OWASP - User contributions [en]

Israel

2017-10-02T19:28:05Z

YossiOren: link to appsecil17 from the "current attiuvity" page

[[Category:OWASP_Chapter]]
[[image:Owasp_Israel_logo.png|center|500px]]
__NOTOC__ 


= Welcome =

{{Chapter Template|chaptername=Israel|extra= |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-israel|emailarchives=http://lists.owasp.org/pipermail/owasp-israel}}


= Current Activity =

== Meetings ==

* Get ready for OWASP [[AppSec Israel 2017]], to be held on October 17-18, 2017!
* OWASP Europe 2018 is planned to be in Israel. For sponsorship, questions, suggestions and more, contanct '''[mailto:avi.douglen@owasp.org Avi Douglen]'''
* [http://www.meetup.com/OWASP-Israel/ Ongoing Meetings and socialization on Meetup]. [[file:Meetup-logo-2x.png|75px|link=http://www.meetup.com/OWASP-Israel/]]

== Hebrew Translations ==

; '''The OWASP Top 10, 2013 version was translated to Hebrew! '''
It is now [[OWASP_Top10_Hebrew|available for download]].

The [[OWASP_Risk_Rating_Methodology|OWASP Risk Rating Methodology]], part of the [[OWASP_Testing_Project|OWASP Testing Project]], has been translated to Hebrew, and is available for download in [[Media:OWASP_Risk_Rating_Methodology-Hebrew.pdf|PDF format]].
Much thanks to Tal Argoni from TriadSec.

== Additional Resources ==
* Security discussion forum in Hebrew - on [https://www.facebook.com/groups/owasp.il/ Facebook]. [[file:Facebook_logo_small.jpg|100px|link=https://www.facebook.com/groups/owasp.il/]]
* [https://www.linkedin.com/groups/39702 LinkedIn Group] for networking and announcements. [[file:Delhi_linkedin.jpg|100px|link=https://www.linkedin.com/groups/39702]]
* [https://owasp.slack.com/messages/chapter-israel/ Chat room] for security in Hebrew. [[file:Slack.png|90px|link=https://owasp.slack.com/messages/chapter-israel/]]
* [https://twitter.com/OWASP_IL Twitter] account. [[file:twitter_wide.jpg|75px|link=https://twitter.com/OWASP_IL]]
* [[OWASP_IL_Sponsorship|Sponsorship opportunities]], including #AppSecIL conference sponsorship.

If you have anything else on your mind, please speak up! Contact [mailto:avi.douglen@owasp.org Avi Douglen] with any ideas you have.


= Chapter Details =
== The Team ==

Chapter leader: '''[mailto:avi.douglen@owasp.org Avi Douglen]'''.

* OWASP Israel Board: '''[mailto:avi.douglen@owasp.org Avi Douglen]''', '''Or Katz''', ''' Ofer Maor''', '''Erez Metula''', '''Hemed Gur Ary''', '''[[User:YossiOren|Dr. Yossi Oren]]'''
* Chapter Founder: '''[mailto:ofer@shezaf.com Ofer Shezaf]'''
* [[OWASP_Top10_Hebrew|OWASP Top 10 Hebrew]]: Or Katz
* Homepage Maintenance: Avi Douglen, Ofer Maor, Yossi Oren, [[User:Eyigal|Yigal Elefant]]
* Mailing List Management: Avi Douglen, Ofer Maor, Or Katz

== General Activity ==
* An annual conference, usually in September or October.
* Periodic meetings. If you would like to host a meeting or speak in one contact [mailto:avi.douglen@owasp.org Avi Douglen] or [mailto:katz3112@gmail.com Or Katz].
* Translation of OWASP resources to Hebrew
* Spreading the Word - Reaching out for more people, especially outside of the AppSec community.



= Previous Annual Conferences =
{| class="wikitable" border="1" style="text-align:center;" |
! width="200" | Name
! width="200" | Date
! width="350" | Location
! width="200" | Attendance
|- align="center"
| '''[[AppSec_Israel_2016|AppSec Israel 2016]]'''
| '''September 19th 2016'''
| '''College of Management'''
| '''more than 650 attendees!'''
|- align="left"
| colspan="4" |Use the [[AppSec_Israel_2016_Presentations|presentations info page]] to download presentations and videos
|- align="center"
| '''[[AppSec_Israel_2015|AppSec Israel 2015]]'''
| '''October 13th, 2015'''
| '''College of Management'''
| '''over 550 participants!'''
|- align="left"
| colspan="4" |Use the [[AppSec_Israel_2015_Presentations|presentations info page]] to download presentations
|- align="center"
| '''[[AppSec_Israel_2014|AppSec Israel 2014]]'''
| '''September 2nd, 2014'''
| '''IDC'''
| '''over 450 participants!'''
|- align="left"
| colspan="4" |Use the [[AppSec_Israel_2014_Presentations|presentations info page]] to download presentations
|- align="center"
| '''[[OWASP_Israel_2013|OWASP Israel 2013]]'''
| '''October 1st, 2013'''
|
| '''480 participants!'''
|- align="left"
| colspan="4" |Use the [[OWASP_Israel_2013_Presentations|presentations info page]] to download presentations
|- align="center"
| '''[[OWASP_Israel_2012|OWASP Israel 2012 conference]]'''
| '''Sep 5th, 2012'''
| '''IDC'''
|
|- align="center"
| '''[[OWASP_Israel_2011|OWASP Israel 2011 Conference]]'''
| '''Sep 15th, 2011'''
| '''IDC in Herzeliya'''
| '''350 attendees'''
|- align="center"
| '''[[OWASP_Israel_2010|OWASP Israel 2010 Conference]]'''
| '''Sep 6th, 2010'''
| '''IDC in Herzliya'''
| '''150 attendees'''
|- align="center"
| '''[[OWASP_Israel_2009|OWASP Israel 2009]]'''
| '''Sunday, September 6th 2009'''
| '''Interdisciplinary Center Herzliya'''
|
|- align="left"
| colspan="4" |You can find the agenda and uploaded presentations [[OWASP_Israel_2009|here]]
|- align="center"
| '''[[OWASP_Israel_2008_Conference_at_the_Interdisciplinary_Center_Herzliya|The OWASP Israel 2008 conference
at the Interdisciplinary Center Herzliya (IDC)]]'''
| '''September 14th, 2008'''
| '''Interdisciplinary Center Herzliya'''
| '''250 attendees'''
|- align="center"
| '''OWASP Israel at the [http://www.idc.co.il/?showproduct=31108&content_lang=ENG IDC Security Road Show]'''
| '''June 3rd, 2008'''
|
|
|- align="left"
| colspan="4" |OWASP sponsored the IDC Security Road Show event in Israel. Thanks for Iris Lev-Ari and Tomer Teller for the help in the OWASP booth.
|- align="center"
| '''[[OWASP_Israel_2007_Conference|OWASP Israel 2007 conference at the Interdisciplinary Center Herzliya (IDC)]]'''
| '''Dec 3rd 2007'''
| '''Interdisciplinary Center (IDC) Herzliya'''
|
|- align="left"
| colspan="4" |The 1st official OWASP conference in Israel, was held on Dec 3rd 2007 at the Interdisciplinary Center (IDC) Herzliya.
The conference really set itself as an event you must come to if you have anything to do with application security. [http://picasaweb.google.com/oshezaf/OWASPIsrael2007 pictures from the conference]
|}


= Previous Meetings =
{| class="wikitable" border="1" style="text-align:center;" |
! width="250" | Name
! width="200" | Date
! width="350" | Location
! width="200" | Attendance
|- align="center"
| [[OWASP_Israel_June_2017|OWASP Israel June 2017]]
| June 20th, 2017
| Intuit Israel, HaHarash St. 4, Hod Hasharon
|
|- align="center"
| [[OWASP_Israel_April_2017|OWASP Israel April 2017]]
| April 3rd, 2017
| Checkmarx's offices, in the Amot Atrium Tower, 2 Jabotinsky St., Ramat Gan
| 75 people
|- align="center"
| [[OWASP_Israel_January_2017|OWASP Israel January 2017]]
| January 18th, 2017
| Radware’s Tel Aviv offices, at Raul Wallenberg 22, Ramat HaChayal
| 120 people
|- align="center"
| [[OWASP_Israel_June_2016|OWASP Israel June 2016]]
| June 14, 2016
| Amdocs Auditorium in Raanana
|
|- align="center"
| [[OWASP_Israel_April_2016|OWASP Israel April 2016]]
| April 12, 2016
| HP Enterprise in Yehud
| 150 participants
|- align="center"
| [[OWASP_Israel_February_2016|OWASP Israel February 2016]]
| February 2, 2016
| F5 Networks in Tel Aviv
|
|- align="center"
| [[OWASP_Israel_June_2015|OWASP Israel June 2015]]
| June 16, 2015
| Microsoft in Herzeliya
| 120 participants
|- align="center"
| [[OWASP_Israel_March_2015|OWASP Israel March 2015]]
| March 30, 2015
| NCR in Raanana
| 120 participants
|- align="center"
| [[OWASP_Israel_June_2014|OWASP Israel June 2014]]
| June 16, 2014
| F5 Networks in Tel Aviv
| 110 participants
|- align="center"
| [[OWASP_Israel_April_2014|OWASP Israel April 2014]]
| April 23, 2014
| Akamai in Herzliya Pituach
| 100 participants
|- align="center"
| [[OWASP_Israel_January_2014|OWASP Israel January 2014]]
| January 14th, 2014
| Amdocs in Ra'anana
| 120 participants
|- align="center"
| [[OWASP_Israel_2013_05|OWASP Israel May 2013]]
| May 28th, 2013
| RSA
| 80 participants
|- align="center"
| [[OWASP_Israel_2013_02|OWASP Israel February 2013]]
| February 12th, 2013
| E&Y
|
|- align="left"
| colspan="4" |[[OWASP_ISRAEL_2013_02_Hebrew|Hebrew version]]
|- align="center"
| [[OWASP_Israel_2010_06|OWASP Israel Jun-2010]]
| Jun 22nd, 2010
| IBM/Watchfire in Herzliya
|
|- align="center"
| [[OWASP_Israel_2010_02|OWASP Israel Feb-2010]]
| Feb 9th, 2010
| Amdocs in Ra'anana
| 70 attendees
|- align="center"
| [[OWASP_Israel_2010_01|OWASP Israel Jan-2010]]
| Jan 12th, 2010
| Breach Security in Herzliya
| 60 attendees
|- align="center"
| [[OWASP_Israel_2009_12|OWASP Israel Dec-2009]]
| Dec 2009
| IBM/Watchfire in Herzliya
|
|- align="center"
| [[OWASP_Israel_2009_05|OWASP Israel May 2009 meeting]]
| May 7th, 2009
| IBM in Park Azorim in Petach-Tikva
|
|- align="left"
| colspan="4" |The presentations were:
* Web-Based Man-in-the-Middle Attack, Adi Sharabani, IBM ([http://blog.watchfire.com/wfblog/2009/02/active-man-in-the-middle-attacks.html more info])
* Automation Attacks and Counter Measures, Ofer Shezaf, Xiom ([http://www.owasp.org/images/5/58/OWASP_Israel_-_May_2009_-_Ofer_Shezaf_-_Automation_Attacks.pdf presentation])
: [[OWASP_ISRAEL_2009_05_Hebrew|Full details in Hebrew]]
|- align="center"
| [[OWASP_Israel_2009_03|OWASP Israel March 2009 meeting]]
| March 26th, 2009
| Tel-Aviv University
| 60 attendees
|- align="left"
| colspan="4" |The presentations were:
* Securing cellular web applications, Mikko Saario, Founder, OWASP Finland, Security Architect, Large Telecom Solution Provider ([[Media:OWASP_Israel_-_March_2009_-_Mikko_Saario_-_Web_Application_Security_in_the_Mobile_World.pdf‎|download]])
* Real world implementation of a PCI DSS compliance key management, Yaron Hakon, 2bsecure ([[Media:OWASP_Israel_-_March_2009_-_Yaron_Hakon_-_PCI_key_managment.pdf‎|download]])
* Detecting RFI attacks, Or Katz, Breach Security ([[Media:OWASP_Israel_-_March_2009_-_Or_Katz_-_RFI_detection.pdf‎|download]])
* WAFEC 2.0 - Do WAFs deliver?, Ofer Shezaf, Xiom ([[Media:OWASP_Israel_-_March_2009_-_Ofer_Shezaf_-_Why_WAFs_fail.pdf‎|download]])
: [[OWASP_ISRAEL_2009_03_Hebrew|Full details in Hebrew]]
|- align="center"
| [[OWASP_Israel_2009_01|OWASP Israel January 2009 meeting]]
| January 28th, 2009
| Checkpoint
| 100 people
|- align="left"
| colspan="4" |The presentations were:
* Improving Web Application Firewall testing for better deployment in production network, Gregory Fresnais from BreakingPoint, visiting us from France ([[Media:OWASP_Israel_2009_01_Gregory_Fresnais_Measuring_WAF_Performance.pdf‎|download]])
* Web 2.0 Hacking, Nimrod Luria, Qrity ([[Media:OWASP_Israel_2009_01_Nimrod_Luria_Web_2.0_Security.pdf‎|download]])
* Wiki Security, Ofer Shezaf, Xiom ([http://www.xiom.com/research/wiki_security download])
|}



<headertabs></headertabs>


= Chapter Sponsors =

The OWASP Israel chapter's yearly activity is being supported by the generous sponsorship of the following companies:

{{Template:OWASP_Israel_Sponsors}}

[[Category:Middle East]]
[[Category:Europe]]

AppSec Israel 2017

2017-10-02T19:23:58Z

YossiOren: More content, link to official website

The annual OWASP AppSec Israel Conference is the largest conference in Israel for application security,

and regularly draws hundreds of participants. [[AppSec Israel 2016|Over 650 people attended last year]]!

But AppSecIL is not just for security experts!

Over 700 developers, testers, architects, product designers, and managers will attend this year.

Everyone involved with the software lifecycle is welcome, regardless of type of software, website, mobile app, or any other type of application.

If you are responsible for, or involved with:
* web security
* devops security
* cloud security
* mobile security
* application security
* software development
* quality assurance
* software maintenance or operations
… you should join us at AppSecIL!

AppSec Israel 2017 will have two lecture tracks from an amazing group of speakers, and additional activities such as a Capture the Flag competition.

We also host a sponsors pavilion with vendor booths to promote the latest advances in security technology relevant to application security and developers.

Don’t forget to use the [https://twitter.com/hashtag/AppSecIL #AppSecIL] hashtag on social media!

Attendance is free, but registration is required!

[https://appsecil.org For more information, see the official AppSecIL website].

[[Category:Israel]]
[[Category:AppSec_Israel_2017]]
[[Category:OWASP_AppSec_Conference]]

AppSec Israel 2017

2017-08-17T21:41:57Z

YossiOren: created stub

OWASP AppSec Israel will take place this year on October 18th, 2017!

The annual OWASP AppSec Israel Conference is the largest conference in Israel for application and software security, has been going regularly for over a decade and always draws hundreds of participants.
[[AppSec Israel 2016|Over 650 people attended last year]], this year we expect well over 700!

The Conference usually starts at 9AM and lasts until 18:00. It will also be preceded by a day of Developer Training.

[[Category:Israel]] [[Category:AppSec_Israel_2017]] [[Category:OWASP_AppSec_Conference]]

AppSec Israel 2016 CTF

2016-09-08T12:18:15Z

YossiOren: backlink added

[[File:EventBriteRegisterButton.png|link=https://appsecil2016.sched.org/event/8CKb|Register now!]]

This year, for the first time, [[AppSec Israel 2016|AppSec Israel]] will be hosting our very own Capture the Flag competition!

This capture the flag competition aims to encourage and promote interest in web application security, as well as for just having some fun.

We do not see it as a competition really, though there are winners and they are going to win some cool prizes...

There are a lot of interesting talks at OWASP this year that you wouldn't want to miss.. So, it is perfectly ok if you don't end up collecting all flags.. We know, you have been busy..

Here are some FAQ I frequently hear (I never heard them actually, but what the hack?)

==Is there any registration needed?==

Registration is available here (just add yourself to my sched) or on site, at Komodo booth.

==What prizes do the winners get?==

There are going to be 4 prizes. 3 top scores will get a prize while one prize will be won by a lottery between all who scores a minimum of 10 points.

If there are 2 attendees who reached the same score, a lottery between the two will be taken.

Oh.. and the prizes.. We'll decide soon enough and let you know.

==What is the CTF structure?==

We have built a PHP based web application that holds 6 challenges. Each challenge require a knowledge of a different attack or a different attack vector. Once you find the flag, you should use our 'proof of hack' PHP page to get the scores.

We might add a 'buy a hint' functionality, but even if we won't there are going to be plenty of people around who could steer you to the right direction.

==At what time does the CTF take place?==

The CTF will be open all day long, starting at the first talk and till the end of last one.

==What should I bring?==

Bring your kali linux. Well, there is no need for that really, just kidding.

What you might need is:

# Laptop, any OS will do.
# Internet connection.
# Python installed (2.x I believe)
# HTTP Proxy (burp, fiddler, whatever…)
# Wireshark, tcpdump or something like that
# Internet facing server (but we can provide you with that if needed)

Of course, you might get all flags without needing any of the above. That would be super cool, we would love to see your take on our challenges.

==How long should it take?==

The CTF is open for the entire day. We estimate each challenge to take approximately 30 minutes, so it is 3 hours altogether.

All challenges are solvable in a matter of few minutes, once you know how. The difficulty level vary from entry level to advance.

There is one which may take quite a while and will require determination and persistency to solve.

[[File:EventBriteRegisterButton.png|link=https://appsecil2016.sched.org/event/8CKb|Register now!]]

[[Category:Israel]] [[Category:AppSec_Israel_2016]] [[Category:OWASP_AppSec_Conference]]

AppSec Israel 2016 CTF

2016-09-07T15:10:10Z

YossiOren: Added categories, skinned "register now" button

[[File:EventBriteRegisterButton.png|link=https://appsecil2016.sched.org/event/8CKb|Register now!]]

This capture the flag competition aims to encourage and promote interest in web application security, as well as for just having some fun.

We do not see it as a competition really, though there are winners and they are going to win some cool prizes...

There are a lot of interesting talks at OWASP this year that you wouldn't want to miss.. So, it is perfectly ok if you don't end up collecting all flags.. We know, you have been busy..

Here are some FAQ I frequently hear (I never heard them actually, but what the hack?)

==Is there any registration needed?==

Registration is available here (just add yourself to my sched) or on site, at Komodo booth.

==What prizes do the winners get?==

There are going to be 4 prizes. 3 top scores will get a prize while one prize will be won by a lottery between all who scores a minimum of 10 points.

If there are 2 attendees who reached the same score, a lottery between the two will be taken.

Oh.. and the prizes.. We'll decide soon enough and let you know.

==What is the CTF structure?==

We have built a PHP based web application that holds 6 challenges. Each challenge require a knowledge of a different attack or a different attack vector. Once you find the flag, you should use our 'proof of hack' PHP page to get the scores.

We might add a 'buy a hint' functionality, but even if we won't there are going to be plenty of people around who could steer you to the right direction.

==At what time does the CTF take place?==

The CTF will be open all day long, starting at the first talk and till the end of last one.

==What should I bring?==

Bring your kali linux. Well, there is no need for that really, just kidding.

What you might need is:

# Laptop, any OS will do.
# Internet connection.
# Python installed (2.x I believe)
# HTTP Proxy (burp, fiddler, whatever…)
# Wireshark, tcpdump or something like that
# Internet facing server (but we can provide you with that if needed)

Of course, you might get all flags without needing any of the above. That would be super cool, we would love to see your take on our challenges.

==How long should it take?==

The CTF is open for the entire day. We estimate each challenge to take approximately 30 minutes, so it is 3 hours altogether.

All challenges are solvable in a matter of few minutes, once you know how. The difficulty level vary from entry level to advance.

There is one which may take quite a while and will require determination and persistency to solve.

[[File:EventBriteRegisterButton.png|link=https://appsecil2016.sched.org/event/8CKb|Register now!]]

[[Category:Israel]] [[Category:AppSec_Israel_2016]] [[Category:OWASP_AppSec_Conference]]

AppSec Israel 2016 CTF

2016-09-07T15:08:03Z

YossiOren: Added formatting and unskinned "register now!" button

[https://appsecil2016.sched.org/event/8CKb Register now!]

This capture the flag competition aims to encourage and promote interest in web application security, as well as for just having some fun.

We do not see it as a competition really, though there are winners and they are going to win some cool prizes...

There are a lot of interesting talks at OWASP this year that you wouldn't want to miss.. So, it is perfectly ok if you don't end up collecting all flags.. We know, you have been busy..

Here are some FAQ I frequently hear (I never heard them actually, but what the hack?)

==Is there any registration needed?==

Registration is available here (just add yourself to my sched) or on site, at Komodo booth.

==What prizes do the winners get?==

There are going to be 4 prizes. 3 top scores will get a prize while one prize will be won by a lottery between all who scores a minimum of 10 points.

If there are 2 attendees who reached the same score, a lottery between the two will be taken.

Oh.. and the prizes.. We'll decide soon enough and let you know.

==What is the CTF structure?==

We have built a PHP based web application that holds 6 challenges. Each challenge require a knowledge of a different attack or a different attack vector. Once you find the flag, you should use our 'proof of hack' PHP page to get the scores.

We might add a 'buy a hint' functionality, but even if we won't there are going to be plenty of people around who could steer you to the right direction.

==At what time does the CTF take place?==

The CTF will be open all day long, starting at the first talk and till the end of last one.

==What should I bring?==

Bring your kali linux. Well, there is no need for that really, just kidding.

What you might need is:

# Laptop, any OS will do.
# Internet connection.
# Python installed (2.x I believe)
# HTTP Proxy (burp, fiddler, whatever…)
# Wireshark, tcpdump or something like that
# Internet facing server (but we can provide you with that if needed)

Of course, you might get all flags without needing any of the above. That would be super cool, we would love to see your take on our challenges.

==How long should it take?==

The CTF is open for the entire day. We estimate each challenge to take approximately 30 minutes, so it is 3 hours altogether.

All challenges are solvable in a matter of few minutes, once you know how. The difficulty level vary from entry level to advance.

There is one which may take quite a while and will require determination and persistency to solve.

[https://appsecil2016.sched.org/event/8CKb Register now!]

AppSec Israel 2016 CTF

2016-09-07T14:59:31Z

YossiOren: copy-paste from the sched

This CTF competition aims to encourage and promote interest in web application security, as well as for just having some fun.

We do not see it as a competition really, though there are winners and they are going to win some cool prizes...

There are a lot of interesting talks at OWASP this year that you wouldn't want to miss.. So, it is perfectly ok if you don't end up collecting all flags.. We know, you have been busy..

Here are some FAQ I frequently hear (I never heard them actually, but what the hack?)

Is there any registration needed?

Registration is available here (just add yourself to my sched) or on site, at Komodo booth.

What prizes do the winners get?

There are going to be 4 prizes. 3 top scores will get a prize while one prize will be won by a lottery between all who scores a minimum of 10 points.

If there are 2 attendees who reached the same score, a lottery between the two will be taken.

Oh.. and the prizes.. We'll decide soon enough and let you know.

What is the CTF structure?

We have built a PHP based web application that holds 6 challenges. Each challenge require a knowledge of a different attack or a different attack vector. Once you find the flag, you should use our 'proof of hack' PHP page to get the scores.

We might add a 'buy a hint' functionality, but even if we won't there are going to be plenty of people around who could steer you to the right direction.

What time do the CTF take place?

The CTF will be open all day long, starting at the first talk and till the end of last one.

What should I bring?

Bring your kali linux. Well, there is no need for that really, just kidding.

What you might need is:

Laptop, any OS will do.

Internet connection.

Python installed (2.x I believe)

HTTP Proxy (burp, fiddler, whatever…)

Wireshark, tcpdump or something like that

Internet facing server (but we can provide you with that if needed)

Of course, you might get all flags without needing any of the above. That would be super cool, we would love to see your take on our challenges.

How long should it take?

The CTF is open for the entire day. We estimate each challenge to take approximately 30 minutes, so it is 3 hours altogether.

All challenges are solvable in a matter of few minutes, once you know how. The difficulty level vary from entry level to advance.

There is one which may take quite a while and will require determination and persistency to solve.

AppSec Israel 2016

2016-09-07T14:58:22Z

YossiOren: /* Agenda */ CTF

The annual OWASP AppSec Israel Conference is the largest conference in Israel for application security, and regularly draws hundreds of participants. Over 550 people attended last year!

But AppSecIL is not just for security experts!

Aimed at developers, testers, architects, product designers, and managers - anyone involved with the software lifecycle is welcome, regardless of type of software, website, mobile app, or any other type of application.

[[image:AppSecIL_Logo_2016.png|center]]

If you are responsible for, or involved with:
* web security
* devops security
* cloud security
* mobile security
* application security
* software development
* quality assurance
* software maintenance or operations
... you should join us at AppSecIL!

AppSec Israel 2016 will have two lecture tracks from an amazing group of speakers. We will also host a sponsors pavilion for products and services relevant to application security and developers.

 
= Location and Time =

The annual OWASP AppSec Israel 2016 conference will be held this year in The College of Management (Michlala l’Minhal), in Rishon LeZion (about 20 minutes south of Tel Aviv), on Monday, September 19th, 2016, from 9AM to 6PM.

The address is Eli Weisel 2, Rishon LeZiyon. There is plenty of parking available, entrance is via gate 4.

For directions and public transportation options, please see the information at this link: http://www.colman.ac.il/about/roads/Pages/default.aspx

Please use the [https://twitter.com/hashtag/AppSecIL #AppSecIL] hashtag on Twitter.

[[File:EventBriteRegisterButton.png|link=https://appsecil2016.eventbrite.com/?ref=ebtnebregn|OWASP AppSec Israel 2016]]

= Sponsors =

The AppSec Israel conference is proudly being sponsored by:

{{Template:AppSec_Israel_2016_Sponsors}}

= Registration =

Thanks to our generous sponsors, attending the conference is free of charge. However, advance registration is required.

Please register here: https://appsecil2016.eventbrite.com/ .

From there you will also be able to sign up at Sched.org, to view the conference schedule interactively, add sessions to your personal calendar, and other features.

[[File:EventBriteRegisterButton.png|link=https://appsecil2016.eventbrite.com/?ref=ebtnebregn|OWASP AppSec Israel 2016]]

= Agenda =

See [[AppSec_Israel_2016_Presentations|detailed list of talks here]].
Please note that while most of the talks are in English, some will be given in Hebrew. Please check the details of each session to know in which language it will be.

New this year is a [[AppSec_Israel_2016_CTF|Capture the Flag session]], organized and sponsored by Komodo Consulting: [[AppSec_Israel_2016_CTF|click here for details]].

The [https://appsecil2016.sched.org/ full schedule can be seen and subscribed to here].

* '''Tomer Cohen''', Head of R&D security, Wix.com
''Bot Extension - Abusing Google Chrome Extensions for Bot Attacks''
* '''Amit Ashbel''', Director of Product Marketing & Cyber Security Evangelist, Checkmarx
     '''Erez Yalon''', Application Security Lead, Checkmarx

''Could a few lines of code <F!#ck> it all up??''
* '''Amit Klein''', VP Security Research, SafeBreach
''Crippling HTTPS with unholy PAC''
* '''Martin Knobloch''', Principal Consultant, Nixu
''Don't Feed the Hippos!''
* '''Nadav Avital''', Application Security Research Team Leader, Imperva, and
     '''Noam Mazor''', Security Research Engineer, Imperva

''Hacking HTTP/2 - New attacks on the Internet’s Next Generation Foundation''
* '''Erez Metula''', Application Security Expert, AppSec Labs (Founder)
''Hacking RF based IoT Systems''
* '''Elena Kravchenko''', ADM BU Security Lead Security & Trust Office, HPE Software, and
     '''Efrat Wasserman''', ADM Senior Program manager SRL, HPE Software

''Integrating Security in Agile projects (real case study)''
* '''Tal Melamed''', Technical Leader, AppSec Labs
''Java Hurdling: Obstacles and Techniques in Java Client Penetration-testing''
* '''Eli Greenbaum''', Partner, Yigal Arnon & Co.
''Law and the Israeli Cybersecurity Industry''
* '''Liran Tal''', R&D Team Leader, Hewlett Packard Enterprise
''NodeJS Security Done Right - The tips and tricks they won’t teach you in school ''
* '''Tamir Shavro''', Seeker R&D Manager, Synopsys
''Putting the "I" in Code Review - Turning Code Review Interactive''
* '''Ofer Maor''', Director of Security Strategy, Synopsys
''Signoff or Sign-Out''
* '''Or Katz''', Principal Security Researcher, Akamai
''The Dark Side of Search Engine Optimization''
* Dr. '''Nethanel Gelernter''', Cyberpion & The College of Management Academic Studies
''The Threat of Advanced Cross-Site Search Attacks''
* '''Shay Chen''', CEO, Effective Security
''The Unwanted Sons - Formalizing and Demonstrating WAF Bypass Methods for the REST of the Top 10''
* '''Yair Amit''', CTO & Co-founder, Skycure
''The Ways Hackers Are Taking To Win The Mobile Malware Battle''

= Sponsorships =

Whether you have a product to showcase, offering a service, or you are recruiting, sponsoring the OWASP AppSec Israel event gets you the right exposure. This year we are expecting well over 600 attendees, including security professionals, developers, managers, and more.

Sponsorship also helps support the OWASP community, and ensures that we can keep on making our conferences better and better. Sponsorship fees are intended to cover the costs of the conference. Since the conference is open to all and free of charge to attend, we need your support to enable us to put on a great conference.

We are now offering Silver, Gold and Platinum sponsorship levels. There is also a cost-effective “Community Supporter” option for non-profits, government offices, small startups, and such.
For more details on the available sponsorship options please see the [[AppSec_Israel_2016_Sponsorships|Conference Sponsorship page]].

For more details and to confirm your sponsorship, please contact [mailto:katz3112@gmail.com Or Katz].

[[File:EventBriteRegisterButton.png|link=https://appsecil2016.eventbrite.com/?ref=ebtnebregn|OWASP AppSec Israel 2016]]

= The people behind the conference =

OWASP AppSec Israel is made by the people who contribute their time and brains to its success. The following people are working to ensure that OWASP AppSec Israel is a success. If you feel that you also can contribute or have interesting ideas regarding the conference, please don't hesitate to contact [mailto:Avi.Douglen@owasp.org AviD] directly.

=== Contributors ===

* Avi Douglen (Independent)
* Or Katz (Akamai)
* Ofer Maor (Synopsys)
* Erez Metula (AppSec Labs)
* Hemed Gur Ary (Amdocs)

[[Category:Israel]] [[Category:AppSec_Israel_2016]] [[Category:OWASP_AppSec_Conference]]

User:YossiOren

2016-08-25T10:16:36Z

YossiOren:

Yossi Oren is a senior lecturer (Assistant Professor) at the Department of Software and Information Systems Engineering in Ben Gurion University, and a member of BGU's Cyber Security Research Center. Prior to joining BGU, Yossi was a Post-Doctoral Research Scientist in the Network Security Lab at Columbia University in the City of New York and a member of the security lab at Samsung Research Israel. He holds a Ph.D. in Electrical Engineering from Tel-Aviv University, and an M.Sc. in Computer Science from the Weizmann Institute of Science.

His research interests include secure hardware (power analysis and other hardware attacks and countermeasures; low-resource cryptographic constructions for lightweight computers) and cryptography in the real world (consumer and voter privacy in the digital era; web application security).

Also known as: Yossef Oren, יוסי אורן, יוסף אורן

[http://www.linkedin.com/in/yossioren Yossi Oren on LinkedIn]

[https://iss.oy.ne.ro Yossi Oren's home page]

User:YossiOren

2016-08-25T10:16:12Z

YossiOren:

Also known as: Yossef Oren, יוסי אורן, יוסף אורן

[http://www.linkedin.com/in/yossioren Yossi Oren on LinkedIn]

[https://iss.oy.ne.ro Yossi Oren's home page]

User:YossiOren

2016-08-25T10:16:01Z

YossiOren:

Also known as: Yossef Oren, יוסי אורן, יוסף אורן
[http://www.linkedin.com/in/yossioren Yossi Oren on LinkedIn]

[https://iss.oy.ne.ro Yossi Oren's home page]

Category:OWASP Video

2011-05-04T13:24:33Z

YossiOren: Added link to OWASP Israel 2008

<div align="center"> <owaspbanner/></div>
<div style="font-size:7pt;text-align:right">[http://www.owasp.org/index.php/Advertising Ad Space Available for 2010]</div>
<hr>

== Welcome to the OWASP Video Collection ==

OWASP attempts to make videos of presentations made by our members and at our conferences concerning application security whenever possible. The slides for most of these presentations are available, linked to the conference agendas (please link them if possible!).

== Videos ==

===OWASP Appsec Tutorial Series===
OWASP Appsec Tutorial Series [http://www.youtube.com/user/AppsecTutorialSeries Click Here] ** NEW **

===OWASP Appsec DC 2010===
OWASP Appsec DC 2010 [http://vimeo.com/groups/asdc10/videos/sort:plays Click Here] ** NEW **

===OWASP USA 2010===
OWASP USA 2010 [http://vimeo.com/user4863863/videos/sort:plays Click Here] ** NEW **

===OWASP EU 2010===
OWASP Stockholm Sweden 2010 [http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden#tab=June_23 Click Here] and [http://www.owasp.org/index.php/OWASP_AppSec_Research_2010_-_Stockholm,_Sweden#tab=June_24 Click Here]

=== OWASP FROC 2010 ===
FROC 2010 - [http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2010#tab=Agenda Click Here]

=== OWASP USA 2009 ===
APPSEC DC 2009 - [http://www.owasp.org/index.php/OWASP_AppSec_DC_2009_Schedule#tab=Talks_11.2F12 Click Here]

=== OWASP EU ===
OWASP EU 2009 - [http://www.owasp.org/index.php/OWASP_AppSec_Europe_2009_-_Poland#tab=Conference_-_May_13 Here] and [http://www.owasp.org/index.php/OWASP_AppSec_Europe_2009_-_Poland#tab=Conference_-_May_14 Here]

=== OWASP Israel 2008 ===
[https://www.owasp.org/index.php/OWASP_Israel_2008_Conference_at_the_Interdisciplinary_Center_Herzliya_(IDC) Click Here]

=== OWASP USA 2008 ===
[http://www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference Click Here]

=== SnowFROC ===
;[http://www.owasp.org/index.php/Front_Range_OWASP_Conference_2009#Agenda_and_Presentations:_5_March_2009 OWASP SnowFROC from Denver, CO 2009]

=== OWASP Minneapolis/St. Paul (OWASP MSP) ===

Presentations from the [[Minneapolis St Paul | OWASP Minneapolis-St. Paul (OWASP MSP) chapter]] events hosted in the Twin Cities area of Minnesota are now on their own page. Please visit [[OWASPMSP_Videos]] page for links to them. Some of the presenters include Pravir Chandra, Bruce Schneier, Jeremiah Grossman, Ryan Barnett, and many others.

=== Black Hat 2006 ===

'''From Black Hat 2006:'''

;[http://video.google.com/videoplay?docid=941077664562737284&q=owasp Dinis Cruz @ BlackHat 2006 with FSTV]
:Dinis Cruz, leader of the OWASP.NET project joins us to talk about .NET, web security tools, the future of OWASP, and Open Source Software. OWASP - 30 min - Aug 30, 2006

=== AppSec Washington 2005 ===

'''From the [[AppSec_Washington_2005/Agenda | 2nd U.S. OWASP Conference held Oct 11-12, 2005]] - Day 1:'''

;[http://video.google.com/videoplay?docid=-2481289516847680871&q=owasp OWASP_Intro_DaveWichers_Key_JoeJarzombek_RonRoss.mp4]
:OWASP Intro: Dave Wichers - Key Note Day 1: Joe Jarzombek - Dir. of Software Assurance - DHS - Software Assurance: Considerations for Advancing a National Strategy to Secure Cyberspace & Ron Ross -FISMA Project Lead - NIST - Status of the Federal Information Security Management Act (FISMA) Project. OWASP - 2 hr 7 min - Oct 11, 2005

;[http://video.google.com/videoplay?docid=3853779542023264815&q=owasp OWASP_JackDanahy_The_Business_Case_for_Software_Security_Assurance.mp4]
:OWASP Jack Danahy - The Business Case for Software Security Assurance. OWASP - 1 hr 2 min - Oct 11, 2005

;[http://video.google.com/videoplay?docid=5758230888370998733&q=owasp OWASP_ArianEvans_Tools_SurveyProject.mp4]
:OWASP Arian Evans - The OWASP Tools Survey Project. OWASP - 1 hr 18 min - Oct 11, 2005

;[http://video.google.com/videoplay?docid=-2492965730809426450&q=owasp OWASP_DinizCruz_Rooting_the_CLR.mp4]
:OWASP Diniz Cruz - Rooting the CLR. OWASP - 1 hr 22 min - Oct 11, 2005

;[http://video.google.com/videoplay?docid=-5233500471539001436&q=owasp OWASP_PaulBlack_RickKuhn.mp4]
:OWASP Paul Black - NIST - Developing a Reference Dataset & Rick Kuhn - NIST - Software Fault Interactions. OWASP - 1 hr 9 min - Oct 11, 2005

;[http://video.google.com/videoplay?docid=4473926180612118549&q=owasp OWASP_AlexSmolen_Application_Logic_Defense.mp4]
:OWASP Alex Smolen - Application Logic Defense. OWASP - 36 min - Oct 11, 2005

;[http://video.google.com/videoplay?docid=4379894308228900017&q=owasp OWASP_DanielCuthbert_Evolution_WebAppPenTest.mp4]
:OWASP Daniel Cuthbert - OWASP Testing Guide Lead - The Evolution Web App Pen Testing. OWASP - 1 hr 11 min - Oct 11, 2005

'''The [[AppSec_Washington_2005/Agenda | 2nd U.S. OWASP Conference]] Day 2:'''

;[http://video.google.com/videoplay?docid=-9110574247136866679&q=owasp OWASP_IraWinkler_Secrets_of_Superspies.mp4]
:OWASP Ira Winkler - Keynote Day 2: Secrets of Superspies & Jeremy Poteet - In the Line of Fire: Defending Highly Visible Targets. OWASP - 2 hr 2 min - Oct 12, 2005

;[http://video.google.com/videoplay?docid=-5332911124544076749&q=owasp OWASP_JeffWilliams_OWASP_Guide_and_Membership.mp4]
:OWASP Jeff Williams - OWASP Development Guide and OWASP Membership Plan. OWASP - 1 hr 12 min - Oct 12, 2005

;[http://video.google.com/videoplay?docid=7947858567235952851&q=owasp OWASP_DinizCruz_DotNet_Tools_Project.mp4]
:OWASP Diniz Cruz - The .Net Tools Project. OWASP - 1 hr 15 min - Oct 12, 2005

;[http://video.google.com/videoplay?docid=2018648061521175729&q=owasp OWASP_MattFisher_WormsNowTargetingWebApps.mp4]
:OWASP Matt Fisher - Worms Now Targeting Web Applications. OWASP - 49 min - Oct 12, 2005

;[http://video.google.com/videoplay?docid=8437304318271455155&q=owasp OWASP_RoganDawes_AdvancedFeaturesofWebScarab.mp4]
:OWASP Rogan Dawes - Advanced Features of OWASP WebScarab. OWASP - 1 hr 24 min - Oct 12, 2005

;[http://video.google.com/videoplay?docid=-2492965730809426450&q=owasp OWASP_JohnSteven_Building_a_Scalable_Software_Security_Practice.mp4]
:OWASP John Steven - Building a Scalable Software Security Practice. OWASP - 1 hr 19 min - Oct 12, 2005

;[http://video.google.com/videoplay?docid=-1807054604513842127&q=owasp OWASP_GunnerPeterson_IntegratingIdentityServicesintoWebApps.mp4]
:OWASP Gunnar Peterson - Integrating Identity Services into Web Apps. OWASP - 35 min - Oct 12, 2005

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2011-05-04T13:22:59Z

YossiOren: Moved videos from Google Video to YouTube due to GV shutdown...

[[Category:Israel]]
{{Template:OWASP_IL_2008_Sponsors}}

The OWASP Israel 2008 conference was held on September 14th at the Interdisciplinary Center Herzliya with 250 attendees. The agenda of the full day two track event can be found below.

== Agenda ==

{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>
|- style="font-size:11pt"
|style="color:#1F497D" width="68" height="15" align="right" valign="top" | 8:30-9:00
| width="291" valign="top" | Gathering and Socializing
| width="296" valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
| valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder ([ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Opening%20Words_chunk_1.wmv download video])
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Room #1
| valign="top" | Room #2

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Management Track
| valign="top" | Fundamentals Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
| valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] ([[Media:OWASP_IL_2008_Amichai_Shulman_BeyondGoogleHackingn.ppt|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_1.wmv video part 1], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_2.wmv video part 2]) Amichai Shulman, Imperva
| valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]] ([[Media:OWASP_IL_2008_Maty_Siman_Security_Code_Analysis.ppt‎|download ppt]]) Maty Siman, Checkmark

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] ([http://www.youtube.com/watch?v=TAAGN7Ac8Wk watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ivan%20Ristic_chunk_1.wmv download video]) Ivan Ristic, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]] ([[Media:OWASP_IL_2008_Sharabani_BlackBox_Vs_WhiteBox.ppt‎|download ppt]]) Adi Sharabani & Yinnon Haviv, IBM

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 10:45-11:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
| valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] ([[Media:AppSecEU2008-WHID.ppt|ppt]], [http://www.youtube.com/watch?v=Hl-JIxq0IrI watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Shezaf%20Trends%202008_chunk_1.wmv download video]) Ofer Shezaf, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] ([[Media:OWASP IL 2008 David Movshovitz AJAX.ppt|download ppt]]) Dr. David Movshovitz, IDC

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
| valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testin g the Tester – Measuring Quality of Security Testing]] ([[Media:OWASP_IL_2008_Ofer_Maor_Testing_The_Tester.ppt‎|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Maor%20Testing%20The%20Tester_chunk_1.wmv download video]) Ofer Maor, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] ([[Media:OWASP_IL_2008_Yuli_Stremovsky.GreenSQL_Database_Firewall.ppt‎|download ppt]]) Yuli Stremovsky

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 12:30-13:15
| valign="top" colspan="2"| Lunch

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
|style="font-weight:bold" valign="top" | Advanced Technology Track
|style="font-weight:bold" valign="top" | Practical Technology Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
| valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] ([[Media:OWASP IL 2008 Shai Chen PT to Java Client Server Apps.ppt|ppt]], [http://www.youtube.com/watch?v=O2uOOiy8yxw watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Shai%20Chen_chunk_1.wmv download video]) Shai Chen, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] ([[Media:OWASP_IL_2008_Amir_Herzberg_Defending_against_Phishing_without_Client-side_Code.ppt|ppt]], [http://www.youtube.com/watch?v=vmzhWA6_Li4 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amir%20Herzberg.wmv download video]) Prof. Amir Herzberg, Bar-Ilan University

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 14:00-14:45
| valign="top" | [[OWASP_Israel_2008_Conference_Alon_Rosen|Cryptographic elections - how to simultaneously achieve verifiability and privacy]] ([[Media:OWASP_IL_2008_Alon_Resen_eVoting.pdf‎|download pdf]]) Dr. Alon Rosen, IDC
| valign="top" | [[OWASP_Israel_2008_Conference_Erez_Metula|.NET Framework rootkits - backdoors inside your Framework]] ([[Media:OWASP IL 2008 Erez Metula .NET Rootkits.ppt|download ppt]]) Erez Metula, 2Bsecure

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 14:45-15:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 15:00-15:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ronen_Bachar|Automated Crawling & Security Analysis of Flash/Flex based Web Applications]] ([[Media:OWASP_IL_2008_Ronen_Bachar_RIA.ppt‎|download ppt]]) Ronen Bachar, IBM
| valign="top" | [[OWASP_Israel_2008_Conference_Ohad_Ben_Cohen|Korset: Code-based Intrusion Detection System for Linux]] ([[Media:OWASP_IL_2008_Ohad_Ben_Cohen_Korset.pdf|download pdf]]) Ohad Ben-Cohen

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
| valign="top" colspan="2" | Turbo talks (Rump Session), Currently scheduled presentations:
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) ([[Media:OWASP_IL_2008_Yossi_Oren_APEG.ppt|download ppt]])
* Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning ([[Media:UnknownMalcodeDetection_OWASP-IL-08.pdf|download pdf]])
* Yaniv Miron, Comsec, UTF7 XSS ([[Media:OWASP_IL_2008_Yaniv_Miron_UTF7_XSS.ppt|download ppt]])
* Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths ([[Media:2008-09-14_OWASP_Israel_2008.ppt‎|download ppt]])

'''Closing Words, Ofer Shezaf'''
|}

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Shay Zalalichin (ComSec)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Neer Roggel, the technion
* Shay Shuker
* Ofer Shezaf (Breach Security)

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

OWASP Israel 2009 Conference Turbo Talks

2009-07-14T18:04:22Z

YossiOren: /* Submitting Presentations */

== Introduction ==
Just like last year (in fact, copy-pasted from last year), OWASP IL will include a Turbo Talk session (a.k.a. rump session), inspired by the [http://www.iacr.org/conferences/crypto2007/rump.html CRYPTO conference rump sessions] and by the [http://ignite.oreilly.com/ O'Reilly IGNITE sessions]. Quoting from the [http://www.iacr.org/conferences/crypto2007/rump.html CRYPTO 2007 rump session CFP]:
:''"This is intended to be an informal session in which participants give short and entertaining presentations on recent results, work in progress, and other topics of interest to the community. Presentations that are not purely technical in nature are also possible – and encouraged!"''

== Rules ==
Each presenter will have no more than 20 slides, which should automatically rotate after 15 seconds (for a total of under '''5 minutes per talk''').

Topics can include:

* Recent interesting Web Application Security results and works in progress. General Information Security results are also welcome, as long as they are '''very''' interesting.
* Important announcements relevant to the Israeli Web Application Security community.
* Crazy ideas for a start-up (regardless of whether it already exists or not).
* Interesting geeky activities.
* Singing, dancing and shenanigans.

Topics '''cannot''' include:

* Shameless plugs for your new WAF, which is amazingly better than other WAFs.
* Politics and gambling.

Here are some good talks for reference:

* [http://blip.tv/file/199649/ http://blip.tv/file/199649/] (topic of interest)
* [http://www.youtube.com/watch?v=WzJ114Masw0 http://www.youtube.com/watch?v=WzJ114Masw0] (recent result)
* [http://www.iacr.org/conferences/crypto2005/r/12.mov http://www.iacr.org/conferences/crypto2005/r/12.mov] (announcement)
* [http://www.youtube.com/watch?v=b2m7Fm1I1HU http://www.youtube.com/watch?v=b2m7Fm1I1HU] (singing, dancing and shenanigans, except there's no dancing)

== Submitting Presentations ==

The rump session chair is [http://iss.oy.ne.ro/ Yossi Oren]. If you want to submit a talk, please fill out [http://www.shibumi.org/eoti.htm this yet-to-be-created online form]. For comments and suggestions, please write to owasp2009rump[strudel]oy.ne.ro.

The deadline for registration is '''September 1, 2009''' - less than a week before the conference. We hope to have about 10 talks which should make up a very interesting hour!

[[Category:OWASP Israel 2009]]

OWASP Israel 2009 Conference Turbo Talks

2009-07-02T15:08:07Z

YossiOren: New page: == Introduction == Just like last year (in fact, copy-pasted from last year), OWASP IL will include a Turbo Talk session (a.k.a. rump session), inspired by the [http://www.iacr.org/confere...

== Introduction ==
Just like last year (in fact, copy-pasted from last year), OWASP IL will include a Turbo Talk session (a.k.a. rump session), inspired by the [http://www.iacr.org/conferences/crypto2007/rump.html CRYPTO conference rump sessions] and by the [http://ignite.oreilly.com/ O'Reilly IGNITE sessions]. Quoting from the [http://www.iacr.org/conferences/crypto2007/rump.html CRYPTO 2007 rump session CFP]:
:''"This is intended to be an informal session in which participants give short and entertaining presentations on recent results, work in progress, and other topics of interest to the community. Presentations that are not purely technical in nature are also possible – and encouraged!"''

== Rules ==
Each presenter will have no more than 20 slides, which should automatically rotate after 15 seconds (for a total of under '''5 minutes per talk''').

Topics can include:

* Recent interesting Web Application Security results and works in progress. General Information Security results are also welcome, as long as they are '''very''' interesting.
* Important announcements relevant to the Israeli Web Application Security community.
* Crazy ideas for a start-up (regardless of whether it already exists or not).
* Interesting geeky activities.
* Singing, dancing and shenanigans.

Topics '''cannot''' include:

* Shameless plugs for your new WAF, which is amazingly better than other WAFs.
* Politics and gambling.

Here are some good talks for reference:

* [http://blip.tv/file/199649/ http://blip.tv/file/199649/] (topic of interest)
* [http://www.youtube.com/watch?v=WzJ114Masw0 http://www.youtube.com/watch?v=WzJ114Masw0] (recent result)
* [http://www.iacr.org/conferences/crypto2005/r/12.mov http://www.iacr.org/conferences/crypto2005/r/12.mov] (announcement)
* [http://www.youtube.com/watch?v=b2m7Fm1I1HU http://www.youtube.com/watch?v=b2m7Fm1I1HU] (singing, dancing and shenanigans, except there's no dancing)

== Submitting Presentations ==

The rump session chair is [http://iss.oy.ne.ro/ Yossi Oren]. If you want to submit a talk, please fill out [http://www.shibumi.org/eoti.htm this yet-to-be-created online form]. For comments and suggestions, please write to [mailto:owasp2009rump@oy.ne.ro owasp2009rump@oy.ne.ro].

The deadline for registration is '''September 1, 2009''' - less than a week before the conference. We hope to have about 10 talks which should make up a very interesting hour!

[[Category:OWASP Israel 2009]]

Category:Israel

2009-07-02T15:06:04Z

YossiOren: Rump session

'''''For information in Hebrew refer to the [http://www.xiom.com/owasp OWASP Israel Hebrew page].'''''
{{Chapter Template|chaptername=Israel|extra=The chapter leader is [mailto:shezaf@xiom.com Ofer Shezaf]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-israel|emailarchives=http://lists.owasp.org/pipermail/owasp-israel}}

<paypal>Israel</paypal>

== OWASP top 10 in Hebrew initiated ==
1st chapter, XSS is [http://www.xiom.com/owasp-top-10-hebrew-a1-xss available for review]. The information is available off site due to Hebrew support issues.

== OWASP Israel 2009 ==

OWASP Israel annual conference will be held at the Interdisciplinary Center Herzliya on Sunday, September 6th 2009.

Call for presenters ([[OWASP_IL_CFP|details]]) and sponsors ([[OWASP_IL_Sponsorship|details]]) is now open.

The conference will also offer a Turbo Talk session (a.k.a. rump session), featuring 5 minute talks about recent results or works in progress ([[OWASP_Israel_2009_Conference_Turbo_Talks|details]])

For details, contact ofer@owasp.org.il

== OWASP Israel 2009 Road map ==

As the economic atmosphere becomes unstable, the hacking economics flourish, which makes open source initiatives such as OWASP virtually the only option we have to try to win this battle. OWASP Israel goals for 2009 are:

* A monthly meeting! We are looking for sponsors to host this meetings and presenters to speak in them.
* Translating the [[OWASP top 10 Hebrew|OWASP top 10 to Hebrew]].
* Getting more Israelis to be involved in international OWASP projects.
* The OWASP Israel conference 2009 around September.

If you have anything else on your mind, please speak up!

== Previous OWASP Israel Conferences and Meetings ==
; [[OWASP_Israel_2009_05|OWASP Israel May 2009 meeting]] was held at IBM in Park Azorim in Petach-Tikva on May 7th. The presentations were:
* Web-Based Man-in-the-Middle Attack, Adi Sharabani, IBM ([http://blog.watchfire.com/wfblog/2009/02/active-man-in-the-middle-attacks.html more info])
* Automation Attacks and Counter Measures, Ofer Shezaf, Xiom ([http://www.owasp.org/images/5/58/OWASP_Israel_-_May_2009_-_Ofer_Shezaf_-_Automation_Attacks.pdf presentation])
: [http://www.xiom.com/owasp-meeting-7-5-2009 Full details in Hebrew]

; [[OWASP_Israel_2009_03|OWASP Israel March 2009 meeting]] was held at the Tel-Aviv University on March 26th, with approximately 60 attendees. The presentations were:
* Securing cellular web applications, Mikko Saario, Founder, OWASP Finland, Security Architect, Large Telecom Solution Provider ([[Media:OWASP_Israel_-_March_2009_-_Mikko_Saario_-_Web_Application_Security_in_the_Mobile_World.pdf‎|download]])
* Real world implementation of a PCI DSS compliance key management, Yaron Hakon, [http://www.2bsecure.co.il 2bsecure] ([[Media:OWASP_Israel_-_March_2009_-_Yaron_Hakon_-_PCI_key_managment.pdf‎|download]])
* Detecting RFI attacks, Or Katz, [http://www.breach.com Breach Security] ([[Media:OWASP_Israel_-_March_2009_-_Or_Katz_-_RFI_detection.pdf‎|download]])
* WAFEC 2.0 - Do WAFs deliver?, Ofer Shezaf, [http://www.xiom.com Xiom] ([[Media:OWASP_Israel_-_March_2009_-_Ofer_Shezaf_-_Why_WAFs_fail.pdf‎|download]])
: [http://www.xiom.com/owasp-meeting-26-3-2009 Full details in Hebrew]

; [[OWASP_Israel_2009_01|OWASP Israel January 2009 meeting]] was held at Checkpoint on January 28th, with over a 100 people attending. The presentations were:
* Improving Web Application Firewall testing for better deployment in production network, Gregory Fresnais from BreakingPoint, visiting us from France ([[Media:OWASP_Israel_2009_01_Gregory_Fresnais_Measuring_WAF_Performance.pdf‎|download]])
* Web 2.0 Hacking, Nimrod Luria, Qrity ([[Media:OWASP_Israel_2009_01_Nimrod_Luria_Web_2.0_Security.pdf‎|download]])
* Wiki Security, Ofer Shezaf, Xiom ([http://www.xiom.com/research/wiki_security download])
: [http://www.xiom.com/owasp-meeting-28-1-2009 Full details in Hebrew]

; [[OWASP_Israel_2008_Conference_at_the_Interdisciplinary_Center_Herzliya|The OWASP Israel 2008 conference at the Interdisciplinary Center Herzliya (IDC)]] was held on September 14th with 250 attendees.

; OWASP Israel at the [http://www.idc.co.il/?showproduct=31108&content_lang=ENG IDC Security Road Show]
: OWASP sponsored the IDC Security Road Show event in Israel on June 3rd 2008. Thanks for Iris Lev-Ari and Tomer Teller for the help in the OWASP booth.

; [[OWASP_Israel_2007_Conference|OWASP Israel 2007 conference at the Interdisciplinary Center Herzliya (IDC)]]
: the 1st official OWASP conference in Israel, was held on Dec 3rd 2007 at the Interdisciplinary Center (IDC) Herzliya. The conference really set itself as an event you must come to if you have anything to do with application security. [ [http://picasaweb.google.com/oshezaf/OWASPIsrael2007 pictures from the conference]

; [[8th_OWASP_IL_chapter_meeting|8th OWASP IL chapter meeting]]
: The meeting was held at Watchfire on Septemner 5th 2007. Watchfire also sponsored the meeting. The meeting was part of [http://www.owasp.org/index.php/OWASP_Week_September_2007 OWASP week], a Worldwide OWASP one week of conferences on privacy in the 21st Century which is in turn OWASP contribution to the [http://www.globalsecurityweek.com/ Global Security Week].

; [[2nd_OWASP_IL_mini_conference|2nd OWASP IL mini conference at the Interdisciplinary Center (IDC) Herzliya, May 21th 2007]]
: [[Image:OWASP_IL_IDC.jpg|right]]The event was a huge success with nearly 200 people attending and 8 companies and organizations sponsoring the event (Breach Security, Checkpoint, Hacktics, Microsoft, Zend, 2Bsecure, F5 Networks and the Efi Arazi school of Computer Science at the IDC). [ [http://picasaweb.google.com/ao.barr/OWASPIDCILMay2007 pictures from the conference] ]

; [[6th_OWASP_IL_chapter_meeting Meeting|6th OWASP IL chapter meeting]]
: The meeting was held at Breach Security on January 24th 2007 and was sponsored by [http://www.breach.com Breach Security]. Nearly 50 people attended the meeting.

; [[1st_OWASP_IL_mini_conference|OWASP IL mini conference at the Interdisciplinary Center (IDC) Herzliya, November 13th 2006]]
: OWASP IL and the Interdisciplinary Center Herzliya (IDC) held a half day conference on application security on Nov 13th 2006. The event marked the establishment of a new academic program on information security in the net era at IDC's Efi Arazi School of Computer Science. More than 90! people attended the conference, enjoyed professional catering and heard no less than 7 presentations. The meeting was sponsored by Breach Security and Applicure.

; [[4th_OWASP_IL_chapter_meeting|4th OWASP IL chapter meeting]]
The meeting was help at Breach Security on July 26th 2005 and was sponsored by [http://www.breach.com Breach Security].

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2009-03-16T17:20:28Z

YossiOren: Added Herzberg video

[[Category:Israel]]
{{Template:OWASP_IL_2008_Sponsors}}

The OWASP Israel 2008 conference was held on September 14th at the Interdisciplinary Center Herzliya with 250 attendees. The agenda of the full day two track event can be found below.

== Agenda ==

{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>
|- style="font-size:11pt"
|style="color:#1F497D" width="68" height="15" align="right" valign="top" | 8:30-9:00
| width="291" valign="top" | Gathering and Socializing
| width="296" valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
| valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder ([ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Opening%20Words_chunk_1.wmv download video])
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Room #1
| valign="top" | Room #2

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Management Track
| valign="top" | Fundamentals Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
| valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] ([[Media:OWASP_IL_2008_Amichai_Shulman_BeyondGoogleHackingn.ppt|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_1.wmv video part 1], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_2.wmv video part 2]) Amichai Shulman, Imperva
| valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]] ([[Media:OWASP_IL_2008_Maty_Siman_Security_Code_Analysis.ppt‎|download ppt]]) Maty Siman, Checkmark

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] ([http://video.google.com/videoplay?docid=7068511159346934140 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ivan%20Ristic_chunk_1.wmv download video]) Ivan Ristic, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]] ([[Media:OWASP_IL_2008_Sharabani_BlackBox_Vs_WhiteBox.ppt‎|download ppt]]) Adi Sharabani & Yinnon Haviv, IBM

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 10:45-11:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
| valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] ([[Media:AppSecEU2008-WHID.ppt|ppt]], [http://video.google.com/videoplay?docid=9146476705062425935 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Shezaf%20Trends%202008_chunk_1.wmv download video]) Ofer Shezaf, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] ([[Media:OWASP IL 2008 David Movshovitz AJAX.ppt|download ppt]]) Dr. David Movshovitz, IDC

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
| valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testin g the Tester – Measuring Quality of Security Testing]] ([[Media:OWASP_IL_2008_Ofer_Maor_Testing_The_Tester.ppt‎|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Maor%20Testing%20The%20Tester_chunk_1.wmv download video]) Ofer Maor, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] ([[Media:OWASP_IL_2008_Yuli_Stremovsky.GreenSQL_Database_Firewall.ppt‎|download ppt]]) Yuli Stremovsky

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 12:30-13:15
| valign="top" colspan="2"| Lunch

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
|style="font-weight:bold" valign="top" | Advanced Technology Track
|style="font-weight:bold" valign="top" | Practical Technology Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
| valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] ([[Media:OWASP IL 2008 Shai Chen PT to Java Client Server Apps.ppt|ppt]], [http://video.google.com/videoplay?docid=3492299259825686414 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Shai%20Chen_chunk_1.wmv download video]) Shai Chen, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] ([[Media:OWASP_IL_2008_Amir_Herzberg_Defending_against_Phishing_without_Client-side_Code.ppt|ppt]], [http://video.google.com/videoplay?docid=6757165220729025774 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amir%20Herzberg.wmv download video]) Prof. Amir Herzberg, Bar-Ilan University

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 14:00-14:45
| valign="top" | [[OWASP_Israel_2008_Conference_Alon_Rosen|Cryptographic elections - how to simultaneously achieve verifiability and privacy]] ([[Media:OWASP_IL_2008_Alon_Resen_eVoting.pdf‎|download pdf]]) Dr. Alon Rosen, IDC
| valign="top" | [[OWASP_Israel_2008_Conference_Erez_Metula|.NET Framework rootkits - backdoors inside your Framework]] ([[Media:OWASP IL 2008 Erez Metula .NET Rootkits.ppt|download ppt]]) Erez Metula, 2Bsecure

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 14:45-15:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 15:00-15:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ronen_Bachar|Automated Crawling & Security Analysis of Flash/Flex based Web Applications]] ([[Media:OWASP_IL_2008_Ronen_Bachar_RIA.ppt‎|download ppt]]) Ronen Bachar, IBM
| valign="top" | [[OWASP_Israel_2008_Conference_Ohad_Ben_Cohen|Korset: Code-based Intrusion Detection System for Linux]] ([[Media:OWASP_IL_2008_Ohad_Ben_Cohen_Korset.pdf|download pdf]]) Ohad Ben-Cohen

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
| valign="top" colspan="2" | Turbo talks (Rump Session), Currently scheduled presentations:
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) ([[Media:OWASP_IL_2008_Yossi_Oren_APEG.ppt|download ppt]])
* Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning ([[Media:UnknownMalcodeDetection_OWASP-IL-08.pdf|download pdf]])
* Yaniv Miron, Comsec, UTF7 XSS ([[Media:OWASP_IL_2008_Yaniv_Miron_UTF7_XSS.ppt|download ppt]])
* Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths ([[Media:2008-09-14_OWASP_Israel_2008.ppt‎|download ppt]])

'''Closing Words, Ofer Shezaf'''
|}

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Shay Zalalichin (ComSec)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Neer Roggel, the technion
* Shay Shuker
* Ofer Shezaf (Breach Security)

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2009-03-16T13:57:31Z

YossiOren: Added 3 video links

[[Category:Israel]]
{{Template:OWASP_IL_2008_Sponsors}}

The OWASP Israel 2008 conference was held on September 14th at the Interdisciplinary Center Herzliya with 250 attendees. The agenda of the full day two track event can be found below.

== Agenda ==

{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>
|- style="font-size:11pt"
|style="color:#1F497D" width="68" height="15" align="right" valign="top" | 8:30-9:00
| width="291" valign="top" | Gathering and Socializing
| width="296" valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
| valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder ([ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Opening%20Words_chunk_1.wmv download video])
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Room #1
| valign="top" | Room #2

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Management Track
| valign="top" | Fundamentals Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
| valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] ([[Media:OWASP_IL_2008_Amichai_Shulman_BeyondGoogleHackingn.ppt|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_1.wmv video part 1], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_2.wmv video part 2]) Amichai Shulman, Imperva
| valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]] ([[Media:OWASP_IL_2008_Maty_Siman_Security_Code_Analysis.ppt‎|download ppt]]) Maty Siman, Checkmark

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] ([http://video.google.com/videoplay?docid=7068511159346934140 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ivan%20Ristic_chunk_1.wmv download video]) Ivan Ristic, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]] ([[Media:OWASP_IL_2008_Sharabani_BlackBox_Vs_WhiteBox.ppt‎|download ppt]]) Adi Sharabani & Yinnon Haviv, IBM

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 10:45-11:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
| valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] ([[Media:AppSecEU2008-WHID.ppt|ppt]], [http://video.google.com/videoplay?docid=9146476705062425935 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Shezaf%20Trends%202008_chunk_1.wmv download video]) Ofer Shezaf, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] ([[Media:OWASP IL 2008 David Movshovitz AJAX.ppt|download ppt]]) Dr. David Movshovitz, IDC

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
| valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testin g the Tester – Measuring Quality of Security Testing]] ([[Media:OWASP_IL_2008_Ofer_Maor_Testing_The_Tester.ppt‎|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Maor%20Testing%20The%20Tester_chunk_1.wmv download video]) Ofer Maor, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] ([[Media:OWASP_IL_2008_Yuli_Stremovsky.GreenSQL_Database_Firewall.ppt‎|download ppt]]) Yuli Stremovsky

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 12:30-13:15
| valign="top" colspan="2"| Lunch

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
|style="font-weight:bold" valign="top" | Advanced Technology Track
|style="font-weight:bold" valign="top" | Practical Technology Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
| valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] ([[Media:OWASP IL 2008 Shai Chen PT to Java Client Server Apps.ppt|ppt]], [http://video.google.com/videoplay?docid=3492299259825686414 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Shai%20Chen_chunk_1.wmv download video]) Shai Chen, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] ([[Media:OWASP_IL_2008_Amir_Herzberg_Defending_against_Phishing_without_Client-side_Code.ppt|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amir%20Herzberg.wmv download video]) Prof. Amir Herzberg, Bar-Ilan University

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 14:00-14:45
| valign="top" | [[OWASP_Israel_2008_Conference_Alon_Rosen|Cryptographic elections - how to simultaneously achieve verifiability and privacy]] ([[Media:OWASP_IL_2008_Alon_Resen_eVoting.pdf‎|download pdf]]) Dr. Alon Rosen, IDC
| valign="top" | [[OWASP_Israel_2008_Conference_Erez_Metula|.NET Framework rootkits - backdoors inside your Framework]] ([[Media:OWASP IL 2008 Erez Metula .NET Rootkits.ppt|download ppt]]) Erez Metula, 2Bsecure

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 14:45-15:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 15:00-15:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ronen_Bachar|Automated Crawling & Security Analysis of Flash/Flex based Web Applications]] ([[Media:OWASP_IL_2008_Ronen_Bachar_RIA.ppt‎|download ppt]]) Ronen Bachar, IBM
| valign="top" | [[OWASP_Israel_2008_Conference_Ohad_Ben_Cohen|Korset: Code-based Intrusion Detection System for Linux]] ([[Media:OWASP_IL_2008_Ohad_Ben_Cohen_Korset.pdf|download pdf]]) Ohad Ben-Cohen

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
| valign="top" colspan="2" | Turbo talks (Rump Session), Currently scheduled presentations:
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) ([[Media:OWASP_IL_2008_Yossi_Oren_APEG.ppt|download ppt]])
* Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning ([[Media:UnknownMalcodeDetection_OWASP-IL-08.pdf|download pdf]])
* Yaniv Miron, Comsec, UTF7 XSS ([[Media:OWASP_IL_2008_Yaniv_Miron_UTF7_XSS.ppt|download ppt]])
* Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths ([[Media:2008-09-14_OWASP_Israel_2008.ppt‎|download ppt]])

'''Closing Words, Ofer Shezaf'''
|}

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Shay Zalalichin (ComSec)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Neer Roggel, the technion
* Shay Shuker
* Ofer Shezaf (Breach Security)

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

File:UnknownMalcodeDetection OWASP-IL-08.pdf

2008-09-22T04:18:13Z

YossiOren:

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2008-09-22T04:16:50Z

YossiOren:

{{Template:OWASP_IL_2008_Sponsors}}

The OWASP Israel 2008 conference was held on September 14th at the Interdisciplinary Center Herzliya with 250 attendees. The agenda of the full day two track event can be found below.

== Agenda ==

{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>
|- style="font-size:11pt"
|style="color:#1F497D" width="68" height="15" align="right" valign="top" | 8:30-9:00
| width="291" valign="top" | Gathering and Socializing
| width="296" valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
| valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Room #1
| valign="top" | Room #2

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Management Track
| valign="top" | Fundamentals Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
| valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] ([[Media:OWASP_IL_2008_Amichai_Shulman_BeyondGoogleHackingn.ppt‎|download ppt)]] Amichai Shulman, Imperva
| valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]] Maty Siman, Checkmark

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] Ivan Ristic, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]] Adi Sharabani & Yinnon Haviv, IBM

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 10:45-11:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
| valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] ([[Media:AppSecEU2008-WHID.ppt|download ppt]]) Ofer Shezaf, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] ([[Media:OWASP IL 2008 David Movshovitz AJAX.ppt|download ppt]]) Dr. David Movshovitz, IDC

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
| valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testing the Tester – Measuring Quality of Security Testing]] Ofer Maor, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] ([[Media:OWASP_IL_2008_Yuli_Stremovsky.GreenSQL_Database_Firewall.ppt‎|download ppt]]) Yuli Stremovsky

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 12:30-13:15
| valign="top" colspan="2"| Lunch

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
|style="font-weight:bold" valign="top" | Advanced Technology Track
|style="font-weight:bold" valign="top" | Practical Technology Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
| valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] ([[Media:OWASP IL 2008 Shai Chen PT to Java Client Server Apps.ppt|download ppt]]) Shai Chen, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] ([[Media:OWASP_IL_2008_Amir_Herzberg_Defending_against_Phishing_without_Client-side_Code.ppt|download ppt]]) Prof. Amir Herzberg, Bar-Ilan University

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 14:00-14:45
| valign="top" | [[OWASP_Israel_2008_Conference_Alon_Rosen|Cryptographic elections - how to simultaneously achieve verifiability and privacy]] ([[Media:OWASP_IL_2008_Alon_Resen_eVoting.pdf‎|download pdf]]) Dr. Alon Rosen, IDC
| valign="top" | [[OWASP_Israel_2008_Conference_Erez_Metula|.NET Framework rootkits - backdoors inside your Framework]] ([[Media:OWASP IL 2008 Erez Metula .NET Rootkits.ppt|download ppt]]) Erez Metula, 2Bsecure

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 14:45-15:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 15:00-15:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ronen_Bachar|Automated Crawling & Security Analysis of Flash/Flex based Web Applications]] ([[Media:OWASP_IL_2008_Ronen_Bachar_RIA.ppt‎|download ppt]]) Ronen Bachar, IBM
| valign="top" | [[OWASP_Israel_2008_Conference_Ohad_Ben_Cohen|Korset: Code-based Intrusion Detection System for Linux]] ([[Media:OWASP_IL_2008_Ohad_Ben_Cohen_Korset.pdf|download pdf]]) Ohad Ben-Cohen

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
| valign="top" colspan="2" | Turbo talks (Rump Session), Currently scheduled presentations:
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) ([[Media:OWASP_IL_2008_Yossi_Oren_APEG.ppt|download ppt]])
* Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning ([[Media:UnknownMalcodeDetection_OWASP-IL-08.pdf|download pdf]])
* Yaniv Miron, Comsec, UTF7 XSS ([[Media:OWASP_IL_2008_Yaniv_Miron_UTF7_XSS.ppt|download ppt]])
* Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths ([[Media:2008-09-14_OWASP_Israel_2008.ppt‎|download ppt]])

'''Closing Words, Ofer Shezaf'''
|}

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Shay Zalalichin (ComSec)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Neer Roggel, the technion
* Shay Shuker
* Ofer Shezaf (Breach Security)

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

File:OWASP IL 2008 Yossi Oren APEG.ppt

2008-09-15T17:43:55Z

YossiOren:

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2008-09-15T17:32:04Z

YossiOren:

{{Template:OWASP_IL_2008_Sponsors}}

The OWASP Israel 2008 conference was held on September 14th at the Interdisciplinary Center Herzliya with 250 attendees. The agenda of the full day two track event can be found below.

== Agenda ==

{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>
|- style="font-size:11pt"
|style="color:#1F497D" width="68" height="15" align="right" valign="top" | 8:30-9:00
| width="291" valign="top" | Gathering and Socializing
| width="296" valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
| valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Room #1
| valign="top" | Room #2

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Management Track
| valign="top" | Fundamentals Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
| valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] ([[Media:AppSecEU08-BeyondGoogleHacking-AmichaiShulman.ppt|download ppt)]] Amichai Shulman, Imperva
| valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]] Maty Siman, Checkmark

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] Ivan Ristic, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]] Adi Sharabani & Yinnon Haviv, IBM

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 10:45-11:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
| valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] ([[Media:AppSecEU2008-WHID.ppt|download ppt]]) Ofer Shezaf, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] Dr. David Movshovitz, IDC

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
| valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testing the Tester – Measuring Quality of Security Testing]] Ofer Maor, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] ([[Media:OWASP_IL_2008_Yuli_Stremovsky.GreenSQL_Database_Firewall.ppt‎|download ppt]]) Yuli Stremovsky

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 12:30-13:15
| valign="top" colspan="2"| Lunch

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
|style="font-weight:bold" valign="top" | Advanced Technology Track
|style="font-weight:bold" valign="top" | Practical Technology Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
| valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] ([[Media:OWASP IL 2008 Shai Chen PT to Java Client Server Apps.ppt|download ppt]]) Shai Chen, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] ([[Media:OWASP_IL_2008_Amir_Herzberg_Defending_against_Phishing_without_Client-side_Code.ppt|download ppt]]) Prof. Amir Herzberg, Bar-Ilan University

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 14:00-14:45
| valign="top" | [[OWASP_Israel_2008_Conference_Alon_Rosen|Cryptographic elections - how to simultaneously achieve verifiability and privacy]] Dr. Alon Rosen, IDC
| valign="top" | [[OWASP_Israel_2008_Conference_Erez_Metula|.NET Framework rootkits - backdoors inside your Framework]] ([[Media:OWASP IL 2008 Erez Metula .NET Rootkits.ppt|download ppt]]) Erez Metula, 2Bsecure

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 14:45-15:00
| valign="top" colspan="2"| Break

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 15:00-15:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ronen_Bachar|Automated Crawling & Security Analysis of Flash/Flex based Web Applications]] ([[Media:OWASP_IL_2008_Ronen_Bachar_RIA.ppt‎|download ppt]]) Ronen Bachar, IBM
| valign="top" | [[OWASP_Israel_2008_Conference_Ohad_Ben_Cohen|Korset: Code-based Intrusion Detection System for Linux]] Ohad Ben-Cohen

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
| valign="top" colspan="2" | Turbo talks (Rump Session), Currently scheduled presentations:
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) ([[Media:OWASP_IL_2008_Yossi_Oren_APEG.ppt‎|download ppt]])
* Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning
* Yaniv Miron, Comsec, UTF7 XSS ([[Media:OWASP_IL_2008_Yaniv_Miron_UTF7_XSS.ppt‎|download ppt]])
* Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths

'''Closing Words, Ofer Shezaf'''
|}

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Shay Zalalichin (ComSec)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Neer Roggel, the technion
* Shay Shuker
* Ofer Shezaf (Breach Security)

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

User:YossiOren

2008-09-12T15:01:01Z

YossiOren: New page: [http://www.linkedin.com/in/yossioren Yossi Oren on LinkedIn] [http://iss.oy.ne.ro Yossi Oren's home page]

[http://www.linkedin.com/in/yossioren Yossi Oren on LinkedIn]

[http://iss.oy.ne.ro Yossi Oren's home page]

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2008-09-12T12:36:44Z

YossiOren:

{{Template:OWASP_IL_2008_Sponsors}}

== Time and Location ==

The OWASP Israel 2008 conference will be held on September 14th at the Interdisciplinary Center Herzliya from 8:30 to 17:00. This time we are raising the bar and will be holding a full day '''two tracks''' event. The tracks would be split according by level: a beginners track and an experts track.

You can find the IDC on
[http://local.google.com/maps?f=q&hl=en&q=%D7%94%D7%9E%D7%A8%D7%9B%D7%96+%D7%94%D7%91%D7%99%D7%9F+%D7%AA%D7%97%D7%95%D7%9E%D7%99+%D7%94%D7%A8%D7%A6%D7%9C%D7%99%D7%94,+%D7%94%D7%A8%D7%A6%D7%9C%D7%99%D7%94,+Israel&sll=32.166567,34.812605&sspn=0.007974,0.019312&ie=UTF8&cd=1&geocode=FbD26gEdeo0TAg&ll=32.177047,34.835844&spn=0.007973,0.019312&z=16&iwloc=addr Google map] or use the [http://portal.idc.ac.il/he/Main/about_idc/campus_tour/Pages/MapsDirections.aspx instructions] on the IDC web site. Signs at the Campus will lead you the conference halls.

== Registration ==

The conference is '''free and open to all''', but please register by sending an e-mail to me at ofer@shezaf.com. We need to know how many people will arrive in order to be prepared.

== Agenda ==

{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>
|- style="font-size:11pt"
|style="color:#1F497D" width="68" height="15" align="right" valign="top" | 8:30-9:00
| width="291" valign="top" | Gathering and Socializing
| width="296" valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
| valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Room #1
| valign="top" | Room #2

|- style="font-size:11pt;font-weight:bold"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" | Management Track
| valign="top" | Fundamentals Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
| valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] Amichai Shulman, Imperva
| valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]] Maty Siman, Checkmark

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] Ivan Ristic, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]] Adi Sharabani & Yinnon Haviv, IBM

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 10:45-11:00
| valign="top" colspan="2"| Break
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
| valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] Ofer Shezaf, Breach Security
| valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] Dr. David Movshovitz, IDC

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
| valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testing the Tester – Measuring Quality of Security Testing]] Ofer Maor, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] Yuli Stremovsky

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 12:30-13:15
| valign="top" colspan="2"| Lunch
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
| valign="top" |  
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" |  
|style="font-weight:bold" valign="top" | Advanced Technology Track
|style="font-weight:bold" valign="top" | Practical Technology Track

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
| valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] Shai Chen, Hacktics
| valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] Prof. Amir Herzberg, Bar-Ilan University

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 14:00-14:45
| valign="top" | [[OWASP_Israel_2008_Conference_Alon_Rosen|Cryptographic elections - how to simultaneously achieve verifiability and privacy]] Dr. Alon Rosen, IDC
| valign="top" | [[OWASP_Israel_2008_Conference_Erez_Metula|.NET Framework rootkits - backdoors inside your Framework Erez Metula, 2Bsecure]]

|- style="font-size:11pt"
|style="color:#1F497D" height="15" align="right" valign="top" | 14:45-15:00
| valign="top" colspan="2"| Break
| valign="top" |  

|- style="font-size:11pt"
|style="color:#1F497D" height="45" align="right" valign="top" | 15:00-15:45
| valign="top" | [[OWASP_Israel_2008_Conference_Ronen_Bachar|Automated Crawling & Security Analysis of Flash/Flex based Web Applications]] Ronen Bachar, IBM
| valign="top" | [[OWASP_Israel_2008_Conference_Ohad_Ben_Cohen|Korset: Code-based Intrusion Detection System for Linux]] Ohad Ben-Cohen

|- style="font-size:11pt"
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
| valign="top" | Turbo talks (Rump Session), Currently scheduled presentations:
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG)
* Avi Weissman, הצגת הפורום הישראלי לאבטחת מידע
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning
* Yaniv Meron, UTF7 Evasion
* Avi Douglan, CAPTCHA

'''Closing Words, Ofer Shezaf'''
|}

== Call for participation ==

Being a community event, we are staring a call for involvement, which means it is the time to speak up if you want to:

* [[OWASP_Israel_2008_Conference_Turbo_Talks|Turbo Talk (Rump) Session]] - a new feature in this conference, consisting of a series of 5-minute talks.
: The deadline for submissions for the rump session is '''Monday, September 8, 2008'''.
* [[OWASP IL Sponsorship|Call for sponsors]]
* Help in organizing
* Otherwise participate (plenty of time for that, but if you know you will come, speak up)

'''This is also a good time to raise other ideas you have regarding the conference'''. Many of you have been to previous conferences and have great ideas, so don't be shy and speak up.

== Agenda ==

The [[OWASP_IL_CFP|CFP]] is underway and the program would be published by mid August.

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Shay Zalalichin (ComSec)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Daniel Kallner
* Ofer Shezaf (Breach Security)
* Shay Shuker

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2008-09-02T11:47:09Z

YossiOren: Added that the conference is free - people weren't sure

{{Template:OWASP_IL_2008_Sponsors}}

== General ==

The OWASP Israel 2008 conference will be held on September 14th at the Interdisciplinary Center Herzliya. This time we are raising the bar and will be holding a full day '''two tracks''' event. The tracks would be split according by level: a beginners track and an experts track.

== Registration ==

The conference is '''free and open to all''', but please register by sending an e-mail to me at ofer@shezaf.com. We need to know how many people will arrive in order to be prepared.

== Agenda ==

(Not final, minor changes and additions possible)

{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>

|- style="background-color:#000000;font-size:11pt;font-weight:bold;color:#FFFFFF" valign="top"

| width="315" height="16" | Title

| width="156" | Presentation

| width="91" | Copmany
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | .NET Framework rootkits - backdoors inside your Framework

| Erez Metula

| 2Bsecure
|- style="font-size:11pt" valign="top"

| height="30" | No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling

| Ivan Ristic

| Breach
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | Trends in Web Hacking: What's hot in 2008

| Ofer Shezaf

| Breach
|- style="font-size:11pt" valign="top"

| height="30" | Web Application Security and Search Engines – Beyond Google Hacking

| Amichai Shulman

| Imperva
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | GreenSQL - an open source database security gateway

| Yuli Stremovsky

|  
|- style="font-size:11pt" valign="top"

| height="15" | eVoting

| Dr. Alon Roser

| IDC
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | Black Box vs. White Box - pros and cons

| Adi Sharabani & Omri Weisman

| Watchfire
|- style="font-size:11pt" valign="top"

| height="15" | Testing the Tester – Measuring Quality of Security Testing

| Ofer Maor

| Hacktics
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | Achilles’ heel – Hacking Through Java Protocols

| Shai Chen

| Hacktics
|- style="font-size:11pt" valign="top"

| height="15" | Defending against Phishing without Client-side Code

| Prof. Amir Herzberg

| Bar Ilan Univeristy
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="30" | Automated Crawling & Security Analysis of Flash/Flex based Web Applications

| Ronen Bachar

| IBM/Watchfire
|- style="font-size:11pt" valign="top"

| height="15" | Application Security - The code analysis way

| Maty Siman

| Checkmarx
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | AJAX - new technologies new threats

| Dr. David Movshovitz

| IDC
|- style="font-size:11pt" valign="top"

| height="16" | Korset: Code-based Intrusion Detection System for Linux

| Ohad Ben-Cohen

|  
|}

Note that the [[OWASP_Israel_2008_Conference_Turbo_Talks|Turbo Talk (Rump) Session]] is still open for submissions.

== Call for participation ==

Being a community event, we are staring a call for involvement, which means it is the time to speak up if you want to:

* [[OWASP_Israel_2008_Conference_Turbo_Talks|Turbo Talk (Rump) Session]] - a new feature in this conference, consisting of a series of 5-minute talks.
: The deadline for submissions for the rump session is '''Monday, September 8, 2008'''.
* [[OWASP IL Sponsorship|Call for sponsors]]
* Help in organizing
* Otherwise participate (plenty of time for that, but if you know you will come, speak up)

'''This is also a good time to raise other ideas you have regarding the conference'''. Many of you have been to previous conferences and have great ideas, so don't be shy and speak up.

== Agenda ==

The [[OWASP_IL_CFP|CFP]] is underway and the program would be published by mid August.

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Shay Zalalichin (ComSec)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Daniel Kallner
* Ofer Shezaf (Breach Security)
* Shay Shuker

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2008-09-02T09:50:18Z

YossiOren: help->held

{{Template:OWASP_IL_2008_Sponsors}}

== General ==

The OWASP Israel 2008 conference will be held on September 14th at the Interdisciplinary Center Herzliya. This time we are raising the bar and will be holding a full day '''two tracks''' event. The tracks would be split according by level: a beginners track and an experts track.

== Agenda ==

(Not final, minor changes and additions possible)

{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>

|- style="background-color:#000000;font-size:11pt;font-weight:bold;color:#FFFFFF" valign="top"

| width="315" height="16" | Title

| width="156" | Presentation

| width="91" | Copmany
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | .NET Framework rootkits - backdoors inside your Framework

| Erez Metula

| 2Bsecure
|- style="font-size:11pt" valign="top"

| height="30" | No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling

| Ivan Ristic

| Breach
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | Trends in Web Hacking: What's hot in 2008

| Ofer Shezaf

| Breach
|- style="font-size:11pt" valign="top"

| height="30" | Web Application Security and Search Engines – Beyond Google Hacking

| Amichai Shulman

| Imperva
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | GreenSQL - an open source database security gateway

| Yuli Stremovsky

|  
|- style="font-size:11pt" valign="top"

| height="15" | eVoting

| Dr. Alon Roser

| IDC
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | Black Box vs. White Box - pros and cons

| Adi Sharabani & Omri Weisman

| Watchfire
|- style="font-size:11pt" valign="top"

| height="15" | Testing the Tester – Measuring Quality of Security Testing

| Ofer Maor

| Hacktics
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | Achilles’ heel – Hacking Through Java Protocols

| Shai Chen

| Hacktics
|- style="font-size:11pt" valign="top"

| height="15" | Defending against Phishing without Client-side Code

| Prof. Amir Herzberg

| Bar Ilan Univeristy
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="30" | Automated Crawling & Security Analysis of Flash/Flex based Web Applications

| Ronen Bachar

| IBM/Watchfire
|- style="font-size:11pt" valign="top"

| height="15" | Application Security - The code analysis way

| Maty Siman

| Checkmarx
|- style="background-color:#D8D8D8;font-size:11pt" valign="top"

| height="15" | AJAX - new technologies new threats

| Dr. David Movshovitz

| IDC
|- style="font-size:11pt" valign="top"

| height="16" | Korset: Code-based Intrusion Detection System for Linux

| Ohad Ben-Cohen

|  
|}

Note that the [[OWASP_Israel_2008_Conference_Turbo_Talks|Turbo Talk (Rump) Session]] is still open for submissions.

== Call for participation ==

Being a community event, we are staring a call for involvement, which means it is the time to speak up if you want to:

* [[OWASP_Israel_2008_Conference_Turbo_Talks|Turbo Talk (Rump) Session]] - a new feature in this conference, consisting of a series of 5-minute talks.
: The deadline for submissions for the rump session is '''Monday, September 8, 2008'''.
* [[OWASP IL Sponsorship|Call for sponsors]]
* Help in organizing
* Otherwise participate (plenty of time for that, but if you know you will come, speak up)

'''This is also a good time to raise other ideas you have regarding the conference'''. Many of you have been to previous conferences and have great ideas, so don't be shy and speak up.

== Agenda ==

The [[OWASP_IL_CFP|CFP]] is underway and the program would be published by mid August.

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Shay Zalalichin (ComSec)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Daniel Kallner
* Ofer Shezaf (Breach Security)
* Shay Shuker

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

OWASP IL Sponsorship

2008-07-26T21:50:30Z

YossiOren:

OWASP is an open source organization. While our activities are free for all, we can use your help to make our activities better. We are open to any sponsorship ideas that you may have. This are some simple ways in which you can help us:

== Commercial Sponsoring an OWASP IL conference ==

{|
|-valign="top"
| OWASP Israeli chapter holds a conference usually twice a year usually together with the Efi Arazi Computer Science School at the the Interdisciplinary Center (IDC) Herzliya. These [http://www.owasp.org.il conferences] where very successful and a large number of people.

We encourage company's to sponsor our conferences and help pay for such expenses such as refreshments, photography, video etc. The conferences are not commercial and the cost goes directly to cover expenses. Actually we just split the bills between the sponsors, but not more than $500 for each sponsor. At OWASP Israel 2007, the actual sum was $300 per sponsor.

'''Past sponsors include Checkpoint, Microsoft, F5, Breach Security, Hacktics, 2bsecure, GamaSec, Applicure & Zend'''
=== What do you get for sponsoring ===
* Many thanks, and hopefully a very good feeling of helping the community.

* A table top style mini booth where you can put up a "roll up" poster or two and hand out your brochures and freebies.

* Logo on the conference page.

* If there is something specific that you may want else and is within the OWASP guideline tell me.

=== What you don't get ===
* List of people registering. You can collect yourself in the booth, for example by offering a prize for people filling in details.

* A lecture for money. The conference program is strictly selected on professional terms.
| https://www.owasp.org/images/9/96/OWASP_IL_Conf_graphics_small.jpg
|}

=== What do we need your money for ===

OWASP is very strictly non for profit. We take your money to help make our events more compelling to the audience while striving to make them free for participants. We want more people to come to our events so we can educate them about making applications more secure.

We use the money collected from sponsors for things such as:

* '''Lecture videos''' - filming presentations enables them to be available also to people who cannot make it to the conference.

* '''Refreshments''' - we want to keep people a long time, and we certainly bring good and interesting speakers, yet we don't want people to go home when they become hungry.

* '''Name tags''' - we feel that getting to know each other is important and name tags make it possible.

* '''Promotion''' - Up to now our events are propagating by word of mouth. We would like to get to a wider audience by advertising our events.

* '''Printed Materials''' - We are not very keen on killing trees, but some people learn more from actual printed paper. We would like to start handing out printed materials in out conferences.

By the way, if you feel that you can contribute to any of these in anyway besides money, we will be happy to here about it.

=== What should you prepare as a sponsor ===
As a sponsor, you are not oblidged to do anything. Sponsorship can be a philanthropy. However in order to take advantage of the benefits listed above, we recommend the following:

* Send us a logo file to put on the conference web page.

* Prepare a roll up type poster or equivalent for your table top booth.

* Prepare brochures for handling out to conference attendees.

* You might also want hold a sweepstake between people who fill in their details in order to collect leads. We will be happy to announce the prize on the conference page.

* Come 30 minutes before the conference starts to setup your booth.

for further details contact [mailto:ofer@shezaf.com me].

== Non for Profit/Barter Sponsorship of OWASP IL Conferences ==

We are happy to allow any information security related non for profit organization to present at our conference expo. You will get, for free, the same benefits that the commercial vendors get. The only condition is that if you hold similar events we would like to present at those events in return.

We extend the same type of barter to commercial organizations that hold events. If you organize an information security related event, we would let you promote it in our expo in return for having presence in your event.

Contact [mailto:ofer@shezaf.com me] for further details.

== Hosting a meeting ==

We also host regular meetings and look for companies to host of sponsor these meetings. A company that hosts such a meeting is responsible for a meeting location and the refreshments. We need a room that can host up to 50 people. Pizza and drinks are the common refreshments, but alternatives are also OK. Keep in mind that food should be Kosher.

If you want to host such a meeting, contact me [mailto:ofer@shezaf.com me].

== OWASP Membership ==

In addition to sponsoring OWASP Israel, you can also join OWASP as a member. For details, please refer to [http://www.owasp.org/index.php/Membership this page].
[[Category:OWASP Israel Meetings]]

Category:OWASP Israel Meetings

2008-07-26T21:45:53Z

YossiOren: New page:

OWASP IL CFP

2008-07-26T21:40:19Z

YossiOren:

== OWASP IL 2008 CFP schedule ==

The deadline for submissions for OWASP IL 2008 is Monday, August 4th 2008. We will be informing submitters on acceptance starting on the 4th and no later than August 15th.

== Submitting presentations ==

We always welcome presentations, if for a specific event or generally for a future meeting. We favor presentations on web application security and accept from time to time presentations on related subjects. For conferences we may select an exceptional presentation about information security in general.

If you want to submit, please send an e-mail to ofer@shezaf.com with the following details:

* The presentation title.
* An abstract (couple of paragraphs).
* Estimated length.
* A short bio of the presenter.

We prefer submissions that include more detailed information such as actual slides, a paper or an outline. In certain cases we would ask for such information since we feel the abstract does not provide enough information for evaluating the presentation.

== Editorial committee ==

We have established a content committee to review the presentations. The committee would select the presentations and in some cases will work with presenters to ensure that a presentation fits an OWASP conference. Examples of such cases are:

* From past experience we know that some presenters have very interesting things to say, but lack the experience to build a short and compelling presentation for a large audience.
* At times we like the presentation but would like to ensure that it is not commercial.
* When selecting a subject related to web application security we may want to help the presenter in focusing on the web application security aspect of his presentation.

Naturally in such cases we would need the full presentation well in advance.

== Preparing for the event ==

In any case we will require the presentation to be available to us prior to the event (specific date would be set for each event). On the day of the event please be at the conference at least 45 minutes before your presentation.

[[Category:OWASP Israel 2008]]

OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)

2008-07-26T21:39:33Z

YossiOren:

{{Template:OWASP_IL_2008_Sponsors}}

== General ==

The OWASP Israel 2008 conference will be help on September 14th at the Interdisciplinary Center Herzliya. This time we are raising the bar and will be holding a full day '''two tracks''' event. The tracks would be split according by level: a beginners track and an experts track.

== Call for participation ==

Being a community event, we are staring a call for involvement, which means it is the time to speak up if you want to:

* [[OWASP_IL_CFP|Call for presenters]]
: The deadline for submissions for OWASP IL 2008 is '''Monday, August 4th 2008'''. We will be informing submitters on acceptance starting on the 4th and no later than August 15th
* [[OWASP_Israel_2008_Conference_Turbo_Talks|Turbo Talk (Rump) Session]] - a new feature in this conference, consisting of a series of 5-minute talks.
: The deadline for submissions for the rump session is '''Monday, September 8, 2008'''.
* [[OWASP IL Sponsorship|Call for sponsors]]
* Help in organizing
* Otherwise participate (plenty of time for that, but if you know you will come, speak up)

'''This is also a good time to raise other ideas you have regarding the conference'''. Many of you have been to previous conferences and have great ideas, so don't be shy and speak up.

== Agenda ==

The [[OWASP_IL_CFP|CFP]] is underway and the program would be published by mid August.

== The people behind the conference ==

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

=== Steering Committee ===

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

* Adi Sharabani (IBM)
* Dr. David Movshovitz (Interdisciplinary Center Herzliya)
* Ofer Maor (Hacktics)
* Ofer Shezaf (Breach Security)
* Ory Segal (IBM)
* Yossi Oren (Proxy Software Systems)

=== Organization Committee ===

The organization committee is in charge of making this all happen:

* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Daniel Kallner
* Ofer Shezaf (Breach Security)
* Shay Shuker

~ [[User:Oshezaf|Ofer Shezaf]],Conference Chair 
[mailto:ofer@shezaf.com ofer@shezaf.com]

[[Category:OWASP Israel 2008]]

Category:OWASP Israel 2008

2008-07-26T21:13:27Z

YossiOren: New page: Category:OWASP Israel Meetings

[[Category:OWASP Israel Meetings]]

OWASP Israel 2008 Conference Turbo Talks

2008-07-26T21:08:54Z

YossiOren:

== Introduction ==

This year OWASP IL will include for the first time a Turbo Talk session (a.k.a. rump session), inspired by the [http://www.iacr.org/conferences/crypto2007/rump.html CRYPTO conference rump sessions] and by the [http://ignite.oreilly.com/ O'Reilly IGNITE sessions]. Quoting from the [http://www.iacr.org/conferences/crypto2007/rump.html CRYPTO 2007 rump session CFP]:
:''"This is intended to be an informal session in which participants give short and entertaining presentations on recent results, work in progress, and other topics of interest to the community. Presentations that are not purely technical in nature are also possible – and encouraged!"''

== Rules ==
Each presenter will have no more than 20 slides, which should automatically rotate after 15 seconds (for a total of under '''5 minutes per talk''').

Topics can include:

* Recent interesting Web Application Security results and works in progress. General Information Security results are also welcome, as long as they are '''very''' interesting.
* Important announcements relevant to the Israeli Web Application Security community.
* Crazy ideas for a start-up (regardless of whether it already exists or not).
* Interesting geeky activities.
* Singing, dancing and shenanigans.

Topics '''cannot''' include:

* Shameless plugs for your new WAF, which is amazingly better than other WAFs.
* Politics and gambling.

Here are some good talks for reference:

* [http://blip.tv/file/199649/ http://blip.tv/file/199649/] (topic of interest)
* [http://www.youtube.com/watch?v=WzJ114Masw0 http://www.youtube.com/watch?v=WzJ114Masw0] (recent result)
* [http://www.iacr.org/conferences/crypto2005/r/12.mov http://www.iacr.org/conferences/crypto2005/r/12.mov] (announcement)
* [http://www.youtube.com/watch?v=b2m7Fm1I1HU http://www.youtube.com/watch?v=b2m7Fm1I1HU] (singing, dancing and shenanigans, except there's no dancing)

== Submitting Presentations ==

The rump session chair is [http://iss.oy.ne.ro/ Yossi Oren]. If you want to submit a talk, please fill out [http://spreadsheets.google.com/viewform?key=piN5RsLRYCElGkkC8da17Ew&hl=en this online form]. For comments and suggestions, please write to [mailto:owasp2008rump@oy.ne.ro owasp2008rump@oy.ne.ro].

The deadline for registration is '''September 8, 2008''' - less than a week before the conference. We hope to have about 10 talks which should make up a very interesting hour!

[[Category:OWASP Israel 2008]]

OWASP Israel 2008 Conference Turbo Talks

2008-07-23T08:28:06Z

YossiOren: Fixed links