This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "User:Orysegal"
(Tag: Visual edit) |
(Tag: Visual edit) |
||
| Line 15: | Line 15: | ||
* W3C Web Application Security Working Group: https://www.w3.org/2000/09/dbwg/details?group=49309&public=1&order=org | * W3C Web Application Security Working Group: https://www.w3.org/2000/09/dbwg/details?group=49309&public=1&order=org | ||
* The Ten Most Critical Risks for Serverless Applications v1.0: https://github.com/puresec/sas-top-10 | * The Ten Most Critical Risks for Serverless Applications v1.0: https://github.com/puresec/sas-top-10 | ||
| + | |||
| + | == Experience == | ||
| + | 2017 - Present: CTO & co-founder at [https://www.puresec.io/ PureSec] (Serverless Security) | ||
| + | |||
| + | 2012 - 2017: Sr. Director, Threat Research at [https://www.akamai.com/ Akamai] | ||
| + | |||
| + | 2007 - 2012: Security Products Architect (AppScan) at [https://www.ibm.com/ IBM] | ||
| + | |||
| + | 2005 - 2007: Director of Security Research at [https://www.crunchbase.com/organization/watchfire Watchfire] (acquired by IBM) | ||
| + | |||
| + | 2000 - 2005: Senior Security Researcher at [https://www.crunchbase.com/organization/sanctum-inc Sanctum inc] (acquired by Watchfire) | ||
| + | |||
| + | 1997 - 2000: Penetration Testing Team Leader at [http://www.avnet-cyber.com/ Avnet] Cyber Security | ||
Revision as of 17:36, 13 September 2018
ABOUT
BIO
Ory Segal is a world-renowned expert in application security, with 20 years of experience in the field. Ory is the CTO and co-founder of PureSec, a start-up that enables organizations to secure serverless applications. Prior to PureSec, Ory was Senior Director of threat research at Akamai, where he led a team of web security and big data researchers, responsible for developing algorithms for Akamai's Kona cloud security product line. In this role, Ory research and published articles about web security, bot management, client reputation and device fingerprinting. Prior to Akamai, Ory worked at IBM as the security products architect and product manager for the market leading application security solution IBM Security AppScan (previously Watchfire/Sanctum AppScan), a product which Ory developed and contributed to since the year 2000. Ory authored 20 patents in the field of application security, static analysis, dynamic analysis, threat reputation and systems. He is currently serving as an officer of the Web Application Security Consortium (WASC), he was a member of the W3C WebAppSec working group, and was an OWASP Israel board member. Ory is a regular conference presenter and presented in conferences such as: Blackhat, RSA, OWASP AppSec, CyberTech, ServerlessDays, CodeBlue and Gartner Security Summit,
Community / Industry Contributions & Participation
- WASC OWASP Web Application Firewall Evaluation Criteria Project
- OWASP AppSec NYC: Big Data Intelligence https://www.youtube.com/watch?v=afMvndBEv-I
- CWE/SANS Top 25: https://www.sans.org/top25-software-errors
- WASC Static Analysis Evaluation Criteria: http://projects.webappsec.org/w/page/66094278/Static%20Analysis%20Technologies%20Evaluation%20Criteria
- WASC Threat Classification (TC): http://projects.webappsec.org/w/page/13246978/Threat%20Classification
- WASC Web Application Security Scanner Evaluation Criteria: http://projects.webappsec.org/w/page/13246986/Web%20Application%20Security%20Scanner%20Evaluation%20Criteria
- NIST SAMATE - Software Assurance Metrics And Tool Evaluation: https://samate.nist.gov/Main_Page.html
- W3C Web Application Security Working Group: https://www.w3.org/2000/09/dbwg/details?group=49309&public=1&order=org
- The Ten Most Critical Risks for Serverless Applications v1.0: https://github.com/puresec/sas-top-10
Experience
2017 - Present: CTO & co-founder at PureSec (Serverless Security)
2012 - 2017: Sr. Director, Threat Research at Akamai
2007 - 2012: Security Products Architect (AppScan) at IBM
2005 - 2007: Director of Security Research at Watchfire (acquired by IBM)
2000 - 2005: Senior Security Researcher at Sanctum inc (acquired by Watchfire)
1997 - 2000: Penetration Testing Team Leader at Avnet Cyber Security
