investigation of security threats in the SOLA region (South of Latin America), web application security, the development of automatization tools stemming from threat intelligence studies and the reverse engineering of programs with malicious code.
In recent years more services and people have moved to two-factor authentication. While everybody loves talking about the advantages of 2FA, little attention has been given to its downsides. Attackers have started adapting to ubiquitous 2FA and are finding new ways to take over accounts ranging anywhere from email to online banking and (crypto currency) trading services.
In this talk we will show how attackers can exploit various 2FA and account recovery implementation issues to hijack accounts. We will also propose defensive measures for both architects and end-users.
Galina Antova Co-Founder, Claroty
Galina Antova is cybersecurity executive and entrepreneur focused on OT/ICS cybersecurity. Galina co-founded Claroty to help advance the state of cybersecurity for critical infrastructure. Prior to that, she was the Global Head of Industrial Security Services at Siemens, overseeing development of its services that protect industrial customers against cyber-attacks. She was also responsible for leading its Cyber Security Practice and Cyber Security Operations Center, which provided managed security services for industrial control systems operators. Previously, Ms. Antova was with IBM Canada, with roles in the Provisioning and Cloud Solutions business. She holds a BS in Computer Science from York University in Toronto, and an MBA from the International Institute of Management and Development (IMD) in Lausanne, Switzerland.
Roselle Safran President, Rosint Labs & EIR at Antecedent Ventures
Loren Mahler Founder, Dealy Mahler Strategies
Irena Damsky VP Research, ThreatSTOP
Irena Damsky is an Israeli security and intelligence researcher with a disturbing affection to cats and unicorns. When she is not busy watching cartoons she is the VP Research for ThreatSTOP running the security analysis team and making the internet safer for everyone. In the past she used to work for Check Point, reached a rank of Captain (now in reserve) in the Israeli Defense forces and even managed to earn both an Bsc and Msc in computer science.
Mikala Vidal Vice President of Marketing, Uplevel Security
Mikala Vidal is the vice president of marketing at Uplevel Security, an adaptive system of record and intelligence for modern security operations. In previous roles she’s helped cybersecurity companies like Cato Networks, Intralinks (acquired by Synchronoss), Exabeam, WatchDox (acquired by BlackBerry), NSFOCUS and Waterfall Security stand out in crowded markets, generate awareness, and gain market traction through targeted and effective storytelling. She is a data-driven marketer who believes that transparency and authenticity are instrumental in making a company and its marketing successful.
Nicole Enslein Founder and CEO, Sublime Communications
As CEO & Founder of Sublime Communications, Nicole Enslein has successfully launched brands, reinvented well-known brands, and created new brands and product categories for Fortune 500 companies. As the Agency of Record for Cylance, a leading cyber security company, she led the development of a multi-channel global advertising campaign, which in a single year generated incredible growth and recognition for the company. Over the course of the past year she has led the team to become the AOR for Eureka and Cyberforce, a cyber security master reseller, the media buying AOR for Mimecast, and AOR for Averon, a fully automated mobile security solution. She also works with other cyber security companies including ProtectWise and Optiv. Prior to Sublime Communications, as Director of National Advertising for UPS, she developed a new strategy to reposition and update the company. “What can Brown do for you?” became the campaign, which successfully supported the brand for years. Along the way she managed a diverse portfolio of brands for major companies including: Pfizer, GlaxoSmithKline, Johnson & Johnson, Wyeth, L’Oreal, Citibank, TD Ameritrade, Bayer, AstraZeneca, Ferring Pharmaceuticals, Andrew Jergens, Liz Claiborne, Brown-Forman, Ferrero Rocher, Waterford Wedgwood and Boar’s Head Provisions. She has also worked at many of the big agencies: J. Walter Thompson, Bozell, McCann-Erickson, Bates and Hill Holliday. Among her biggest successes was exceeding revenue projections for Pfizer Consumer Healthcare, launching a new category and product portfolio for the consumer healthcare division, as well as supporting existing brands Benadryl, Sudafed, PediaCare, Neosporin and Unisom. She worked on the EFFIE Award-winning campaign that introduced SmithKline’s NicoDerm CQ, catapulting it to category leadership. She also has strong product innovation expertise having patented technology for Pfizer.
Jessica Santana Co-Founder & Director, New York On Tech
Jessica Santana is an entrepreneur, technologist, writer and philanthropist who is passionate about people, products and building community. In 2014, she co-founded New York On Tech (NYOT), an award winning organization that creates pathways for underrepresented students into degrees and careers in tech. NYOT's work has been featured in media outlets such as Forbes, CNN and Huffington Post. Jessica has presented and spoken to over 50 different audiences and been named a Forbes 30 Under 30, Wells Fargo Millennial Activist, Ashoka / American Express Emerging Innovator, Pahara Institute Next-Gen Leader, Camelback Ventures Social Innovation Fellow and a World Economic Forum Global Shaper. Jessica is a member of the NationSwell Council and one of the ambassadors for the NCWIT and Televisa Foundation's TECHNOLOchicas initiative. Prior to NYOT, she worked as a technology consultant for global brands that include Accenture and Deloitte. She worked on digital projects for financial services organizations and federal agencies in New York and Washington D.C. Her specialties are in product strategy, design and management. She completed the JPMorganChase Global Enterprise Technology Leadership program and was recognized as a Deloitte Future Leaders Apprentice and a Morgan Stanley Emerging Leader. She graduated with degrees in Accounting and Information Technology from Syracuse University.
Omri Segev Moyal Co-Founder, VP Research, Minerva Labs
Omri is a curiosity-driven researcher and malware expert. Prior to Minerva Labs, Omri served as CTO of ClearSky Cybersecurity, where he led the development and implementation of a wide spread cyber intelligence monitoring network and was head of the Incident Response Team. In his previous roles Omri gained global experience and extensive expertise in reverse engineering, malware research and testing advanced malware solutions in both laboratory and enterprise production environments. Omri served in the Israel Defense Forces (IDF) Intelligence Unit and studied for a BSc in Computer and Information Sciences.
Adrian Mahieu Co-Founder and CEO, Cortex Insight
Adrian has many years experience working within the security functions of industries and understands the business side of security. Building and running companies & events in a number of vertical sectors has given him the skills and experience to lead the Cortex Insight team. Adrian also founded alien8 Security, the European distributor for Immunity Inc. He is the Co-founder and Event Director of ‘44CON’ and Founder of Infosec in the City taking place in Singapore in May 2018. Adrian has a MSc in Information Security from Royal Holloway and a BSc in Computer Science.
Regine Gilbert Sr. UX Design Consultant
Regine Gilbert is a user experience designer, educator, and international public speaker in NYC with over 10 years of experience working in the technology arena. Currently, she is a Sr. UX Design Consultant. Regine has a strong belief in making the world a more accessible place--one that starts and ends with the user. She started her career in design as a fashion designer, then quickly evolved into working in a corporate information technology setting before returning to the world of design. She is passionate about accessibility, design and technology.
Joe Bernik Chief Strategist, McAfee
Joe Bernik has over two decades of experience creating and implementing cyber security management programs at global financial institutions. While serving as CISO and head of information risk and security at ABN AMRO Bank, Fifth Third Bank and BNY Mellon, Mr., Bernik lead global teams dedicated to protecting customer data, complying with data-related laws and regulations, and managing incident response programs. Mr. Bernik started his career with the US Defense Department of Defense (DOD) securing military systems.
Joe has is an avid speaker and writer and has held posts on several industry groups including the Federal Reserve Council on Fraud the Financial Services Information Sharing and Analysis Center (FS-ISAC) and the Open Web Application Security Project (OWASP). Mr. Bernik holds a bachelors in information systems from the University of Mary Washington and has completed graduate studies in business administration at The City University of New York.
Ryan Young Chief Operating Officer, Atlantic IT Group
As co-founder and COO of Atlantic IT Group, Ryan uses his entrepreneurial, strategy, sales, branding, and leadership experience to help customers isolate and implement break through security and IT technology infrastructure solutions to reduce complexity and streamline business operations. In addition, Ryan serves as an investor and board member on several technology start-up companies overseeing their go-to- market strategy and business development. Some of these technology verticals include:
- Security
- Smart A/V
- IoT
- Artificial intelligence
- WAN infrastructure
- Open-source software
Before devoting his efforts to Atlantic IT Group, Ryan was a co-founder and COO of TorreyPoint, a network consultancy which became an $85M+/year company that was ranked #10 in Silicon Valley and #755 in America on Inc's Fastest Growing Companies list in 2012. Torrey Point was sold to FishNet Security in 2013, which was subsequently merged with Accuvant Security to become North America's largest private security company, Optiv. Ryan’s portfolio of customers include some of the largest enterprise, service provider and public sector brands in the world.
Glenn P. Edwards Jr. is a Technical Director with FireEye where he specializes in Incident Response and Digital Forensics. Glenn holds a M.S degree in Digital Forensics from the University of Central Florida as well as a B.S. degree in Information Security and Privacy from High Point University.
Brad Antoniewicz works in Cisco Umbrella’s security research group. He is an Adjunct Professor teaching Vulnerability Analysis and Exploitation and a Hacker in Residence at NYU’s Tandon School of Engineering. Antoniewicz is also a Contributing Author to both the Hacking Exposed and Hacking Exposed: Wireless series of books.
Brian McHenry has over 20 years of experience as an information technology professional, from early days in software validation and desktop support to dot-com startups and global NOCs and everything in between. Since 2008, he has focused his passion for solving problems while working for F5 Networks. Currently, McHenry is F5's global lead for customer solutions, spending his time on speaking engagements, hacking in the lab on new solutions, and helping to shape the future of F5 security product offerings.
Janine Medina
Coordinator extraordinaire who makes things go at BSidesNYC. If you want to know more, you’ll have to ask her yourself
Dave Giancaspro
Dr. Richard Lovely
Richard Lovely is Director of the John Jay College Digital Forensics and Cybersecurity Program and an Associate Professor in the Department of Sociology at John Jay College, CUNY. He earned his Ph.D. at Yale University and a B.A. from the University of Southern Florida. Prior to his academic career he served as a U.S. Army Signal Corps instructor, a counter-intelligence officer with the US Army with a specialty in electronic counter-measures, and as a special agent with the US Secret Service. He also has experience as an international management consultant and facilitator for executive leadership training. On the academic and policy side of his career, he has worked as a research associate for the judicial system in Connecticut and has done research on search and seizure law, causes of serious violence, and organizational innovation. As well, he has also developed software applications for data retrieval and mining for institutional research on student data. Currently he teaches seminars in cybercriminology (CRJ/FCM 727) and data analysis (CRJ 716). His current research interests concern cybercrime, credentialing in forensics and security, the relationship of online privacy to social stigma, and educational outcomes assessment.
Glenn P. Edwards Jr. is a Technical Director with FireEye where he specializes in Incident Response and Digital Forensics. Glenn holds a M.S degree in Digital Forensics from the University of Central Florida as well as a B.S. degree in Information Security and Privacy from High Point University.
Brad Antoniewicz works in Cisco Umbrella’s security research group. He is an Adjunct Professor teaching Vulnerability Analysis and Exploitation and a Hacker in Residence at NYU’s Tandon School of Engineering. Antoniewicz is also a Contributing Author to both the Hacking Exposed and Hacking Exposed: Wireless series of books.
Jamie Levy is a senior researcher, developer and board member of the Volatility Foundation. She worked on various R&D projects and forensic cases while previously working at Guidance Software, Inc, and later at Verizon Terremark. Jamie has taught classes in Computer Forensics and Computer Science at Queens College (CUNY) and John Jay College (CUNY). She has a Masters in Forensic Computing from John Jay College and is an avid contributor to the open source Computer Forensics community. She is an active developer on the Volatility Framework. In her day job, Jamie currently works as a Senior Security Researcher, where she leads hunting engagements.
Lenny is a seasoned business and tech leader with extensive experience in information security. He builds innovative endpoint defense solutions as VP of Products at Minerva. Beforehand, Lenny served as a Director of Product Management at a Fortune 500 company with a focus on security software and services. Previously, he led the enterprise security consulting practice at a major cloud services provider. A frequent public speaker and writer, Lenny has co-authored books on network security and malicious software. He is also a senior instructor at SANS Institute. Lenny holds an MBA from MIT Sloan and a Computer Science degree from the University of Pennsylvania.
Vladimir Wolstencroft is a security consultant specialising in telecom and enterprise IT security, focusing on all aspects from reversing telecom elements to auditing signalling stacks. Previously working as a senior security consultant with Aura in New Zealand, head of training and telecom auditor with P1 Security in France, Vladimir now works with Twilio combining telecom experience with the standards of IT security to help defend cloud and signalling infrastructures. Vladimir has previously delivered trainings and has spoken at RECON, HITB, Troopers, BSIDES, RMISC, H2HC, Day-Con, IIANZ and others around the topics of Telecom security, compromising and attacking cloud based apps such as Uber and Snapchat and reversing security appliances.