Skip to content

NY Information Security Meetup May Edition

Photo of
Hosted By
David R. and 2 others
NY Information Security Meetup May Edition


Join the largest independent security group in the country for its May 2019 session. We bring the latest and greatest in Enterprise Security presentations:

Title: When is a Red Team a Red Team?

Red teaming exercises are gaining popularity in the cyber security world, but there is still some confusion out there on exactly what these exercises should entail. How can an organization ensure that they are doing a comprehensive, best practice red teaming exercise on their IT infrastructure? In this presentation, we’ll discuss the key components that every red teaming exercise should have at different levels of assurance, the future of red teaming in the industry, and insights gained from Nettitude’s extensive experience running red teaming exercises.

Sanjiv Kawa Bio
Sanjiv Kawa is a Principal Security Consultant with many years of experience performing security assessments and penetration tests. Sanjiv has predominantly conducted penetration tests on the internal and external networks and applications for large fin-tech organizations, retail merchants, payment processors and gateways. Sanjiv has also assisted organizations in healthcare, energy and education institutions with their information security needs and compliance requirements. Sanjiv is an active member in the information security community. He has developed tools such as Wordsmith, presented at large conferences such as BSides and Wild West Hackin’ Fest, and frequently contributes to projects on GitHub and VulnHub.

Talk: Genetic Malware Analysis

Software is evolutionary. All software, whether legitimate or malicious, is comprised of previously written code. Developers reuse code to make their work more efficient and to bring tools to market faster. The same approach applies for malware authors who leverage code reuse when launching new campaigns.

Intezer CEO Itai Tevet will explain the concept of Genetic Malware Analysis and how taking a biological approach to cybersecurity can arm defenders with critical information for profiling threat actor capabilities and detecting and classifying advanced cyber threats including evasive malware and in-memory threats.

Talk: How CPU features are driving advancements in endpoint security

Powerful features, hiding in plain sight in all modern CPUs, are capable of significantly advancing your endpoint security strategy. In this session, you will learn about hardware-enforced security and how your organization can harness these capabilities to secure your endpoints. See real-word examples of CPU technology in action.

Dan Femino has spent the last 15+ years helping Fortune 500 companies reduce risk by implementing leading enterprise security solutions. Today, Dan is a Principle Technical Account Manager at Bromium, helping businesses around the world improve their security posture by adding application isolation to their security stacks.

Talk: The SOC is struggling with petabyte data volumes, static architecture stacks, apex threat actors, and a lack of resources and time. These challenges are directly impacting analysts, who are over-worked, over-stressed, and under-staffed. Find out how Devo is empowering analysts with complete visibility, contextual intelligence, and high-speed security analytics.

Steve's Bio
For the last 15 years Steve Magny has helped organization of all sizes achieve a higher standard of security running Penetration Testing Practices at notable firms such as Neohapsis, iSEC Partners and NCC Group. Since starting his Penetration Testing career as an Intern with @stake Steve has been involved in testing some of the most notable companies and products in the world managing Red Teams, App Sec, Net Sec as well as IR & Breach projects. I