User:Orysegal - Revision history

Orysegal at 18:10, 13 September 2018

2018-09-13T18:10:31Z

Orysegal at 18:09, 13 September 2018

2018-09-13T18:09:02Z

Orysegal at 18:04, 13 September 2018

2018-09-13T18:04:12Z

Orysegal at 17:55, 13 September 2018

2018-09-13T17:55:18Z

Orysegal at 17:36, 13 September 2018

2018-09-13T17:36:42Z

Orysegal at 17:27, 13 September 2018

2018-09-13T17:27:49Z

Orysegal: Minor edits

2018-09-07T16:01:00Z

Minor edits

Orysegal: Initial page

2018-09-07T15:58:46Z

Initial page

New page

= ABOUT =
== BIO ==
Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec, a start-up that enables organizations to secure serverless applications. Prior to PureSec, Ory was Senior Director of threat research at Akamai, where he led a team of web security and big data researchers, responsible for developing algorithms for Akamai's Kona cloud security product line. In this role, Ory research and published articles about web security, bot management, client reputation and device fingerprinting. Prior to Akamai, Ory worked at IBM as the security products architect and product manager for the market leading application security solution IBM Security AppScan (previously Watchfire/Sanctum AppScan), a product which Ory developed and contributed to since the year 2000. Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation and systems. He is currently serving as an officer of the Web Application Security Consortium (WASC), he was a member of the W3C WebAppSec working group, and was an OWASP Israel board member. Ory is a regular conference presenter and presented in conferences such as: Blackhat, RSA, OWASP AppSec, CyberTech, ServerlessDays, CodeBlue and Gartner Security Summit,

== Contributions ==
* [[WASC OWASP Web Application Firewall Evaluation Criteria Project]]
* OWASP AppSec NYC: Big Data Intelligence https://www.youtube.com/watch?v=afMvndBEv-I
* CWE/SANS Top 25: https://www.sans.org/top25-software-errors
* WASC Static Analysis Evaluation Criteria: http://projects.webappsec.org/w/page/66094278/Static%20Analysis%20Technologies%20Evaluation%20Criteria
* WASC Threat Classification (TC): http://projects.webappsec.org/w/page/13246978/Threat%20Classification
* WASC Web Application Security Scanner Evaluation Criteria: http://projects.webappsec.org/w/page/13246986/Web%20Application%20Security%20Scanner%20Evaluation%20Criteria
* NIST SAMATE - Software Assurance Metrics And Tool Evaluation: https://samate.nist.gov/Main_Page.html
* W3C Web Application Security Working Group: https://www.w3.org/2000/09/dbwg/details?group=49309&public=1&order=org

@@ Line 10: / Line 10: @@
 [https://twitter.com/orysegal Twitter]
-[mailto://orysegal@gmail.com Email]
+Email: orysegal [  at  ]  gmail.com
 == Community / Industry Contributions & Participation ==

@@ Line 3: / Line 3: @@
 = ABOUT =
 == BIO ==
-Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec (Serverless Security). Prior to PureSec, Ory was Senior Director of threat research at Akamai, where he led a team of web security and big data researchers, responsible for developing algorithms for Akamai's Kona cloud security product line. In this role, Ory research and published articles about web security, bot management, client reputation and device fingerprinting. Prior to Akamai, Ory worked at IBM as the security products architect and product manager for the market leading application security solution IBM Security AppScan (previously Watchfire/Sanctum AppScan), a product which Ory developed and contributed to since the year 2000.  Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation and systems. He is currently serving as an officer of the Web Application Security Consortium (WASC), he was a member of the W3C WebAppSec working group, and was an OWASP Israel board member. Ory is a regular conference presenter and presented in conferences such as: Blackhat, RSA, OWASP AppSec, CyberTech, ServerlessDays, CodeBlue and Gartner Security Summit,
+Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec (Serverless Security). Prior to PureSec, Ory was Senior Director of threat research at Akamai, where he led a team of web security and big data researchers, responsible for developing algorithms for Akamai's Kona cloud security product line. In this role, Ory research and published articles about web security, bot management, client reputation and device fingerprinting. Prior to Akamai, Ory worked at IBM as the security products architect and product manager for the market leading application security solution IBM Security AppScan (previously Watchfire/Sanctum AppScan), a product which Ory developed and contributed to since the year 2000.  Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation and systems. He is currently serving as an officer of the Web Application Security Consortium (WASC), he was a member of the W3C WebAppSec working group, and was an OWASP Israel board member. Ory is a regular conference presenter and presented in conferences such as: Blackhat, RSA, OWASP AppSec, CyberTech, ServerlessDays, CodeBlue and Gartner Security Summit.
 == Community / Industry Contributions & Participation ==

@@ Line 35: / Line 35: @@
 * [https://www.akamai.com/jp/ja/multimedia/documents/state-of-the-internet/sshowdown-exploitation-of-iot-devices-for-launching-mass-scale-attack-campaigns.pdf SSHowDowN]: Exploitation of IoT Devices for Launching Mass-Scale Attack Campaigns (whitepaper)
 * [https://blogs.akamai.com/2014/02/hql-statement-tampering.html HQL Statement Tampering] (advisory / whitepaper)
 * [https://www.slideshare.net/ibmrational/a-look-at-the-prevalence-of-clientside-javascript-vulnerabilities-in-web-applications Close Encounters of the Third Kind]: A Look at the Prevalence of Client-Side JavaScript Vulnerabilities (whitepaper)
 * [https://www.slideshare.net/orysegal/clientside-javascript-vulnerabilities Client-Side JavaScript Vulnerabilities] (presentation)

@@ Line 3: / Line 3: @@
 = ABOUT =
 == BIO ==
-Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec, a start-up that enables organizations to secure serverless applications. Prior to PureSec, Ory was Senior Director of threat research at Akamai, where he led a team of web security and big data researchers, responsible for developing algorithms for Akamai's Kona cloud security product line. In this role, Ory research and published articles about web security, bot management, client reputation and device fingerprinting. Prior to Akamai, Ory worked at IBM as the security products architect and product manager for the market leading application security solution IBM Security AppScan (previously Watchfire/Sanctum AppScan), a product which Ory developed and contributed to since the year 2000.  Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation and systems. He is currently serving as an officer of the Web Application Security Consortium (WASC), he was a member of the W3C WebAppSec working group, and was an OWASP Israel board member. Ory is a regular conference presenter and presented in conferences such as: Blackhat, RSA, OWASP AppSec, CyberTech, ServerlessDays, CodeBlue and Gartner Security Summit,
+Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec (Serverless Security). Prior to PureSec, Ory was Senior Director of threat research at Akamai, where he led a team of web security and big data researchers, responsible for developing algorithms for Akamai's Kona cloud security product line. In this role, Ory research and published articles about web security, bot management, client reputation and device fingerprinting. Prior to Akamai, Ory worked at IBM as the security products architect and product manager for the market leading application security solution IBM Security AppScan (previously Watchfire/Sanctum AppScan), a product which Ory developed and contributed to since the year 2000.  Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation and systems. He is currently serving as an officer of the Web Application Security Consortium (WASC), he was a member of the W3C WebAppSec working group, and was an OWASP Israel board member. Ory is a regular conference presenter and presented in conferences such as: Blackhat, RSA, OWASP AppSec, CyberTech, ServerlessDays, CodeBlue and Gartner Security Summit,
 == Community / Industry Contributions & Participation ==
@@ Line 28: / Line 28: @@
 - 2000: Penetration Testing Team Leader at [http://www.avnet-cyber.com/ Avnet] Cyber Security

← Older revision		Revision as of 17:36, 13 September 2018
Line 15:		Line 15:
	* W3C Web Application Security Working Group: https://www.w3.org/2000/09/dbwg/details?group=49309&public=1&order=org		* W3C Web Application Security Working Group: https://www.w3.org/2000/09/dbwg/details?group=49309&public=1&order=org
	* The Ten Most Critical Risks for Serverless Applications v1.0: https://github.com/puresec/sas-top-10		* The Ten Most Critical Risks for Serverless Applications v1.0: https://github.com/puresec/sas-top-10
		+
		+	== Experience ==
		+	2017 - Present: CTO & co-founder at [https://www.puresec.io/ PureSec] (Serverless Security)
		+
		+	2012 - 2017: Sr. Director, Threat Research at [https://www.akamai.com/ Akamai]
		+
		+	2007 - 2012: Security Products Architect (AppScan) at [https://www.ibm.com/ IBM]
		+
		+	2005 - 2007: Director of Security Research at [https://www.crunchbase.com/organization/watchfire Watchfire] (acquired by IBM)
		+
		+	2000 - 2005: Senior Security Researcher at [https://www.crunchbase.com/organization/sanctum-inc Sanctum inc] (acquired by Watchfire)
		+
		+	1997 - 2000: Penetration Testing Team Leader at [http://www.avnet-cyber.com/ Avnet] Cyber Security

← Older revision		Revision as of 17:27, 13 September 2018
Line 1:		Line 1:
		+	[[File:Ory Segal.png\|thumb]]
		+
	= ABOUT =		= ABOUT =
	== BIO ==		== BIO ==

@@ Line 3: / Line 3: @@
 Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec, a start-up that enables organizations to secure serverless applications. Prior to PureSec, Ory was Senior Director of threat research at Akamai, where he led a team of web security and big data researchers, responsible for developing algorithms for Akamai's Kona cloud security product line. In this role, Ory research and published articles about web security, bot management, client reputation and device fingerprinting. Prior to Akamai, Ory worked at IBM as the security products architect and product manager for the market leading application security solution IBM Security AppScan (previously Watchfire/Sanctum AppScan), a product which Ory developed and contributed to since the year 2000.  Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation and systems. He is currently serving as an officer of the Web Application Security Consortium (WASC), he was a member of the W3C WebAppSec working group, and was an OWASP Israel board member. Ory is a regular conference presenter and presented in conferences such as: Blackhat, RSA, OWASP AppSec, CyberTech, ServerlessDays, CodeBlue and Gartner Security Summit,
-== Contributions ==
+== Community / Industry Contributions & Participation ==
 * [[WASC OWASP Web Application Firewall Evaluation Criteria Project]]
 * OWASP AppSec NYC: Big Data Intelligence https://www.youtube.com/watch?v=afMvndBEv-I
@@ Line 12: / Line 12: @@
 * NIST SAMATE - Software Assurance Metrics And Tool Evaluation: https://samate.nist.gov/Main_Page.html
 * W3C Web Application Security Working Group: https://www.w3.org/2000/09/dbwg/details?group=49309&public=1&order=org