Summercon 2025

The New York State Office of Information Technology Services (ITS) was established in 2012 and is the largest consolidated IT organization in America. At ITS, we deliver modern technology solutions that connect NYS agencies, entities, commissions and local governments with millions of New Yorkers. Our talented ITS employees are leaders, innovators and drivers of positive change who have won countless state and national awards. We believe technology is transformational, and we will never stop striving to do better, be better and improve the way we operate.

Our skilled cyber professionals protect the state’s systems and data from intrusion and attack, provide cyber incident response assistance, distribute real-time advisories and alerts, provide managed security services, and deliver comprehensive cybersecurity awareness training for state and local employees. We have enhanced the customer experience by creating simple, seamless and improved digital services, which are easily accessed by New Yorkers from every region.

Want to know more about how ITS, a NYS Agency on the rise, makes IT Happen? Visit our website at its.ny.gov.

Etsy is the global marketplace for unique and creative goods. We build, power, and evolve the tools and technologies that connect millions of entrepreneurs with millions of buyers around the world. As an Etsy Inc. employee, whether a team member of Etsy, Reverb, or Depop, you will tackle unique, meaningful, and large-scale problems alongside passionate coworkers, all the while making a rewarding impact and Keeping Commerce Human.

RET2 is a computer security research firm founded in 2017. Driven by experience in the commercial and defense industries, we strive to reimagine vulnerability research, program analysis, and security education as it exists today. We quantify success through the practical application of our tailored
research and technologies.

Atredis Partners is a research-driven Information Security consultancy. We deliver advanced penetration testing, embedded security research, and cutting edge risk management. Our team is made up of some of the most respected hackers in the information security industry, and we thrive on hacking complicated targets, on time and under budget. Our HQ also happens to be in the birth city of SummerCon, but we’re pretty sure the Best Western in North Saint Louis burned down years ago.

Bishop Fox is the leading authority in offensive security, providing solutions ranging from continuous penetration testing, red teaming, and attack surface management to product, cloud, and application security assessments. Discover why our Cosmos platform, service innovation, and culture of excellence draw industry awards, and our offerings are consistently ranked as “world class” by customers. 

North Pole Security (NPS) offers a proactive solution to endpoint security by focusing on prevention rather than detection and response. NPS develops the open source security agent Santa, that the team started while at Google. Santa operates on macOS endpoints, enforcing policies based on a “naughty or nice” list. NPS’ new control plane Workshop pairs Santa with a streamlined approval process to ensure your business runs safely and seamlessly.

RED BALLOON SECURITY was founded by Dr. Ang Cui out of Columbia University’s Intrusion Detection Systems Lab in 2011 with its pioneering technology, Symbiote Defense. Today, its R&D has expanded to a team of world-class researchers and developers who continue to publish seminal research papers on embedded security and intrusion detection.
Since its inception, the team at Red Balloon has partnered with the U.S. Department of Defense and Department of Homeland Security, performing on funded research activities and deploying its defensive technologies on a range of critical embedded systems. The company has also ethically disclosed vulnerabilities in hundreds of millions of embedded devices and continues to advance the state of embedded device security as part of its mission.

Azeria Labs was founded in 2017 on the realization that Arm-based devices were rapidly taking over the world and hardly anyone was looking closely at how to analyze them for vulnerabilities. Our mission is to equip the next generation of security experts with the skills to both defend and exploit Arm-powered systems, from IoT devices to smartphones and beyond. Under the leadership of Maria Markstedter—renowned Arm exploitation expert, author of Blue Fox: Arm Assembly Internals and Reverse Engineering, and adjunct professor at Johns Hopkins SAIS—Azeria Labs provides private, world-class training courses to organizations around the globe. Through meticulously crafted courses and continuous innovation, Azeria Labs remains at the forefront of Arm-focused cybersecurity training.

Epsilon is a European company providing security research services.
We specialize in vulnerability research and exploit development, focusing on mobile devices (iOS and Android). We’re hiring talented researchers who want to evolve in a friendly and benevolent environment.

Scorpion Labs is a Boston-based offensive security team, that uses threat-driven penetration testing to provide impactful and actionable results to customers across nearly every industry vertical. The team provides network, application, and product-focused penetration testing.

Catalyst Security is a growing team of highly experienced vulnerability researchers, working on solving the most challenging problems in support of our customers. We are currently hiring senior researchers skilled in the areas of iOS, Android, 0click, and Browser research. We offer highly competitive compensation, a supportive and fun work environment, and the chance to work with an exceptionally skilled world-class team of researchers.

At Collectors, we’re revolutionizing the world of collectibles with cutting-edge technology that powers authentication, grading, trading, and security at scale. From rare coins and trading cards to video games and event memorabilia, our platforms protect billions of dollars in assets across physical and digital ecosystems. With brands like PSA, PCGS, and WATA under our belt, we’re backed by 1,900+ global team members and a relentless drive to bring trust, transparency, and innovation to collectors worldwide.

We’re looking for security engineers who want to build resilient, high-integrity systems in a fast-moving environment – people who can anticipate threats, design secure architectures, and protect passionate collectors across every touchpoint. If you’re ready to engineer trust at scale, visit https://www.collectors.com/careers for more information on our open roles.

RunSybil is a startup scaling offensive security by automating hacker intuition. RunSybil’s flagship AI-driven penetration testing platform, Sybil, autonomously finds vulnerabilities faster than human hackers and enables organizations to identify and fix weaknesses before they can be exploited. It combines state-of-the-art artificial intelligence with deep cybersecurity expertise to deliver active defense capabilities that simulate real attacker behavior. RunSybil’s core team includes seasoned industry veterans from OpenAI, Meta, Mandiant, NCC Group, and Trail of Bits.

Triple Haven Technologies was founded in 2016 and is a team comprised of Reverse Engineers, Vulnerability Researchers, Tool Developers, and System Engineers. Our staff experience ranges from mid-level engineers to senior engineers and includes multiple subject matter experts. As a small cyber security focused company, Triple Haven is experienced in providing efficient, successful, deployable, and customized solutions to customers at mission speed.