Skip to content

Details

Important Notice

All meetup venues we currently use require us to provide a list of names (First & Last) to their door security so they can check people in at the time of the event. We are also required to bring "a picture ID" that matches the name we provide at the time of registration. Please be mindful of this requirement and provide the necessary information to ensure a smooth check in process at the door. Thank you for your cooperation - the management! RSVP closes September 17th 4 PM, RSVP soon to reserve a spot! There will be no entry without a confirmed RSVP.

ONLY HUMANS ALLOWED AT THIS EVENT

TWO TALKS!

What: We continue to our two talk format. We also will have a cool sticker swap and show & tell slot.

>>> Bring your favorite stickers and tell us where you got it. Bring extras and swap it with fellow security enthusiasts at the sticker swap table! <<<

Talk #1 - Call for Speakers Submission: npm should-i-install: Malicious npm packages Anatomy, Detection gaps and AI's role​ by Diptendu Kar and Derian Stenglein

Description
This talk examines the escalating npm supply chain security crisis through recent real-world attacks. Following three major compromises in August-September 2025 (NX/s1ngularity, chalk/debug, and Shai-hulud worm), we'll dissect how attackers infiltrate dependencies through account takeovers, typosquatting, and dependency confusion. We'll explore payload delivery techniques including install-time scripts, obfuscated code, and novel AI weaponization methods. The presentation evaluates AI's potential for detection, and proposes practical defense strategies including safe installation wrappers and sandboxing. Essential insights for developers navigating the treacherous landscape of modern dependency management.

Speaker Bio - Diptendu and Derian are supply chain security researchers at Semgrep

Talk#2 - Spreadsheet Sorcery for Security by Kate Nachbar (Ruh)

Description - Every tool has "Export to CSV": let's learn best practices in excel, and how to clean, analyze, and visualize your security data to highlight progress and impact.

Speaker Bio - Kate is one of the organizers. She is also a site reliability engineer at EnergySage

When: Nov 20, 2025, Doors Open 6:30 PM, Talks start 7 PM
Where: Wellington
280 Congress St
Boston MA 02210

Events in Boston, MA
Application Security
Computer Security
Network Security
Hacking
Information Security

Sponsors

Sponsor logo
Bishop Fox
Bishop Fox provides logistical support for our meetup events.
Sponsor logo
Rapid7
Rapid7 is one of our venue sponsors for Boston Security Meetup.
Sponsor logo
FHLBank Boston
FHLBank Boston is one of our venue sponsors for Boston Security Meetup.
Sponsor logo
GreyNoise
Turning internet noise into intelligence
Sponsor logo
Recorded Future
One of our location sponsors
Sponsor logo
TrustCloud
Food & Beverage Sponsor
Sponsor logo
Wellington Management Company LLP
Hosts and Food and Drink Sponsors!
Sponsor logo
Mobb
Food and Beverage Sponsor

Members are also interested in