Alejandro Hernandez Senior Security Consultant IOActiveWhy
Nominated: A top security consultant who has dedicated himself to improving
security for over 15 years, Alejandro Hernández was responsible for
uncovering major security flaws in stock trading technologies.Profile: Alejandro Hernández, who
presented new, ground-breaking research regarding security flaws in stock
trading technologies during the 2018 Black Hat conference, also discovered
significant stock trading vulnerabilities that bad actors could use to gain
access to consumer’s personal banking information. The flaws would also allow
attackers to steal money as well as be privy to net worth and investment
strategies. He found vulnerabilities such as unencrypted authentication,
communications, passwords and trading data, in addition to remote Denial of
Service (DoS). The financial industry, he found, was riddled with weak password
policies, hardcoded secrets and poor session management.Hernández disclosed his findings
to all vendors affect and intended his research to server as a wake-up call for
the financial industry – he advocates for the industry to adopt stronger
security controls and to follow best practices when they create apps for
trading stock.
A top security consultant, he has
sought to improve security for more than 15 years. In his current position at
IOActive, he advises Global 500 companies in different countries including
Mexico, South Africa, Germany, China, Netherlands, United States, South Korea
and England. Before joining IOActive, he founded Chatsubo Security Labs, which
focused on vulnerability and exploit development, and was a senior IT security
advisor for KPMG.What colleagues say: “An enthusiast of fuzzing and programming, Alejandro is also a pioneer in the exploration of security risks in brain waves technologies. He has spoken in security conferences around the world, such as Black Hat, DEF CON, CODE BLUE (Tokyo), BruCON (Belgium), DragonJARCon (Colombia), Campus Party (Mexico and Colombia) and BugCON (Mexico). While he travels around the world helping companies to improve cybersecurity, he is continuously searching for new threats which often leads to ideas for innovative research about threats overlooked by most security researchers." - Cesar Cerrudo, CTO of IOActive and Founder of Securing Smart CitiesTeri Robinson
The product, which is now in beta for Rubrik Enterprise Edition and cloud customers, aims to address challenges associated with prolonged business outages during cyberattacks, reducing the traditional recovery timeline from days or weeks to moments.
The announcements focused on integrating core security functions like detection, investigation, and response with advanced risk management for business-critical applications and data.
The new features enable rapid threat detection, investigation, and resolution, helping organizations restore operations more quickly, according to the company.
