Past Meetings

How to identify abnormal users applications’ behaviors quickly and accurately without false alarms

Tuesday, January 18, 2022 - 6:00pm

Dr. David Movshovitz is an expert in software development and information security. David was the co-founder and VP R&D at Algotec Systems Ltd. that was acquired by Kodak, a CTO and VP R&D of Magnifire Ltd. that was acquired by F5 Networks, and a CTO and co-founder of Navajo Systems Ltd. that has been acquired by Salesforce.com. David also headed a R&D team in the IDF and has earned the Israeli Defense Award for professional excellence.

Read more about How to identify abnormal users applications’ behaviors quickly and accurately without false alarms

2021 SV-ISSA Winter Holiday Event

Tuesday, December 14, 2021 - 5:30pm

You are invited to

2021 SV-ISSA Winter Holiday Event

On December 14

At 5:30 p.m.

Fuego Sports Bar and Club

140 S Murphy Avenue,

Sunnyvale, CA 94086

Please be sure to RSVP

Read more about 2021 SV-ISSA Winter Holiday Event

Using‌ ‌Capture‌ ‌the‌ ‌Flag‌ ‌contests‌ ‌to‌ ‌recruit,‌ ‌identify,‌ ‌and‌ ‌train‌ ‌talent

Tuesday, November 16, 2021 - 6:00pm

Do‌ ‌you‌ ‌want‌ ‌to‌ ‌know‌ ‌how‌ ‌to‌ ‌build‌ ‌a‌ ‌top-ranked‌ ‌competitive‌ ‌security‌ ‌team?‌ ‌I‌ ‌don’t‌ ‌mean‌ ‌some‌‌
sort‌ ‌of‌ ‌certification‌ ‌--‌ ‌I‌ ‌mean‌ ‌a‌ ‌team‌ ‌of‌ ‌master‌ ‌hackers‌ ‌who‌ ‌can‌ ‌bend‌ ‌systems‌ ‌to‌ ‌their‌ ‌will‌ ‌to‌‌
achieve‌ ‌any‌ ‌objective.‌ ‌
‌
It’s‌ ‌all‌ ‌about‌ ‌the‌ ‌system.‌ ‌In‌ ‌sports,‌ ‌we‌ ‌understand‌ ‌systems‌ ‌that‌ ‌coaches‌ ‌can‌ ‌use‌ ‌to‌ ‌build‌ ‌a‌‌
system‌ ‌for‌ ‌identifying‌ ‌talent,‌ ‌recruiting‌ ‌them,‌ ‌training‌ ‌them‌ ‌up,‌ ‌and‌ ‌competing‌ ‌in‌ ‌big‌ ‌games.‌‌

Read more about Using‌ ‌Capture‌ ‌the‌ ‌Flag‌ ‌contests‌ ‌to‌ ‌recruit,‌ ‌identify,‌ ‌and‌ ‌train‌ ‌talent

Turing in a Box: Applying Artificial Intelligence as a Service to Targeted Phishing and Defending Against AI Generated Attacks

Tuesday, October 19, 2021 - 6:00pm

With recent advances in next-generation language models such as OpenAI's GPT-3, AI generated text has reached a level of sophistication that matches or even exceeds human generated output. The proliferation of Artificial Intelligence as a Service (AIaaS) products places these capabilities in the hands of a global market, bypassing the need to independently train models or rely on open-source pre-trained models. By greatly reducing the barriers to entry, AIaaS gives consumers access to state-of-the-art AI capabilities at a fraction of the cost through user-friendly APIs.

Read more about Turing in a Box: Applying Artificial Intelligence as a Service to Targeted Phishing and Defending Against AI Generated Attacks

Software Container Supply Chain Risk from a Developer's Perspective

Tuesday, September 21, 2021 - 6:00pm

Software Supply Chain risk has quickly become the topic of the day with the fallout from the Solar Winds hack among others being a prime example of the risks of malicious code being inserted upstream in the software supply chain. The question for hands-on practitioners is what does this mean from a practical, ground level, developer’s perspective? In this presentation, we delve deep into practical demonstrations of common container security issues and offer practical solutions.

Read more about Software Container Supply Chain Risk from a Developer's Perspective

Workshop on API Security & Risk Management

Tuesday, August 17, 2021 - 6:00pm

APIs are software glue that is revolutionizing our digital worlds by helping enable the next industrial revolution driven by AI/ML and IoT. Implications of APIs are profound on organizations both positive (innovation, newer business models, competitive differentiation etc.) and negative (hidden attack vector, business continuity impact etc.).

Read more about Workshop on API Security & Risk Management

Identity and Access Management: Good for Cybersecurity, Not So Much for Information Security

Tuesday, July 20, 2021 - 6:00pm

While cybersecurity is broad in both its context and application, information security is singularly focused on the protection of data. In practice however, most organizations repeatedly use the same tools, controls, strategies, mindset, etc., to defend against cyber-attacks as they do to protect their data. The unfortunate reality is that most tools are designed fundamentally to address cybersecurity, and while these tools may to some degree help with information security, it’s really not their raison d’être.

In this session, we will argue the importance of segregating IAM controls from information security mechanisms and why doing so can enhance your security posture.

Dimitri holds BBA and MBA degrees from Baruch College and earned his JD from Brooklyn Law School. Prior to co-founding Atakama, Dimitri spent 15 years as an attorney, most recently practicing regulatory and enforcement law at Bingham McCutchen where he represented large financial institutions in high-stakes matters. Dimitri began his career at Merrill Lynch.

Read more about Identity and Access Management: Good for Cybersecurity, Not So Much for Information Security

Web3 and Blockchain Threats

Tuesday, June 15, 2021 - 6:00pm

As the world moves from Web2 to Web3, threats are evolving. Moving forward, we need a framework for not only protecting against cryptocurrency and blockchain attacks, but also a method to share that information. In this talk, Rick will discuss some of the threats he has seen at some of the top cryptocurrency exchanges as well as discuss a framework for threat intel in the future.

Rick Deacon headshot

Rick Deacon is co-founder of Apozy(browser visibility and protection), a stealth Web3 cybersecurity company(blockchain and cryptocurrency), and RADwood(80's and 90's automotive festival). Rick has been a cybersecurity professional for over 12 years, beginning his career as a penetration tester. Rick has spoken at DEFCON, B-Sides, ISSA, and numerous other conferences in the past, with a focus on offensive and defensive security.

Read more about Web3 and Blockchain Threats

Trending Malware families, and techniques used to evade

Tuesday, May 18, 2021 - 6:00pm

In the past few years, there has been a tremendous increase in Malware attacks, with both private and governmental organizations losing thousands of dollars in ransomware attacks. In this session, we will take a deeper look into the Malware families that have been on the rise, and the techniques used by the malware writers (attackers) to evade detection.

Read more about Trending Malware families, and techniques used to evade

The Collision of Crypto Assets and Security on You and Me

Tuesday, April 20, 2021 - 6:00pm

Nobel Tan

A veteran in the cybersecurity space, Nobel Tan is Chief Technology Officer for Uppsala Security and Sentinel Protocol, where he spearheads product development and intelligence research. Prior to this, Nobel also served as the company’s Head of Security Operations and Head of Engineering. Nobel is based in Singapore near the corporate HQ of Uppsala Security. An engineer by training with over a decade of expertise in Information Security and IT risk strategy in the cybersecurity sector, Nobel previously led a team of technical engineers at FireEye Inc. In that capacity, he oversaw the FireEye Cloud Product and related services such as Web and Email Threat Prevention. Beyond the office, Nobel has also been recognized for his contributions to the industry; he received a 2014 Award of Excellence by EVP Customer Services for creating transformative impact in customer services organizations.

Read more about The Collision of Crypto Assets and Security on You and Me

Past Meetings

Pages