Past Meetings

The changing Threat landscape and what impact it has on Ransomware

Tuesday, May 17, 2022 - 6:00pm

The Russian- Ukrainian Crisis have sparked a chain reaction of cyber events that are changing the Threat Landscape. Join this session to learn what Cyber activity Trellix has observed related to the conflict and what impact these global events had on Russian based cybercrime groups. We will dive into the leaked communications of a top tier Ransomware gang called Conti and learn about their, strategy, partnerships, and RU-government connections.  Lastly we will discuss how all of this might eventually change the future threat landscape.

Human Security Engineering: Stop Relying on the Failed Human Firewall

Tuesday, March 15, 2022 - 6:00pm

While the main perception is that the “user problem” is due to a malicious party trying to trick well intentioned users, users who are unaware, apathetic, careless, etc., are more likely to be the cause of loss. Either way, the cybersecurity industry realizes this and develops tactics such as awareness, MFA, DLP, etc. to mitigate the problem. Despite all of these tactics, 90%+ of all losses result from attacks targeting users. This presentation is a comprehensive strategy to address the insider threat, whether it results from malicious or well-meaning insiders.

How to identify abnormal users applications’ behaviors quickly and accurately without false alarms

Tuesday, January 18, 2022 - 6:00pm

Dr. David Movshovitz is an expert in software development and information security. David was the co-founder and VP R&D at Algotec Systems Ltd. that was acquired by Kodak, a CTO and VP R&D of Magnifire Ltd. that was acquired by F5 Networks, and a CTO and co-founder of Navajo Systems Ltd. that has been acquired by David also headed a R&D team in the IDF and has earned the Israeli Defense Award for professional excellence.

Using‌ ‌Capture‌ ‌the‌ ‌Flag‌ ‌contests‌ ‌to‌ ‌recruit,‌ ‌identify,‌ ‌and‌ ‌train‌ ‌talent

Tuesday, November 16, 2021 - 6:00pm

Do‌ ‌you‌ ‌want‌ ‌to‌ ‌know‌ ‌how‌ ‌to‌ ‌build‌ ‌a‌ ‌top-ranked‌ ‌competitive‌ ‌security‌ ‌team?‌ ‌I‌ ‌don’t‌ ‌mean‌ ‌some‌‌
sort‌ ‌of‌ ‌certification‌ ‌--‌ ‌I‌ ‌mean‌ ‌a‌ ‌team‌ ‌of‌ ‌master‌ ‌hackers‌ ‌who‌ ‌can‌ ‌bend‌ ‌systems‌ ‌to‌ ‌their‌ ‌will‌ ‌to‌‌
achieve‌ ‌any‌ ‌objective.‌ ‌

It’s‌ ‌all‌ ‌about‌ ‌the‌ ‌system.‌ ‌In‌ ‌sports,‌ ‌we‌ ‌understand‌ ‌systems‌ ‌that‌ ‌coaches‌ ‌can‌ ‌use‌ ‌to‌ ‌build‌ ‌a‌‌
system‌ ‌for‌ ‌identifying‌ ‌talent,‌ ‌recruiting‌ ‌them,‌ ‌training‌ ‌them‌ ‌up,‌ ‌and‌ ‌competing‌ ‌in‌ ‌big‌ ‌games.‌‌

Turing in a Box: Applying Artificial Intelligence as a Service to Targeted Phishing and Defending Against AI Generated Attacks

Tuesday, October 19, 2021 - 6:00pm

With recent advances in next-generation language models such as OpenAI's GPT-3, AI generated text has reached a level of sophistication that matches or even exceeds human generated output. The proliferation of Artificial Intelligence as a Service (AIaaS) products places these capabilities in the hands of a global market, bypassing the need to independently train models or rely on open-source pre-trained models. By greatly reducing the barriers to entry, AIaaS gives consumers access to state-of-the-art AI capabilities at a fraction of the cost through user-friendly APIs.

Software Container Supply Chain Risk from a Developer's Perspective

Tuesday, September 21, 2021 - 6:00pm

Software Supply Chain risk has quickly become the topic of the day with the fallout from the Solar Winds hack among others being a prime example of the risks of malicious code being inserted upstream in the software supply chain. The question for hands-on practitioners is what does this mean from a practical, ground level, developer’s perspective? In this presentation, we delve deep into practical demonstrations of common container security issues and offer practical solutions.