NCC Group NYC Open Forum at Etsy!

We are excited to work with Etsy in putting on our next NCC Open Forum! Anyone in the NYC area is welcome to come eat, have a drink, and learn a thing or two from our guest speakers in the infosec community!

Food, drinks, & social to begin at 6pm, talks begin at 6:30pm. Please RSVP!

Speaker: Angelo Mellos
Talk Title: This talk will explore the state of cloud security tooling at Etsy. More detailed information to come.

Abstract: As companies are moving to the cloud, they are finding a need for security tooling to audit and analyze their cloud environments. Over the last few years, various tools have been developed for this purpose. We'll look at some of them and consider the uses for them. Specifically, we'll take a close look at G-Scout: from its origins as a tool for consultants, through its evolution to "G-Scout Enterprise", and consider its role within an ecosystem of other cloud logging and monitoring tools used at Etsy.
Speaker Bio: Angelo is a security engineer at Etsy. Before that he was a consultant for NCC Group. He has done a lot of work with cloud security, and GCP specifically.

Speaker: Chaim Mazal - ActiveCampaign
Talk Title: Building Bridges: using security architecture to connect your organizations future - a 7 part novel by Chaim Mazal

Abstract: As SaaS companies experience extreme growth, sometimes impactful longterm decisions are made in the short term. These architectural decisions need to embrace and consider the overall security infrastructure of the end-to-end platform, creating a cohesiveness that enables long term scalable platform development. Here is how ActiveCampaign bridged the gap with our Security Product Engineering team addressing architectural security issues, which in turn empowered the organization to scale up with long term foundational goals in mind.

Speaker Bio: Head of Global Information Security at ActiveCampaign leading 4 teams with 20+ team members. Chaim has built security programs at 3 of the 5 largest valued tech startups in Chicago, all with multi billion dollar valuations. Chaim is a lifetime member and contributor to the OWASP foundation and an advisory board member of multiple multi billion dollar valued Security SaaS companies.

Speaker: Mason Hemmel - NCC Group
Talk Title: Towards Mature Solutions in Enterprise Cryptocurrency Storage.
Speaker Bio: Mason Hemmel is a Senior Security Consultant with NCC Group's Cryptography Services, a worldwide leader in information assurance and expert security consultancy. He has performed security research in cryptography, cryptocurrency, spearphishing, and cloud security, creating a list of common smart contract vulnerabilities at dasp.co, discovering a novel cloud covert channel and implementing a twitter botnet in the process of this research.
Mason specializes in auditing cryptographic solutions, with his public
projects including audits of Cloudflare's implementation of TLS 1.3
draft 18, Google's Android Cloud Backup/Restore solution, and the Padloc password manager. Mason holds a BS and MS from Johns Hopkins University.

Abstract:
As cryptocurrency moves into the mainstream, financial institutions have
found themselves holding digital currency in the absence of meaningful
best practice or compliance guidance. The irreversible nature of
cryptocurrency transactions makes theft a deep concern, and the need to retain compliance with external bodies in the absence of public
standards for such leaves both the institutions and their guarantors in
a lurch. Leveraging his experience navigating these issues, Mason will
discuss the most salient issues facing institutional holders of
cryptocurrency along with sketches for managing their risk.