Liubovi Miculet Junior GRC Analyst
Information Security, SoftServe
Yevhen Kurilenkov Intermediate SecOps Specialist
Security Operations Specialist, Softserve Inc
Roman Ostap Security Researcher
Security researcher and Automation/Manual QA team leader with over 8 years of experience in IT sphere. By annual results in March 2017 got Top Performer award from Software Development Office. While last 5 years in parallel with leading QA teams, developing automation frameworks, business analysis and providing consulting and training services on multiple projects, actively worked on security analytics. Contributed as speaker in Security Hole, OWASP Ukraine Meetup, Mobile Development Day and IT Weekend events.
Mykola Perehinets Security Researcher
Experienced System/Storage engineer and Security researcher with over 18 years of strong development & operation experience in working with Data Centers and distributed big data, storage solutions. My expertise lies in complex computing systems, storages, analytics(include security), virtualization and networking technologies, throughout my career I have been able to gain a significant amount of experience in working with various technologies and systems as well as organizations around the globe. I am attentive to details and work with the end result always in mind.
Volodymyr has over 10 years of experience in software development. Successfully led complex projects with small and middle teams, covering various aspects of software development, process and methodology. Having PhD degree in artificial intelligence and currently he’s working as Solution Architect for SoftServe company. Last time he’s been working as architect on versatile security projects such as secure Web/Email Gateway and endpoint protection applications.
Cloud-Based Protection Ecosystem above and beyond
Worldwide spending on information security products and services are growing every year. It's very important to understand modern cybersecurity threats and existing security products landscape. In this talk it will be demonstrated different products capabilities and their technical limitations from versatile fastest-growing cybersecurity segments. Topics from Web security, Email security, endpoint protection and access management will be covered.
Iurii Garasym Head of Corporate Security at ELEKS and President of Cloud Security Alliance Lviv Chapter
Iurii's professional goal is to make business survivable. He focuses on security program development / improvement based on emerging security solutions and integrate those into business goals, objectives, strategy and activities.
SOAPA - one more step forward in security technology integration
Organizations are using robust security tools to protect themselves. We know a lot of 3-letter words like EDR, MDM, DLP; some with 4 - SIEM, MSSP, and here is one in 5 - SOAPA :) Every new tool for responding to threats can overwhelm already overworked security teams. Integrating all of the tools and capabilities available is the key to defending your organization. Why we touch SOAPA if we have SIEM? It's an attempt to structure the thoughts, rise questions and find answers. Let's see what will happen in 2018.
Bohdan Serednytskyi Manual Penetration Tester, CEH
Bohdan is Manual Penetration Tester at SoftServe, CEH, conducting Web-Application Security Assessments, Penetration Testing, Mobile Application Security Assessments and SDLC projects. Spoke at IT Arena, Bsides Kyiv, OWASP Wroclaw Meetup, Security Hole and Pacemaker.
Michael Kropyva InfoSec Manager, SoftServe
A computer and cyber security expert with almost 13 years of hands-on experience. Core responsibilities are establishing and maintaining enterprise InfoSec governance, risk management and compliance processes by operating enterprise Information Security Management System developed according to ISO 27001 standard. Establishing operations of the enterprise’s security solutions through management of the organization’s Security Operations (SecOps) team.
Security compliance for cloud providers - customer`s perspective
Nowadays organizations often involve service providers to carry out certain IT functions. At the same time, it is only right to question whether a service provider can securely perform the contracted services. For service providers, it is equally important to convince their current and potential customers that the services provided comply with the relevant security standards. And how does one determine if the organizations with which outsourcing companies are doing business (financial services firms, healthcare providers, utilities, educational and public sector institutions, just to mention a few) conduct their businesses securely from a data security perspective? It would be inefficient for service providers and clients to define and monitor a set of IT security requirements for each and every contract. Referencing internationally recognized and accepted standards is a much more efficient solution, as both sides are familiar with and, hopefully, similarly interpret them. Obtaining and maintaining a certification can be a one-time decision, a contractual obligation, or even a legal requirement. No matter the reason, implementing a complex IT security control system is necessary for compliance.