NYC Google Cloud Security User Group / Mandiant Community Night

The Mandiant Community Night is an informal, fun and informative Cybersecurity event hosted at the Google office to collaborate, discover and network over food and drinks with a like minded Cyber Security community. 

You can expect best practices and advice rooted in Mandiant’s observations of real world attacks, plus gain access to valuable networking with our Cyber Security community.

17:30 - 18:15 Registration & Networking
18:15 - 18:20 Welcome & Housekeeping
18:20 - 18:40 Mandiant Cyber Security Presentation 1 
18:45 - 19:05 Mandiant Cyber Security Presentation 2
19:10 - 19:30 Mandiant Cyber Security Presentation 3
19:30 - 21:00 Discussion & Networking
21:00 Event Close

Presentation 1: Matthew Rotlevi: "Bang for your Buck" – Smallest Defense Upgrades to Massively Frustrate Red Teamers

In the high-stakes game of keeping businesses safe, defenders often feel they are losing a race against time amidst a growing web of threats. While multi-million dollar tools grab the news, the strongest defenses often hide within the forgotten corners of built-in settings. This talk steers away from the "buy more" mindset. Instead, we look at focused hardening steps that give back outsized wins for your organization.

We will explore three specific adjustments that break common techniques used by skilled attackers. By tightening access controls, disabling legacy services, and enforcing cryptographic integrity, administrators can effectively "raise the floor" of their security posture. Guests will leave with a roadmap for implementing high-impact, low-cost configuration changes that turn a network from a playground of low-hanging fruit into a rigorous, frustrating environment for any red teamer.

Presentation 2: Keith Knapp: "Ships in the Sky"

Presentation on a complex nation-state intrusion targeting a SATCOM provider. The investigation identified evidence of satellite terminal spoofing for initial access. Additionally, the team's analysis identified two previously unknown vulnerabilities embedded in proprietary satellite management software, which the threat actor abused for privilege escalation, lateral movement, and payload delivery.

Presentation 3: Adin Drabkin with Nick Guttilla: "The Hidden Cost of Saying Hello: How We Voice Phish Our Way Through Fortune 500 Networks"

As attackers continue to shift focus from email-based phishing to phone-based social engineering, inter-personal trust becomes the target. This session details cutting-edge social engineering techniques, focusing on OSINT, real-time voice cloning, and authenticated lateral movement. Learn how Mandiant replicates Tactics, Techniques, and Procedures to impersonate administrative users, compromise corporate network perimiters, and obtain access to sensitive data.