This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit
OWASP Israel 2010 01
The meeting will be held at 17:00 on Tuesday, Jan 12th, 2010.
Location: Breach Security, 11 Bareket St., Herzliya (Sixth floor).
17:00 - 17:20 : Gathering, Mingling & Food
17:20 - 17:30 : Opening Notes
Ofer Maor, Hacktics
17:30 - 18:10 : Top 5 Security Trends for 2010
Noa Bar-Yosef, Imperva
As we approach a new decade, battle lines have been firmly drawn between organizations seeking to protect their most sensitive data and dangerous cyber-criminals intent on attacking that data. Join Noa Bar-Yosef for this informative talk in which she discusses the predictions for the five most important security trends to watch for in 2010.
18:10 - 18:40 : WAFs in the Cloud
Ofer Shezaf, Better Place
Like any other new concept, cloud computing presents challenges in many different areas. Since many cloud based applications are web based, Web Application Firewalls (WAFs) is a technology that we need to adapt to cloud computing. In the presentation we will discuss two aspects of integrating WAFs into cloud computing: on the one hand WAF as a service, and on the other hand how to protect a cloud based web service, with a cloud based WAF or without it. We shall examine the pros and cons of a cloud based WAF and look into existing WAF services such as Akamai and Art of Defense. We shall compare them to regular WAF solutions as well as to alternative methods for protecting cloud based services such as virtual WAF or a host based WAF.
18:40 - 19:00 : Advanced Heap Spraying Techniques
Moshe Ben Abu, Recognize Security
Heap Spraying is the de-facto method for executing arbitrary commands on web browsers and components (Java, Flash, etc). The known methods so far for Heap Spraying are using JavaScript, Flash, Java and .NET DLL memory techniques. In this presentation Moshe Ben Abu will present new methods & techniques for Heap Spraying developed by him, such as using bitmap files, Silverlight and more.