Boston Security May 2026 Meetup
Details
Important Notices
Starting in May 2026 we will start using Meetup's QR code check-in process to make sure only registered users are allowed at our events. We will also start tracking registered user no-shows, and after 3 incidents you will be removed from the group. Being on the wait-list is not an eligibility to attend the event, it only gives you the ability to move to registered list if someone cancels their registration more than 48hrs prior to the event.
Repeat cancellations with less than 48 hrs of notice may count towards your no-show count if it happens repeatedly.
During registration please provide a full name that matches the one on your ID. If the registered name doesn't match your ID, meetup organizers or the building security reserve the right to decline entry.
All meetup venues we currently use require us to provide a list of names (First & Last) to their door security so they can check people in at the time of the event. We are also required to bring "a picture ID" that matches the name we provide at the time of registration. Please be mindful of this requirement and provide the necessary information to ensure a smooth check in process at the door. Thank you for your cooperation - the management! There will be no entry without a confirmed RSVP. No pets or tele-presence bots allowed.
What: Two talks as usual!
>>> Bring your favorite stickers and tell us where you got it. Bring extras and swap it with fellow security enthusiasts at the sticker swap table! <<<
Talk 1 - How the internet enables Organized Cyber-Crime by Will Lefevers
Description
An overview of types organized crime on the internet and how the internet enables organized crime organizations. Examples include the DPRK IT workers scam, Russian Ransomware-as-a-service ecosystems, Southeast Asian pig-butchering, and western stunt-hacking groups. This talk was written for university audiences and is lighter on technical details.
Speaker Bio
Will Lefevers is a Principal Security Engineer for a $1B cloud company with 25 years of experience in Security Operations and Engineering. His miscreant journey includes 11 years in intelligence & cyberwarfare for the US Military, a Masters of Engineering, back-to-back startups, and graduating from NSA's top hacking school. He does not take himself seriously, and neither should you.
Talk 2 - Beyond Functionality: How I Secured My FastAPI Email Web App by Anshumaan Mishra
Description
This talk will be based on describing secure code best practices while vibe coding an application. The talk explores common security risks—including OAuth pitfalls, CSRF, replay attacks, endpoint exposure, and secure attachment handling and shares practical defenses implemented in real code.
Speaker Bio
I am an entry level security professional currently working in Security Automation engineer interested in Application and AI security.
When: May 21st 2026, Doors open 6 30 PM
Where: 7AI Downtown Boston Office
10 St James Ave
