Author

 Roselle Safran & Utpal Desai
LinkedIn
RSS
E-Mail

Profile of Roselle Safran & Utpal Desai

President of Rosint Labs/Director of Product Management of Bitdefender
Member Since: 12/12/2018
Author
News & Commentary Posts: 4
Comments: 1

Roselle Safran is President of Rosint Labs, a cybersecurity consultancy to security teams, leaders, and startups. She is also the Entrepreneur in Residence at Lytical Ventures, a venture capital firm that invests in cybersecurity startups. Previously, Roselle was CEO and Co-Founder of Uplevel Security, which garnered Fortune 1000 customers and numerous industry accolades under her leadership. Earlier, Roselle managed cybersecurity operations at the Executive Office of the President during the Obama Administration, directing the Security Operations Center that protected and defended the White House's network. Before that, she managed security analysis teams at the Department of Homeland Security's US-CERT and spearheaded the development of two cyber-threat intelligence platforms there. LinkedIn profile.

Utpal "U.J." Desai is a Group Product Manager at Bitdefender. He is responsible for developing the vision and road map of Bitdefender Endpoint Security products. U.J. has over 10 years of experience in the cybersecurity space, specializing in endpoint security. He is passionate about building strong products that address customer needs. Prior to joining Bitdefender, he held product management positions at both Symantec and McAfee. Mr. Desai earned a master's degree in computer science from West Illinois University, and attended executive education courses at University of California Berkeley, Haas School of Business. LinkedIn profile.

Articles by Roselle Safran & Utpal Desai

IT Security Administrators Aren't Invincible

3/11/2019
IT security administrators and their teams are responsible for evaluating an organization's security tools and technologies, but are they armed with the proper tools, considerations, and budget to do so? Fourth in a six-part series.

Post a Comment
Crowdsourced vs. Traditional Pen Testing
Alex Haynes, Chief Information Security Officer, CDL,  3/19/2019
BEC Scammer Pleads Guilty
Dark Reading Staff 3/20/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Write a Caption, Win a Starbucks Card! Click Here
Latest Comment: Well, at least it isn't Mobby Dick!
Current Issue
5 Emerging Cyber Threats to Watch for in 2019
Online attackers are constantly developing new, innovative ways to break into the enterprise. This Dark Reading Tech Digest gives an in-depth look at five emerging attack trends and exploits your security team should look out for, along with helpful recommendations on how you can prevent your organization from falling victim.
Flash Poll
The State of Cyber Security Incident Response
The State of Cyber Security Incident Response
Organizations are responding to new threats with new processes for detecting and mitigating them. Here's a look at how the discipline of incident response is evolving.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-9945
PUBLISHED: 2019-03-23
SoftNAS Cloud 4.2.0 and 4.2.1 allows remote command execution. The NGINX default configuration file has a check to verify the status of a user cookie. If not set, a user is redirected to the login page. An arbitrary value can be provided for this cookie to access the web interface without valid user...
CVE-2019-9942
PUBLISHED: 2019-03-23
A sandbox information disclosure exists in Twig before 1.38.0 and 2.x before 2.7.0 because, under some circumstances, it is possible to call the __toString() method on an object even if not allowed by the security policy in place.
CVE-2018-20165
PUBLISHED: 2019-03-22
Cross-site scripting (XSS) vulnerability in OpenText Portal 7.4.4 allows remote attackers to inject arbitrary web script or HTML via the vgnextoid parameter to a menuitem URI.
CVE-2019-1716
PUBLISHED: 2019-03-22
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 7800 Series and Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or execute arbitrary code. The vulnerability ...
CVE-2019-1763
PUBLISHED: 2019-03-22
A vulnerability in the web-based management interface of Session Initiation Protocol (SIP) Software for Cisco IP Phone 8800 Series could allow an unauthenticated, remote attacker to bypass authorization, access critical services, and cause a denial of service (DoS) condition. The vulnerability exist...