https://wiki.owasp.org/index.php?action=history&feed=atom&title=OWASP_Bucharest_AppSec_Conference_2018_Talks
OWASP Bucharest AppSec Conference 2018 Talks - Revision history
2026-04-29T11:48:11Z
Revision history for this page on the wiki
MediaWiki 1.27.2
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=244690&oldid=prev
Oana Cornea at 16:52, 28 October 2018
2018-10-28T16:52:50Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 16:52, 28 October 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l21" >Line 21:</td>
<td colspan="2" class="diff-lineno">Line 21:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:45 - 10.30<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:45 - 10.30<br>(45 mins)  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Tales of Practical Android Penetration Testing (Mobile Pentest Toolkit)</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">[https://www.owasp.org/images/4/4b/OWASP-Tales-of-practical-penetration-testing.pdf </ins>Tales of Practical Android Penetration Testing (Mobile Pentest Toolkit)<ins class="diffchange diffchange-inline">]</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://www.linkedin.com/in/alexander-subbotin-11290510a Alexander Subbotin]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://www.linkedin.com/in/alexander-subbotin-11290510a Alexander Subbotin]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | A vast number of open source tools and commercial products has been developed to support the security analysis of mobile apps. It has become a great challenge for a penetration tester to choose suitable or the best tools and the adequate pentest environment/distribution. And even when the test tools have been chosen, the problem remains that most of the tools only offer a CLI interface and that their usage can be very time consuming.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | A vast number of open source tools and commercial products has been developed to support the security analysis of mobile apps. It has become a great challenge for a penetration tester to choose suitable or the best tools and the adequate pentest environment/distribution. And even when the test tools have been chosen, the problem remains that most of the tools only offer a CLI interface and that their usage can be very time consuming.</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l27" >Line 27:</td>
<td colspan="2" class="diff-lineno">Line 27:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 10:45 - 11.30<br>(45 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 10:45 - 11.30<br>(45 mins)</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Breaking the Apple iOS Sandbox</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">[https://www.owasp.org/images/6/65/OWASP_Bucharest_AppSec_2018_-_Breaking_the_iOS_Sandbox_-_Razvan_Deaconescu.pdf </ins>Breaking the Apple iOS Sandbox<ins class="diffchange diffchange-inline">]</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://ro.linkedin.com/in/razvandeaconescu Razvan Deaconescu]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://ro.linkedin.com/in/razvandeaconescu Razvan Deaconescu]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | Apple iOS uses sandboxing to confine apps to certain calls they can make to services and the kernel. Apps are attached a sandbox profile: a set of rules that allow or deny actions. All 3rd party apps (i.e. downloaded from the AppStore) use the same sandbox profile (container). Sandbox profiles are stored as binary blobs in the iOS kernel. <br></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | Apple iOS uses sandboxing to confine apps to certain calls they can make to services and the kernel. Apps are attached a sandbox profile: a set of rules that allow or deny actions. All 3rd party apps (i.e. downloaded from the AppStore) use the same sandbox profile (container). Sandbox profiles are stored as binary blobs in the iOS kernel. <br></div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l33" >Line 33:</td>
<td colspan="2" class="diff-lineno">Line 33:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 11:45 - 12.30<br>(45 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 11:45 - 12.30<br>(45 mins)</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Evading your protection and exfiltrate data</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">[https://www.owasp.org/images/f/fe/OWASP_Cosmin_Radu_2018.pptx </ins>Evading your protection and exfiltrate data<ins class="diffchange diffchange-inline">]</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://www.linkedin.com/in/cosminradu13 Cosmin Alexandru Radu]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://www.linkedin.com/in/cosminradu13 Cosmin Alexandru Radu]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |Evading your protection and exfiltrate data</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |Evading your protection and exfiltrate data</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l47" >Line 47:</td>
<td colspan="2" class="diff-lineno">Line 47:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 14:20 - 15:05<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 14:20 - 15:05<br>(45 mins)  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | AWS VMS</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">[https://www.owasp.org/images/7/77/OWASP_Gabriel_Pilat_talk.pptx </ins>AWS VMS<ins class="diffchange diffchange-inline">]</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://ro.linkedin.com/in/gabriel-pilat-3053229b Gabriel Pilat]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://ro.linkedin.com/in/gabriel-pilat-3053229b Gabriel Pilat]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | This presentation looks at how Vulnerability Management is generally performed (Scanning, Asset management, Reporting, TI etc. ), how it can be performed in the Amazon Cloud ( Deploy scanners, Use Integrated scanner, etc), the possibilities of automation Amazon offers and ways to integrate it with 3rd party tools such as Qualys. General AWS architecture, security services and benefits, inherited security flaws, issues and limitations encountered.  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | This presentation looks at how Vulnerability Management is generally performed (Scanning, Asset management, Reporting, TI etc. ), how it can be performed in the Amazon Cloud ( Deploy scanners, Use Integrated scanner, etc), the possibilities of automation Amazon offers and ways to integrate it with 3rd party tools such as Qualys. General AWS architecture, security services and benefits, inherited security flaws, issues and limitations encountered.  </div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l61" >Line 61:</td>
<td colspan="2" class="diff-lineno">Line 61:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 16:05 - 16:50<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 16:05 - 16:50<br>(45 mins)  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | DevSecOps Use Case: Automate Early… But Securely</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">[https://www.owasp.org/images/8/82/OWASP-SB.pptx </ins>DevSecOps Use Case: Automate Early… But Securely<ins class="diffchange diffchange-inline">]</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Serban Bejan</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Serban Bejan</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |In today’s increasingly digitalized world, the need for security in DevOps is met by a new concept, called DevSecOps. Aimed at creating and including modern security practices that can be incorporated into the fast and agile world of DevOps, DevSecOps is, in fact, an extension of DevOps’ main goal. <br>  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |In today’s increasingly digitalized world, the need for security in DevOps is met by a new concept, called DevSecOps. Aimed at creating and including modern security practices that can be incorporated into the fast and agile world of DevOps, DevSecOps is, in fact, an extension of DevOps’ main goal. <br>  </div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=244247&oldid=prev
Oana Cornea: edit6
2018-10-15T18:03:32Z
<p>edit6</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 18:03, 15 October 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l16" >Line 16:</td>
<td colspan="2" class="diff-lineno">Line 16:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:15 - 9:45<br>(30 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:15 - 9:45<br>(30 mins)</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <del class="diffchange diffchange-inline">So you think you do security?</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">It's a World of SecDevOps @ OWASP</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://<del class="diffchange diffchange-inline">www</del>.linkedin.com/in/<del class="diffchange diffchange-inline">martin-knobloch</del>/ <del class="diffchange diffchange-inline">Martin Knobloch</del>]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://<ins class="diffchange diffchange-inline">ro</ins>.linkedin.com/in/<ins class="diffchange diffchange-inline">barbuionutdaniel</ins>/<ins class="diffchange diffchange-inline">en Daniel Barbu</ins>]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | <del class="diffchange diffchange-inline">Security is hot and we get all the fancy old and new titles: Chief Information Security Officer, Security Archtect, Security Tester, Security Engineer, Security </del>and <del class="diffchange diffchange-inline">Risk Auditor! Of course, now </del>the <del class="diffchange diffchange-inline">days you are falling behind if you do not have cyber </del>in <del class="diffchange diffchange-inline">your title or job description, giving us the possibility of more fancy titles as </del>for <del class="diffchange diffchange-inline">exampel 'Cyer security expert'! And we all doing security, right? Really, do you think you 'do security'?  </del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | <ins class="diffchange diffchange-inline">SecDevOps comes with a built-in security mindset </ins>and <ins class="diffchange diffchange-inline">ideally adopts </ins>the <ins class="diffchange diffchange-inline">proven practices already </ins>in <ins class="diffchange diffchange-inline">use by embedded SRE teams. Day-to-day activities </ins>for <ins class="diffchange diffchange-inline">this role contribute </ins>not <ins class="diffchange diffchange-inline">only to achievement of operational </ins>and <ins class="diffchange diffchange-inline">development goals but also </ins>to <ins class="diffchange diffchange-inline">keeping high levels of confidentiality, integrity </ins>and <ins class="diffchange diffchange-inline">availability</ins>. <ins class="diffchange diffchange-inline">While improving </ins>the security <ins class="diffchange diffchange-inline">posture, the processes become easier </ins>to <ins class="diffchange diffchange-inline">audit </ins>and <ins class="diffchange diffchange-inline">compliance controls better assessed</ins>. <ins class="diffchange diffchange-inline">With product teams engaging with security as early as possible as opposed to </ins>the <ins class="diffchange diffchange-inline">end of the project, </ins>the <ins class="diffchange diffchange-inline">focus shifts from a reactive approach </ins>to <ins class="diffchange diffchange-inline">a proactive one integrating defensive practices through the lifecycle</ins>. <ins class="diffchange diffchange-inline">Consequently the systems’ predictability </ins>and <ins class="diffchange diffchange-inline">understanding of the infrastructure behavior increases</ins>. <ins class="diffchange diffchange-inline">When possible, open </ins>security <ins class="diffchange diffchange-inline">issues should be tracked </ins>in <ins class="diffchange diffchange-inline">the same work tracking system that Development </ins>and <ins class="diffchange diffchange-inline">Operations are using, ensuring visibility </ins>and <ins class="diffchange diffchange-inline">prioritization  against all other work. Infosec being embedded within </ins>the <ins class="diffchange diffchange-inline">product teams, enables informed decisions by gaining business context. </ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">As if compliancy has </del>not <del class="diffchange diffchange-inline">been complex enough, let's add privacy vs security </del>and <del class="diffchange diffchange-inline">don't forgeth moving </del>to <del class="diffchange diffchange-inline">cloud </del>and <del class="diffchange diffchange-inline">serverless architectures</del>. <del class="diffchange diffchange-inline">Do you still think you are in control? Let me lift </del>the <del class="diffchange diffchange-inline">smoke screen of cyber </del>security <del class="diffchange diffchange-inline">obscurity and show you how </del>to <del class="diffchange diffchange-inline">do security right! Getting in control buttom up </del>and <del class="diffchange diffchange-inline">top down (is there really a choice), by building alliances, sharing knowledge and deligate responsibilities</del>. <del class="diffchange diffchange-inline">Not </del>the <del class="diffchange diffchange-inline">least by setting </del>the <del class="diffchange diffchange-inline">right examples!</del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del class="diffchange diffchange-inline">Let me show you an holistic but practical aproach adding security </del>to <del class="diffchange diffchange-inline">your business responsibilityies and development metrics</del>. <del class="diffchange diffchange-inline">Get control by let go </del>and <del class="diffchange diffchange-inline">enable scalable security for your software factories</del>. <del class="diffchange diffchange-inline">How to manage </del>security in <del class="diffchange diffchange-inline">traditional waterfall </del>and <del class="diffchange diffchange-inline">project centric envirnoments </del>and <del class="diffchange diffchange-inline">how to scale in </del>the <del class="diffchange diffchange-inline">agile worlds of DevOps and CD/CI!</del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:45 - 10.30<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:45 - 10.30<br>(45 mins)  </div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=244036&oldid=prev
Oana Cornea at 17:31, 5 October 2018
2018-10-05T17:31:45Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 17:31, 5 October 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l7" >Line 7:</td>
<td colspan="2" class="diff-lineno">Line 7:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#CCCCEE" align="center" colspan="0" | '''Description'''</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#CCCCEE" align="center" colspan="0" | '''Description'''</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | <del class="diffchange diffchange-inline">9</del>:<del class="diffchange diffchange-inline">00 </del>- 9:<del class="diffchange diffchange-inline">30</del><br>(30 mins)</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">8</ins>:<ins class="diffchange diffchange-inline">30 </ins>- 9:<ins class="diffchange diffchange-inline">00</ins><br>(30 mins)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="3" | Registration and coffee break</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="3" | Registration and coffee break</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;"></del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:<del class="diffchange diffchange-inline">30 </del>- 9:<del class="diffchange diffchange-inline">45</del><br>(15 mins)</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:<ins class="diffchange diffchange-inline">00 </ins>- 9:<ins class="diffchange diffchange-inline">15</ins><br>(15 mins)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Introduction</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Introduction</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  Oana Cornea</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  Oana Cornea</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  Introduction to the OWASP Bucharest Event, Schedule for the Day   </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  Introduction to the OWASP Bucharest Event, Schedule for the Day   </div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">|-</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:15 - 9:45<br>(30 mins)</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | So you think you do security?</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://www.linkedin.com/in/martin-knobloch/ Martin Knobloch]</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | Security is hot and we get all the fancy old and new titles: Chief Information Security Officer, Security Archtect, Security Tester, Security Engineer, Security and Risk Auditor! Of course, now the days you are falling behind if you do not have cyber in your title or job description, giving us the possibility of more fancy titles as for exampel 'Cyer security expert'! And we all doing security, right? Really, do you think you 'do security'?  </ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">As if compliancy has not been complex enough, let's add privacy vs security and don't forgeth moving to cloud and serverless architectures. Do you still think you are in control? Let me lift the smoke screen of cyber security obscurity and show you how to do security right! Getting in control buttom up and top down (is there really a choice), by building alliances, sharing knowledge and deligate responsibilities. Not the least by setting the right examples!</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins style="font-weight: bold; text-decoration: none;">Let me show you an holistic but practical aproach adding security to your business responsibilityies and development metrics. Get control by let go and enable scalable security for your software factories. How to manage security in traditional waterfall and project centric envirnoments and how to scale in the agile worlds of DevOps and CD/CI!</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:45 - 10.30<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 9:45 - 10.30<br>(45 mins)  </div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=244033&oldid=prev
Oana Cornea at 17:08, 5 October 2018
2018-10-05T17:08:23Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 17:08, 5 October 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l57" >Line 57:</td>
<td colspan="2" class="diff-lineno">Line 57:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 16:05 - 16:50<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 16:05 - 16:50<br>(45 mins)  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">DevSecOps Use Case: Automate Early… But Securely</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">Serban Bejan</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |<ins class="diffchange diffchange-inline">In today’s increasingly digitalized world, the need for security in DevOps is met by a new concept, called DevSecOps. Aimed at creating and including modern security practices that can be incorporated into the fast and agile world of DevOps, DevSecOps is, in fact, an extension of DevOps’ main goal. <br> </ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">In our use case we studied the possible benefits and challenges of integrating SAST and DAST tools into the existing toolchain (application lifecycle manager, IDE, source code management tool and continuous integration pipeline) for developing, deploying and testing a Java web application.<br></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">Implementing DevSecOps brings a lot of value to organizations, it also comes with some challenges, like integrating more agile security methods and properly training users for using these advanced tools. Last but not least, we also need to take into consideration that any security functionality not automated in the available tools will result in creating friction in the cycle.</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 16:50 - 17:00<br>(15 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 16:50 - 17:00<br>(15 mins)  </div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=244012&oldid=prev
Oana Cornea at 18:53, 4 October 2018
2018-10-04T18:53:41Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 18:53, 4 October 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l51" >Line 51:</td>
<td colspan="2" class="diff-lineno">Line 51:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 15:20 - 16:05<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 15:20 - 16:05<br>(45 mins)  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">Protecting company information for GDPR compliance. A software architect’s perspective.</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">Ovidiu Ariton</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |<ins class="diffchange diffchange-inline">For years cybersecurity has been approached at the network level and at endpoint level. Best practices are good but sometimes user behavior makes the difference between a compromised system and a safe one. Most of the times they don’t understand if something went wrong. What if they knew? <br></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">The solution that I am going to present brings the tools available in a SOC to the user level, at the endpoint. It combines some of the best practices in security (like backup and DLP) with SOAR solutions and LRA in order to prevent loss of data and ensure rapid automated reaction to cybersecurity incidents.</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 16:05 - 16:50<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 16:05 - 16:50<br>(45 mins)  </div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=243859&oldid=prev
Oana Cornea at 12:27, 1 October 2018
2018-10-01T12:27:03Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 12:27, 1 October 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l29" >Line 29:</td>
<td colspan="2" class="diff-lineno">Line 29:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 11:45 - 12.30<br>(45 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 11:45 - 12.30<br>(45 mins)</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <del class="diffchange diffchange-inline">AWS VMS</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">Evading your protection and exfiltrate data</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://<del class="diffchange diffchange-inline">ro</del>.linkedin.com/in/<del class="diffchange diffchange-inline">gabriel-pilat-3053229b Gabriel Pilat</del>]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://<ins class="diffchange diffchange-inline">www</ins>.linkedin.com/in/<ins class="diffchange diffchange-inline">cosminradu13 Cosmin Alexandru Radu</ins>]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |This presentation <del class="diffchange diffchange-inline">looks at how Vulnerability Management </del>is <del class="diffchange diffchange-inline">generally performed (Scanning, Asset management, Reporting</del>, <del class="diffchange diffchange-inline">TI etc</del>. <del class="diffchange diffchange-inline">), </del>how <del class="diffchange diffchange-inline">it </del>can <del class="diffchange diffchange-inline">be performed in </del>the <del class="diffchange diffchange-inline">Amazon Cloud ( Deploy scanners, Use Integrated scanner, etc), the possibilities </del>of <del class="diffchange diffchange-inline">automation Amazon offers and ways to integrate it with 3rd party tools such as Qualys. General AWS architecture</del>, <del class="diffchange diffchange-inline">security services and benefits, inherited security flaws, issues and limitations encountered</del>.  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |<ins class="diffchange diffchange-inline">Evading your protection and exfiltrate data</ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>This presentation is <ins class="diffchange diffchange-inline">meant to be an introduction into a number of ex-filtration techniques that are out there</ins>, <ins class="diffchange diffchange-inline">used by malicious attackers</ins>. <ins class="diffchange diffchange-inline">It should be a view into the attackers toolset for developers and </ins>how <ins class="diffchange diffchange-inline">they </ins>can <ins class="diffchange diffchange-inline">counteract </ins>the <ins class="diffchange diffchange-inline">issues attackers use to get data out </ins>of <ins class="diffchange diffchange-inline">their applications</ins>, <ins class="diffchange diffchange-inline">or how system administrators can guard their network against egress data leakage</ins>.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 12:30 - 13:30 <br>(60 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 12:30 - 13:30 <br>(60 mins)</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l42" >Line 42:</td>
<td colspan="2" class="diff-lineno">Line 43:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 14:20 - 15:05<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 14:20 - 15:05<br>(45 mins)  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">AWS VMS</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">[https://ro.linkedin.com/in/gabriel-pilat-3053229b Gabriel Pilat]</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | <ins class="diffchange diffchange-inline">This presentation looks at how Vulnerability Management is generally performed (Scanning, Asset management, Reporting, TI etc. ), how it can be performed in the Amazon Cloud ( Deploy scanners, Use Integrated scanner, etc), the possibilities of automation Amazon offers and ways to integrate it with 3rd party tools such as Qualys. General AWS architecture, security services and benefits, inherited security flaws, issues and limitations encountered. </ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 15:05 - 15:20<br>(15 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 15:05 - 15:20<br>(15 mins)  </div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=243857&oldid=prev
Oana Cornea: edit6
2018-10-01T09:20:48Z
<p>edit6</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 09:20, 1 October 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l24" >Line 24:</td>
<td colspan="2" class="diff-lineno">Line 24:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 10:45 - 11.30<br>(45 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 10:45 - 11.30<br>(45 mins)</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Breaking the Apple iOS Sandbox</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | Breaking the Apple iOS Sandbox</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [<del class="diffchange diffchange-inline">razvan deaconescu </del>linkedin Razvan Deaconescu]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [<ins class="diffchange diffchange-inline">https://ro.</ins>linkedin<ins class="diffchange diffchange-inline">.com/in/razvandeaconescu </ins>Razvan Deaconescu]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | Apple iOS uses sandboxing to confine apps to certain calls they can make to services and the kernel. Apps are attached a sandbox profile: a set of rules that allow or deny actions. All 3rd party apps (i.e. downloaded from the AppStore) use the same sandbox profile (container). Sandbox profiles are stored as binary blobs in the iOS kernel. <br></div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | Apple iOS uses sandboxing to confine apps to certain calls they can make to services and the kernel. Apps are attached a sandbox profile: a set of rules that allow or deny actions. All 3rd party apps (i.e. downloaded from the AppStore) use the same sandbox profile (container). Sandbox profiles are stored as binary blobs in the iOS kernel. <br></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>In this talk, I will highlight the way iOS sandboxing works and steps we undertook in reversing binary blobs. We then analyzed reversed human-readable sandbox profiles and found misconfigurations in the profiles that allowed crippling the system from a valid app. We let Apple know of our findings, now published as CVEs.</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>In this talk, I will highlight the way iOS sandboxing works and steps we undertook in reversing binary blobs. We then analyzed reversed human-readable sandbox profiles and found misconfigurations in the profiles that allowed crippling the system from a valid app. We let Apple know of our findings, now published as CVEs.</div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=243856&oldid=prev
Oana Cornea at 09:20, 1 October 2018
2018-10-01T09:20:08Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 09:20, 1 October 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l23" >Line 23:</td>
<td colspan="2" class="diff-lineno">Line 23:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 10:45 - 11.30<br>(45 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 10:45 - 11.30<br>(45 mins)</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <del class="diffchange diffchange-inline">OWASP Top 10 with .NET Core</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">Breaking the Apple iOS Sandbox</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [<del class="diffchange diffchange-inline">https://ro.</del>linkedin<del class="diffchange diffchange-inline">.com/in/ignatandrei Andrei Ignat</del>]</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [<ins class="diffchange diffchange-inline">razvan deaconescu </ins>linkedin <ins class="diffchange diffchange-inline">Razvan Deaconescu</ins>]</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | We <del class="diffchange diffchange-inline">will show OWASP Top 10 </del>and <del class="diffchange diffchange-inline">how to counter them </del>in .<del class="diffchange diffchange-inline">NET Core</del></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | <ins class="diffchange diffchange-inline">Apple iOS uses sandboxing to confine apps to certain calls they can make to services and the kernel. Apps are attached a sandbox profile: a set of rules that allow or deny actions. All 3rd party apps (i.e. downloaded from the AppStore) use the same sandbox profile (container). Sandbox profiles are stored as binary blobs in the iOS kernel. <br></ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">In this talk, I will highlight the way iOS sandboxing works and steps we undertook in reversing binary blobs. </ins>We <ins class="diffchange diffchange-inline">then analyzed reversed human-readable sandbox profiles </ins>and <ins class="diffchange diffchange-inline">found misconfigurations </ins>in <ins class="diffchange diffchange-inline">the profiles that allowed crippling the system from a valid app. We let Apple know of our findings, now published as CVEs</ins>.</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 11:45 - 12.30<br>(45 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 11:45 - 12.30<br>(45 mins)</div></td></tr>
<tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l36" >Line 36:</td>
<td colspan="2" class="diff-lineno">Line 37:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 13:30 - 14:15<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 13:30 - 14:15<br>(45 mins)  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">OWASP Top 10 with .NET Core</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">[https://ro.linkedin.com/in/ignatandrei Andrei Ignat]</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |</div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | <ins class="diffchange diffchange-inline">We will show OWASP Top 10 and how to counter them in .NET Core</ins></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 14:20 - 15:05<br>(45 mins)  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 14:20 - 15:05<br>(45 mins)  </div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=243722&oldid=prev
Oana Cornea at 20:24, 25 September 2018
2018-09-25T20:24:53Z
<p></p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 20:24, 25 September 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l31" >Line 31:</td>
<td colspan="2" class="diff-lineno">Line 31:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://ro.linkedin.com/in/gabriel-pilat-3053229b Gabriel Pilat]</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | [https://ro.linkedin.com/in/gabriel-pilat-3053229b Gabriel Pilat]</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |This presentation looks at how Vulnerability Management is generally performed (Scanning, Asset management, Reporting, TI etc. ), how it can be performed in the Amazon Cloud ( Deploy scanners, Use Integrated scanner, etc), the possibilities of automation Amazon offers and ways to integrate it with 3rd party tools such as Qualys. General AWS architecture, security services and benefits, inherited security flaws, issues and limitations encountered.  </div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |This presentation looks at how Vulnerability Management is generally performed (Scanning, Asset management, Reporting, TI etc. ), how it can be performed in the Amazon Cloud ( Deploy scanners, Use Integrated scanner, etc), the possibilities of automation Amazon offers and ways to integrate it with 3rd party tools such as Qualys. General AWS architecture, security services and benefits, inherited security flaws, issues and limitations encountered.  </div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div><del style="font-weight: bold; text-decoration: none;">  <br></del></div></td><td colspan="2"> </td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 12:30 - 13:30 <br>(60 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 12:30 - 13:30 <br>(60 mins)</div></td></tr>
</table>
Oana Cornea
https://wiki.owasp.org/index.php?title=OWASP_Bucharest_AppSec_Conference_2018_Talks&diff=243721&oldid=prev
Oana Cornea: edit6
2018-09-25T20:24:32Z
<p>edit6</p>
<table class="diff diff-contentalign-left" data-mw="interface">
<col class='diff-marker' />
<col class='diff-content' />
<col class='diff-marker' />
<col class='diff-content' />
<tr style='vertical-align: top;' lang='en'>
<td colspan='2' style="background-color: white; color:black; text-align: center;">← Older revision</td>
<td colspan='2' style="background-color: white; color:black; text-align: center;">Revision as of 20:24, 25 September 2018</td>
</tr><tr><td colspan="2" class="diff-lineno" id="mw-diff-left-l28" >Line 28:</td>
<td colspan="2" class="diff-lineno">Line 28:</td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 11:45 - 12.30<br>(45 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | 11:45 - 12.30<br>(45 mins)</div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">AWS VMS</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" |  </div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:25%" valign="middle" height="30" bgcolor="#EEEEEE" align="center" colspan="0" | <ins class="diffchange diffchange-inline">[https://ro.linkedin.com/in/gabriel-pilat-3053229b Gabriel Pilat]</ins></div></td></tr>
<tr><td class='diff-marker'>−</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #ffe49c; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" | <del class="diffchange diffchange-inline">  </del><br></div></td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div>| style="width:40%" valign="middle" height="30" bgcolor="#EEEEEE" align="justify" colspan="0" |<ins class="diffchange diffchange-inline">This presentation looks at how Vulnerability Management is generally performed (Scanning, Asset management, Reporting, TI etc. ), how it can be performed in the Amazon Cloud ( Deploy scanners, Use Integrated scanner, etc), the possibilities of automation Amazon offers and ways to integrate it with 3rd party tools such as Qualys. General AWS architecture, security services and benefits, inherited security flaws, issues and limitations encountered. </ins></div></td></tr>
<tr><td colspan="2"> </td><td class='diff-marker'>+</td><td style="color:black; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #a3d3ff; vertical-align: top; white-space: pre-wrap;"><div><ins class="diffchange diffchange-inline">  </ins><br></div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>|-</div></td></tr>
<tr><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 12:30 - 13:30 <br>(60 mins)</div></td><td class='diff-marker'> </td><td style="background-color: #f9f9f9; color: #333333; font-size: 88%; border-style: solid; border-width: 1px 1px 1px 4px; border-radius: 0.33em; border-color: #e6e6e6; vertical-align: top; white-space: pre-wrap;"><div>| style="width:10%" valign="middle" height="30" bgcolor="#CCEEEE" align="center" colspan="0" | 12:30 - 13:30 <br>(60 mins)</div></td></tr>
</table>
Oana Cornea