“Talesh was a simple pleasure to work with. He has the wealth of knowledge that you would expect for the position he was picked. He was also one of the few that knew Magento as well as we needed him to know. The company was lucky to be able to hire him. He has been instrumental in bringing the company's Magento launch platform as close to launch as possible. His presence was simply an asset to the organization. His presence also helped increase the kind of teamwork the company now enjoys in that team. He will certainly have been missed.”
About
AI Architecture consultant focused on safe and trustworthy Generative AI applications. I…
Contributions
-
Onboarding a new third-party vendor for cybersecurity. What steps should you take to spot potential risks?
Another tip: When doing Risk Analysis, ensure that your risk measurements are aligned with those of the vendor. What might be high risk for you may only qualify and low risk for them. Having done your home work on your own risk appetite before engaging the vendor very much helps with this rather than trying to discover it together.
-
You're facing a cybersecurity breach at work. How can you address it without alarming your team?
When focusing on the "Move Forward" step, a few things I have found helpful: - Focus on the confidence the new processes and tools will give our team. - Adversity builds stronger teams, do not be surprised if they emerge from a security incidence as a stronger more cohesive team with a bit of encouragement. - Set a schedule in place for ongoing reviews and reassessment of security protocols implemented after the incident. - Set a schedules in place for occasional security education as defence strategies evolve.
-
Your team is resistant to following security protocols. How can you persuade them without impacting morale?
In my experience, when working with software engineers on application security, explaining the "why" of any security task is incredibly important. Very often building security into any application can be the boring part, and some teams will avoid implementation. Being able to explain the concept of defence in depth and how it beats shortcomings in all other parts of an application goes a long way to improving morale. It doesn't hurt to share a report full of green checkmarks for safety tests passing with the development team.
-
You're facing evolving cybersecurity threats. How do you keep senior leadership informed?
Having a cybersecurity Incident Response Plan is great, but it is not sufficient on its own. It is my opinion that periodically testing the plan through mock incidents is the most important part. It will identify vulnerabilities and gaps that may not be apparent until the plan is put into action which will then fuel revisions and improvements of the plan. I have found that this process is almost always missed in all companies that have an Incidence Response plan.
Activity
-
We're working on Agentic Security also. I highly recommend you join us, there is a lot to explore in this space!
We're working on Agentic Security also. I highly recommend you join us, there is a lot to explore in this space!
Shared by Talesh Seeparsan
-
This is a great opportunity to have input into the Magento Association's priorities for next year!
This is a great opportunity to have input into the Magento Association's priorities for next year!
Liked by Talesh Seeparsan
-
We're recruiting for an excellent Magento backend developer at JH. The proper details will come separately. There's a permanent opportunity and a…
We're recruiting for an excellent Magento backend developer at JH. The proper details will come separately. There's a permanent opportunity and a…
Liked by Talesh Seeparsan
Education
Licenses & Certifications
Volunteer Experience
-
Volunteer Mountain Guide
Mountain Guide
- Present 12 years 3 months
Environment
Wilderness First Aid certified outdoor leader
-
International Speaker
Speaking Experience
Science and Technology
Live
2015 - Meet Magento NYC: A Trailmap for Magento Security
2015 - Meet Magento Spain: A Guide to crafting an Incident Response plan
2016 - Magento Imagine: Security Arms race OWASP Top Ten
2016 - Magento Imagine: Business Leaders Security panel
2016 - Magento Developers Paradise: Built in defences for the OWASP Top Ten
2016 - MageStackDay: Strategies for handling Zero Day vulnerabilities
2016 - Meet Magento Poland: Building custom security logging for your eCommerce…Live
2015 - Meet Magento NYC: A Trailmap for Magento Security
2015 - Meet Magento Spain: A Guide to crafting an Incident Response plan
2016 - Magento Imagine: Security Arms race OWASP Top Ten
2016 - Magento Imagine: Business Leaders Security panel
2016 - Magento Developers Paradise: Built in defences for the OWASP Top Ten
2016 - MageStackDay: Strategies for handling Zero Day vulnerabilities
2016 - Meet Magento Poland: Building custom security logging for your eCommerce store
2016 - Magento Unconference Netherlands: OWASP Top Ten + Defense strategies
2016 - Meet Magento Spain: Proactive Security Strategies for staying on top of threats
2016 - Meet Magento Japan: Static Analysis Security Testing for eCommerce stores
2017 - Meet Magento Croatia: Dynamic Analysis Security Testing workshop using OWASP ZAP
2017 - Magento Live India: The first steps to building secure Magento sites
2018 - Meet Magento Italy: The Hound of the Malwarevilles
2018 - Meet Magento Singapore: Security conversations with engineers
2018 - Meet Magento Dubai: Security conversations with engineers
2018 - Meet Magento Poland: Patterns of Credit Card Malware
2018 - Defcon 416: Patterns of Credit Card Malware
2019 - Magento Imagine: Lessons in Fortbuilding
2020 - Adobe Summit: Magento Security for Developers training workshop
2021 - Adobe Summit: The New Rules for Securing PWA
2022 - Meet Magento UK: Static Analysis for Security
2022 - Meet Magento NYC: Your code is secure, but what about everything else?
2023 - Meet Magento NYC: Is AI coming for my Magento job?
2023 - YMCA Western Canada: AI in Organizations: Perils, Policies and Possibilities
Podcast Appearances
2018 - Ecommerceaholic: The State of the Magento Community and the Bug Bounty Program
2019 - Core of Commerce: Building Better Security for Your eCommerce Site
2021 - We Hack Purple: Ecommerce Security
2022 - Swift Otter: Preventing Security Breaches
2024 - Infosecurity Magazine: Mastering Software Supply Chain Security -
Recommendations received
3 people have recommended Talesh
Join now to viewMore activity by Talesh
-
My mother-in-law is heading back to Korea today 😢. She has Alzheimer’s, and there have been a couple of heart-stopping moments when she’s wandered…
My mother-in-law is heading back to Korea today 😢. She has Alzheimer’s, and there have been a couple of heart-stopping moments when she’s wandered…
Liked by Talesh Seeparsan
-
Magento Association Board Elections 2024 – Announcing the Winner of the Public Voting Track! 🎉 The Magento Association Board Elections 2024 have…
Magento Association Board Elections 2024 – Announcing the Winner of the Public Voting Track! 🎉 The Magento Association Board Elections 2024 have…
Liked by Talesh Seeparsan
-
Charitable contributions are one of my favourite ways to save on taxes - the benefit extends further than just us, we actually get to make an impact!…
Charitable contributions are one of my favourite ways to save on taxes - the benefit extends further than just us, we actually get to make an impact!…
Liked by Talesh Seeparsan
-
📢 Exciting news from the OWASP GenAI Project! We’re proud to release the updated 2025 Top 10 Risks for Large Language Models (LLMs), a crucial…
📢 Exciting news from the OWASP GenAI Project! We’re proud to release the updated 2025 Top 10 Risks for Large Language Models (LLMs), a crucial…
Liked by Talesh Seeparsan
-
AI and Machine Learning - important and timely topics! Thank you Vaishali Nirwan, Talesh Seeparsan, and Zaid Haddad for joining our Tech Talks and…
AI and Machine Learning - important and timely topics! Thank you Vaishali Nirwan, Talesh Seeparsan, and Zaid Haddad for joining our Tech Talks and…
Liked by Talesh Seeparsan
-
Yesterday, I had the opportunity to attend the AI and Machine Learning Career Talk at Langara College, and it was truly an insightful experience…
Yesterday, I had the opportunity to attend the AI and Machine Learning Career Talk at Langara College, and it was truly an insightful experience…
Liked by Talesh Seeparsan
Other similar profiles
Explore more posts
-
iSecurity Social
Entro Security Labs Releases Non-Human Identities Research Security Advisory: Analysis of millions of real-world NHI secrets by Entro Security Labs reveals widespread, significant risks, emphasizes need for improved Secrets Management security practices Entro Security, pioneer of the award-winning Non-Human Identity (NHI) and Secrets Management platform, today released its research report, “2025 State of Non-Human Identities and Secrets in Cybersecurity.” The Entro Security Lab found […] The post Entro Security Labs Releases Non-Human Identities Research Security Advisory appeared first on Cyber Security News. #CyberSecurity #InfoSec
-
Noah Gift
Starting to do more research on #zerotrust and looking for what organizations publish on #auditing. I am sorry, but a "self-assessment" is a 0/10 for me. Cannot wait to dig more into what we actually know about #cloud security, 3rd party auditing and more.... https://lnkd.in/eKxaa3Pv #zerotrust #github #microsoft
-
Manoj M
ICANN has announced upcoming fee hikes impacting domain name registries and registrars—a cost that often trickles down to domain registrants. Here’s a simplified breakdown of the key changes: Registries: ICANN plans to raise the quarterly fixed fee from $6,250 to $6,450, and the per-domain transaction fee from $0.25 to $0.258. Future increases will align with inflation. Registrars: The per-domain transaction fee will increase from $0.18 to $0.20, and the total variable fee, divided among registrars, will rise from $3.42 million to $3.80 million. ICANN holds the contractual right to raise registry fees. However, any increase in registrar fees requires the approval of registrars who represent at least two-thirds of total registrar fees paid. These adjustments follow a rollback of past pricing. ICANN had previously applied a 10% discount as an incentive for registrars to adopt the 2009 Registrar Accreditation Agreement—a measure long overdue for review. With most registrars passing the per-domain fee to customers, registrants will likely see this increase as a distinct line item.
-
CybrMonk
GitLab Product Security Update Advisory (CVE&2024&7047)Overview GitLab has released an update to address a vulnerability in their products. Users of affected versions are advised to update to the latest version. Affected Products CVE-2024-7047 GitLab CE/EE versions: 16.6 (inclusive) ~ 17.0.5 (exclusive) GitLab CE/EE versions: 17.1 (inclusive) ~ 17.1.3 (exclusive) GitLab CE/EE versions: 17.2 (inclusive) ~ 17.2.1 (exclusive) Resolved Vulnerabilities XSS vulnerability that could allow an attacker to execute arbitrary script in the context of the currently logged in user(CVE-2024-7047) Vulnerability Patches Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version. CVE-2024-7047 GitLab CE/EE version: 17.0.5 GitLab CE/EE version: 17.1.3 GitLab CE/EE version: 17.2.1 Referenced Sites [1] CVE-2024-7047 Detail https://lnkd.in/dGNBGRxv [2] CVE-2024-7047.json https://lnkd.in/dmCP57cE Article Link: GitLab Product Security Update Advisory (CVE-2024-7047) – ASEC 1 post - 1 participant Read full topic GitLab, Product, Security, Update, Advisory, CVE-2024-7047
-
Rob Black
The Trust Center tools offered by compliance vendors are pretty slick. They describe the organization's compliance program, what certifications and attestations they have, what controls they have in place, who their subprocessors are. In many respect, these are good tools that organizations should deploy. I have looked at a number of trust sites and have found a few themes. 1) The request for access to SOC 2 attestation report or similar documentation is not necessarily followed up on. While the company set up the site, they did not work on the process for when requests were made. I used the tool for one of our vendors (who doesn't have a great program) and they failed to respond. Since I am an actual customer I assume that I should be approved but they have not. I would bet that this behavior is not unique. 2) The controls listed on the website are very generic. I get that you are picking from a menu of controls. Someone in marketing is not crafting the specific language that is appropriate for your organization and site. Good trust centers should have language that is 100% applicable to the organization and not "The company requires authentication to production datastores to use authorized secure authentication mechanisms, such as unique SSH key." The sentence above does not give a good sense of the control or even if it is really being performed. 3) Speaking of not getting a good sense of things. Many of these pages do not give you good context for the cybersecurity program. I would like to see something like "Our cybersecurity team is led by Jane Smith, CISSP. We focus on x, y, and z." Maybe some statistics about the program. Most of these pages just give you raw information about the program. What do you think of Trust Center pages? Do they make things better or worse? Let us know in the comments below. #fciso
15 Comments -
Delightfully VirtuAl - Worldwide WFH Job Board- Don't forget to hit follow!
DVA is not associated with this job posting ISSO US-Remote https://lnkd.in/gFPunaYC Responsibilities Correlates threat data from various sources to establish the identity and modus operandi of hackers active in client's networks and posing a potential threat. Provides the customer with assessments and reports facilitating situational awareness and understanding of current cyber threats and adversaries. Develops cyber threat profiles based on geographic region, country, group, or individual actors. Produces cyber threat assessments based on entity threat analysis. May provide computer forensic and intrusion support to high technology investigations in the form of computer evidence seizure, computer forensic analysis, data recovery, and network assessments. Researches and maintains proficiency in tools, techniques, countermeasures, and trends in computer network vulnerabilities, data hiding and network security and encryption. Collaborates with intrusion analysts to identify, report on, and coordinate remediation of cyber threats to the client. Provides timely and actionable sanitized intelligence to cyber incident response professionals. Leverages technical knowledge of computer systems and networks with cyber threat information to assess the client's security posture. Conducts intelligence analysis to assess intrusion signatures, tactics, techniques and procedures associated with preparation for and execution of cyber attacks. Researches hackers, hacker techniques, vulnerabilities, exploits, and provides detailed briefings and intelligence reports to leadership. #freelance #freelancer #graphicdesign #design #art #logo #business #branding #entrepreneur #graphicdesigner #illustration #photography #designer #marketing #artist #creative #illustrator #work #dise #cfbr #smallbusiness #digitalart #instagram #socialmedia #startup #photographer #workfromhome #photoshop #freelancelife #freelancing
-
Keith McCammon
This report by Cyentia Institute is likely the most comprehensive (and definitely the most elegant) analysis of vulnerability exploitation data to date, and a masterclass in industry partnership and reporting - https://lnkd.in/gg6JNvPv By any measure, vulnerability exploitation is among the top few initial access vectors. Time-to-exploit is being methodically driven down. Time-to-patch isn't keeping pace. This type of analysis provides us with the metrics and insights we need to continue improving prioritization, and ultimately vulnerability management performance. And selfishly, because I'm a huge proponent of organizations using Cybersecurity and Infrastructure Security Agency KEV as a "good enough for most" means of prioritization, I was super pleased to see KEV performance included in the analysis. This type of research is only possible when vendors not only share data, but invest in high quality research (which isn't cheap, but is wildly valuable). Huge thanks to Tenable, JupiterOne, Nucleus Security and the many other sponsors who made this possible. Props to Jay Jacobs for leading this effort, and to he and Wade Baker, Ph.D. for the incredible research team and company they've built.
11 Comments -
Wade Baker, Ph.D.
Jay Jacobs and I have been working a lot this week on the inaugural study of EPSS performance. Thought I'd share a pretty chart that Jay churned out yesterday. It addresses the question "What’s the typical pattern of exploitation activity?" As you may suspect, the answer depends on the vulnerability in question. Some vulns are continuously exploited for long periods of time. Some are just a flash in the pan. Exploits of others come in fits and starts. Some real-world examples of these patterns are demonstrated in the chart below, which depicts observed exploitation activity for five CVEs over the course of 2023. #vulnerabilitymanagement #vulnerabilities #vulnerabilityexploitation #cyberattacks
30 Comments -
David (Dave) Hawkins🎖
📱 I use and highly recommend Avast for personal computer and mobile device protection. https://lnkd.in/gAdRNXr3 Cybersecurity firm ThreatFabric has flagged a new series of banking Trojan malware dubbed "Brokewell" that can swipe user data including cookies and even allow attackers to gain full remote access to Android devices. "Brokewell poses a significant threat to the banking industry, providing attackers with remote access to all assets available through mobile banking," ThreatFabric writes in its analysis, which was first reported by SecurityWeek. "The Trojan appears to be in active development, with new commands added almost daily." Attackers gain access to victims' Android devices by tricking them into installing Brokewell Trojan malware on their smartphones. The malware is typically disguised as a fake Google Chrome web browser "update" page, using a visual design, layout, and text that's very similar to a legitimate Chrome installation prompt. Like many scams, however, the fake Chrome page's text has obvious grammatical errors. Instead of Google's original, which reads "The browser built to be yours," the Brokewell-infested fake version reads "An update is required yours." One installed on a victim's Android device, the malware gives attackers free reign to spy on the user's device to swipe financial login credentials or even type and click on the phone's screen to steal funds directly from the victim's phone itself. The Android trojan also allows for other device takeover functions like drawing on the screen, moving back or to the home screen, or simulating swiping motions. The attacker could even harass or troll the victim by sending incessant phone vibrations, waking up the phone's screen, or changing the screen's brightness level. ThreatFabric reports that an individual claiming their name is "Baron Samedit Marais" has taken responsibility for the malware's creation and is supposedly selling the Brokewell malware along with a range of other malicious tools through a site called "Brokewell Cyber Labs." Brokewell malware has targeted Klarna accounts in the past, and a screenshot shared by the cybersecurity firm suggests the threat actor may also be offering tools that target PayPal, Amazon, Dropbox, Apple, and American Express accounts. #android #malware #banking #smartphones #cybersecurity
1 Comment -
StartupsBiz
✦ Stacklok's MINDER project has been donated to the OPEN SOURCE SECURITY FOUNDATION to boost SOFTWARE SUPPLY CHAIN SECURITY. ✦ MINDER enables development teams to enforce proactive checks and policies using SIGSTORE for CRYPTOGRAPHIC SIGNING. ✦ Its EXTENSIBLE FRAMEWORK is designed to integrate with other security tools to address OPEN SOURCE VULNERABILITIES revealed by past CYBER INCIDENTS. #OpenSource #CyberSecurity #SoftwareSecurity
-
CybrMonk
Apache StreamPipes Security Update AdvisoryOverview Apache has released an update to address a vulnerability in StreamPipes. Users of affected versions are advised to update to the latest version. Affected Products CVE-2024-29868 Apache StreamPipes versions: 0.69.0 (inclusive) ~ 0.93.0 (inclusive) Resolved Vulnerabilities Cryptographically vulnerable pseudorandom number generator (PRNG) vulnerability in user self-registration and password recovery mechanisms (CVE-2024-29868) Vulnerability Patches Vulnerability Patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version. CVE-2024-29868 Apache StreamPipes version: 0.95.0 Referenced Sites [1] CVE-2024-29868 Detail https://lnkd.in/dqXnMWEB [2] CVE-2024-29868: Apache StreamPipes, Apace StreamPipes: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) in Recovery Token Generation https://lnkd.in/dn6eSXmw Article Link: Apache StreamPipes Security Update Advisory – ASEC 1 post - 1 participant Read full topic Apache, StreamPipes, Security, Update, Advisory
-
Jim Stevens
I think the most important forensics question to ask during a breach investigation is "why did this happen?" We always get the "what" trickled truthed out over time (usually after attackers leak things to disprove the initial rosey public relations non-answers from the target). And when I say "why" I am looking for the real root cause. Were security controls treated as check boxes and not rigorously implemented and validated? Was the team rushed due to practical issues like funding or artificial deadlines to keep the bureaucracy happy? Is the tech stack they built on fundamentally insecure due to design flaws, lack of proper testing, cutting corners, slow response on vulnerability management, or supply chain uncertainty? And so on. I think people are afraid of asking why because no one wants to face the hard truths. That's why we get Target-level attacks several times a week now and it's normalized. This week was AT&T text message metadata , Advanced Auto Parts, Evolve Bank, and more. Data for millions of customers stolen in each case. This situation is what failure on cybersecurity looks like and is unacceptable. Without the why, we can't begin to heal. And reflexive action for the sake of action can't fix anything without the underlying the actual why.
-
Casey Ellis
Secure by design. Assume breach. Shift right. TDIR. Threat-informed defense. Anti-fragility. ...I'm liking the trends in defensive thinking that I'm seeing at the moment, fundamental truths of information entropy and the defenders dilemma starting to appear in forward planning. In many ways this harks all the way back to to v1.0 of antivirus, which taught us the fragility of deny-lists, and the resilience of allow-lists. The speed of technology combined with the speed of adversarial innovation necessitates flipping the script.
17 Comments -
Yaniv Ozerzon
Relying Solely on the NVD or severity score? You Might Be Exposed The National Vulnerability Database (NVD) has been facing serious delays this year. Budget cuts and a rising number of reported vulnerabilities have slowed NVD's ability to keep up. The result? over 93% of new vulnerabilities still waiting for analysis. This backlog means that if your security tools rely exclusively on the NVD for vulnerability data, you’re likely missing out on a significant portion of recent threats. Even more concerning, attackers are adapting their tactics. Instead of focusing solely on high-severity vulnerabilities, they are now exploiting medium and low-severity issues, vulnerabilities that may not even be flagged yet by the NVD, which may leave you with a huge blind spot. What should you do? Check your SCA tool: If your vulnerability management system depends entirely on the NVD, you're likely missing many recent vulnerabilities. Focus on exploitability: Don’t just prioritize critical vulnerabilities. Medium and low-severity vulnerabilities can be just as dangerous if they are easy for attackers to exploit. Stay proactive. Stay protected. #FOSSAware #OpenSourceSecurity #VulnerabilityManagement #NVD #OpenSourceRisk
-
CyberSecurity Peek
Zohocorp’s ManageEngine has disclosed a critical vulnerability in its ADAudit Plus software during a significant cybersecurity development. It’s a popular tool used for Active Directory auditing and reporting. The vulnerability, identified as CVE-2024-49574, exposes versions of ADAudit Plus prior to build 8123 to potential SQL injection attacks. The security flaw, classified as high severity, specifically […] For daily news and analysis subscribe to the https://lnkd.in/gZsiTT2x newsletter. #CyberSecurity #Tech #DataProtection
-
CloudGuard
You're doing alert triage wrong and here's why. 👇 For SOC analysts like Vaughan, who have worked the day-to-day manually investigating incidents. Alert fatigue becomes a major issue. With alert fatigue comes the increased likelihood of making mistakes. SOC analysts have to get it right EVERY time, yet threat actors only have to get it right ONCE (and they are waiting for you to slip up). Step in automation. 💡 Automation helps take the pressure off your team by automating alert fatigue inducing incidents. Learn more from Vaughan, our SOC Leader below.
1 Comment
Explore collaborative articles
We’re unlocking community knowledge in a new way. Experts add insights directly into each article, started with the help of AI.
Explore More