This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)"

From OWASP
Jump to: navigation, search
m (Agenda)
(Moved videos from Google Video to YouTube due to GV shutdown...)
 
(47 intermediate revisions by 4 users not shown)
Line 1: Line 1:
 +
[[Category:Israel]]
 
{{Template:OWASP_IL_2008_Sponsors}}
 
{{Template:OWASP_IL_2008_Sponsors}}
  
== Time and Location ==
+
The OWASP Israel 2008 conference was held on September 14th at the Interdisciplinary Center Herzliya with 250 attendees. The agenda of the full day two track event can be found below.
 
 
The OWASP Israel 2008 conference will be held on September 14th at the Interdisciplinary Center Herzliya from 8:30 to 17:00. This time we are raising the bar and will be holding a full day '''two tracks''' event. The tracks would be split according by level: a beginners track and an experts track.
 
 
 
You can find the IDC on
 
[http://local.google.com/maps?f=q&hl=en&q=%D7%94%D7%9E%D7%A8%D7%9B%D7%96+%D7%94%D7%91%D7%99%D7%9F+%D7%AA%D7%97%D7%95%D7%9E%D7%99+%D7%94%D7%A8%D7%A6%D7%9C%D7%99%D7%94,+%D7%94%D7%A8%D7%A6%D7%9C%D7%99%D7%94,+Israel&sll=32.166567,34.812605&sspn=0.007974,0.019312&ie=UTF8&cd=1&geocode=FbD26gEdeo0TAg&ll=32.177047,34.835844&spn=0.007973,0.019312&z=16&iwloc=addr  Google map] or use the [http://portal.idc.ac.il/he/Main/about_idc/campus_tour/Pages/MapsDirections.aspx instructions] on the IDC web site. Signs at the Campus will lead you the conference halls.
 
 
 
== Registration ==
 
 
 
The conference is '''free and open to all''', but please register by sending an e-mail to me at [email protected]. We need to know how many people will arrive in order to be prepared.
 
  
 
== Agenda ==
 
== Agenda ==
  
(Not final, minor changes and additions possible)
+
{| class="wikitable" <hiddentext>generated with [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]] V1.7<\hiddentext>
 
+
|- style="font-size:11pt"
{|   class="wikitable" <hiddentext>generated with   [[:de:Wikipedia:Helferlein/VBA-Macro for EXCEL tableconversion]]   V1.7<\hiddentext>
+
|style="color:#1F497D" width="68" height="15" align="right" valign="top" | 8:30-9:00
 
+
| width="291"  valign="top" | Gathering and Socializing
|-   style="background-color:#000000;font-size:11pt;font-weight:bold;color:#FFFFFF" valign="top"
+
| width="296"  valign="top" | &nbsp;
 
 
| width="315"  height="16" | Title
 
 
 
| width="156" | Presentation
 
 
 
| width="91" | Copmany
 
|-  style="background-color:#D8D8D8;font-size:11pt" valign="top"
 
 
 
| height="15" | [[OWASP_Israel_2008_Conference_Erez_Metula|.NET Framework  rootkits - backdoors inside your Framework]]
 
 
 
|   Erez Metula
 
 
 
|  2Bsecure
 
|- style="font-size:11pt"  valign="top"
 
 
 
| height="30" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]]
 
 
 
|   Ivan Ristic
 
 
 
|  Breach
 
|-  style="background-color:#D8D8D8;font-size:11pt"  valign="top"
 
  
| height="15" | [http://www.owasp.org/index.php/AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008 Trends in Web Hacking: What's hot in 2008]
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
 +
|  valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder ([ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Opening%20Words_chunk_1.wmv download video])
 +
|  valign="top" | &nbsp;
  
  |   Ofer Shezaf
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="15" align="right" valign="top" | &nbsp;
 +
|  valign="top" | &nbsp;
 +
| valign="top" | &nbsp;
  
|  Breach
+
|- style="font-size:11pt;font-weight:bold"
|- style="font-size:11pt"  valign="top"
+
|style="color:#1F497D" height="15" align="right" valign="top" | &nbsp;
 +
|  valign="top" | Room #1
 +
| valign="top" | Room #2
  
| height="30" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]]
+
|- style="font-size:11pt;font-weight:bold"
 +
|style="color:#1F497D" height="15" align="right" valign="top" | &nbsp;
 +
|  valign="top" | Management Track
 +
|  valign="top" | Fundamentals Track
  
  |   Amichai Shulman
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
 +
| valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] ([[Media:OWASP_IL_2008_Amichai_Shulman_BeyondGoogleHackingn.ppt|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_1.wmv video part 1], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_2.wmv video part 2])<BR>Amichai Shulman, Imperva
 +
|  valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]] ([[Media:OWASP_IL_2008_Maty_Siman_Security_Code_Analysis.ppt‎|download ppt]])<BR>Maty Siman, Checkmark
  
|   Imperva
+
|- style="font-size:11pt"
|style="background-color:#D8D8D8;font-size:11pt"  valign="top"
+
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
 +
|  valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] ([http://www.youtube.com/watch?v=TAAGN7Ac8Wk watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ivan%20Ristic_chunk_1.wmv download video])<BR>Ivan Ristic, Breach Security
 +
| valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]] ([[Media:OWASP_IL_2008_Sharabani_BlackBox_Vs_WhiteBox.ppt‎|download ppt]])<BR>Adi Sharabani & Yinnon Haviv, IBM
  
| height="15" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]]
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="15" align="right" valign="top" | 10:45-11:00
 +
| valign="top" colspan="2"| Break
  
  |   Yuli Stremovsky
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
 +
| valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] ([[Media:AppSecEU2008-WHID.ppt|ppt]], [http://www.youtube.com/watch?v=Hl-JIxq0IrI watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Shezaf%20Trends%202008_chunk_1.wmv download video]) <BR>Ofer Shezaf, Breach Security
 +
|  valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] ([[Media:OWASP IL 2008 David Movshovitz AJAX.ppt|download ppt]])<BR>Dr. David Movshovitz, IDC
  
|  &nbsp;
+
|- style="font-size:11pt"
|- style="font-size:11pt"  valign="top"
+
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
 +
|  valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testin g the Tester – Measuring Quality of Security Testing]] ([[Media:OWASP_IL_2008_Ofer_Maor_Testing_The_Tester.ppt‎|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Maor%20Testing%20The%20Tester_chunk_1.wmv download video])<BR>Ofer Maor, Hacktics
 +
| valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] ([[Media:OWASP_IL_2008_Yuli_Stremovsky.GreenSQL_Database_Firewall.ppt‎|download ppt]])<BR>Yuli Stremovsky
  
| height="15" | [[OWASP_Israel_2008_Conference_Alon_Roser|eVoting]]
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="15" align="right" valign="top" | 12:30-13:15
 +
|  valign="top" colspan="2"| Lunch
  
  |   Dr. Alon Roser
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="15" align="right" valign="top" | &nbsp;
 +
|  valign="top" | &nbsp;
 +
| valign="top" | &nbsp;
  
|   IDC
+
|- style="font-size:11pt"
|style="background-color:#D8D8D8;font-size:11pt"  valign="top"
+
|style="color:#1F497D" height="15" align="right" valign="top" | &nbsp;
 +
|style="font-weight:bold"  valign="top" | Advanced Technology Track
 +
|style="font-weight:bold"  valign="top" | Practical Technology Track
  
| height="15" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]]
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
 +
|  valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] ([[Media:OWASP IL 2008 Shai Chen PT to Java Client Server Apps.ppt|ppt]], [http://www.youtube.com/watch?v=O2uOOiy8yxw watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Shai%20Chen_chunk_1.wmv download video])<BR>Shai Chen, Hacktics
 +
|  valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] ([[Media:OWASP_IL_2008_Amir_Herzberg_Defending_against_Phishing_without_Client-side_Code.ppt|ppt]], [http://www.youtube.com/watch?v=vmzhWA6_Li4 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amir%20Herzberg.wmv download video]) <BR>Prof. Amir Herzberg, Bar-Ilan University
  
  |   Adi Sharabani & Yinnon Haviv
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="30" align="right" valign="top" | 14:00-14:45
 +
| valign="top" | [[OWASP_Israel_2008_Conference_Alon_Rosen|Cryptographic elections - how to simultaneously achieve verifiability and privacy]] ([[Media:OWASP_IL_2008_Alon_Resen_eVoting.pdf‎|download pdf]])<BR>Dr. Alon Rosen, IDC
 +
valign="top" | [[OWASP_Israel_2008_Conference_Erez_Metula|.NET Framework rootkits - backdoors inside your Framework]] ([[Media:OWASP IL 2008 Erez Metula .NET Rootkits.ppt|download ppt]])<BR>Erez Metula, 2Bsecure
  
|  IBM
+
|- style="font-size:11pt"
|- style="font-size:11pt"  valign="top"
+
|style="color:#1F497D" height="15" align="right" valign="top" | 14:45-15:00
 +
| valign="top" colspan="2"| Break
  
| height="15" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testing the Tester – Measuring Quality of Security Testing]]
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="45" align="right" valign="top" | 15:00-15:45
 +
|  valign="top" | [[OWASP_Israel_2008_Conference_Ronen_Bachar|Automated Crawling & Security Analysis of Flash/Flex based Web Applications]] ([[Media:OWASP_IL_2008_Ronen_Bachar_RIA.ppt‎|download ppt]])<BR>Ronen Bachar, IBM
 +
|  valign="top" | [[OWASP_Israel_2008_Conference_Ohad_Ben_Cohen|Korset: Code-based Intrusion Detection System for Linux]] ([[Media:OWASP_IL_2008_Ohad_Ben_Cohen_Korset.pdf|download pdf]])<BR>Ohad Ben-Cohen
  
  |   Ofer Maor
+
|- style="font-size:11pt"
 +
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
 +
| valign="top" colspan="2" | Turbo talks (Rump Session), Currently scheduled presentations:
 +
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) ([[Media:OWASP_IL_2008_Yossi_Oren_APEG.ppt|download ppt]])
 +
* Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
 +
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning ([[Media:UnknownMalcodeDetection_OWASP-IL-08.pdf|download pdf]])
 +
* Yaniv Miron, Comsec, UTF7 XSS ([[Media:OWASP_IL_2008_Yaniv_Miron_UTF7_XSS.ppt|download ppt]])
 +
* Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths ([[Media:2008-09-14_OWASP_Israel_2008.ppt‎|download ppt]])
  
|  Hacktics
+
'''Closing Words, Ofer Shezaf'''
|-  style="background-color:#D8D8D8;font-size:11pt"  valign="top"
 
 
 
| height="15" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]]
 
 
 
|  Shai Chen
 
 
 
|  Hacktics
 
|- style="font-size:11pt"  valign="top"
 
 
 
| height="15" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]]
 
 
 
|  Prof. Amir Herzberg
 
 
 
|  Bar Ilan Univeristy
 
|-  style="background-color:#D8D8D8;font-size:11pt"  valign="top"
 
 
 
| height="30" | [[OWASP_Israel_2008_Conference_Ronen_Bachar|Automated Crawling & Security Analysis of Flash/Flex based Web Applications]]
 
 
 
|  Ronen Bachar
 
 
 
|  IBM
 
|- style="font-size:11pt"  valign="top"
 
 
 
| height="15" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]]
 
 
 
|  Maty Siman
 
 
 
|  Checkmarx
 
|-  style="background-color:#D8D8D8;font-size:11pt"  valign="top"
 
 
 
| height="15" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]]
 
 
 
|  Dr. David Movshovitz
 
 
 
|  IDC
 
|- style="font-size:11pt"  valign="top"
 
 
 
| height="16" | [[OWASP_Israel_2008_Conference_Ohad_Ben_Cohen|Korset: Code-based Intrusion Detection System for Linux]]
 
 
 
|  Ohad Ben-Cohen
 
 
 
|  &nbsp;
 
 
|}
 
|}
 
Note that the [[OWASP_Israel_2008_Conference_Turbo_Talks|Turbo Talk (Rump) Session]] is still open for submissions.
 
 
== Call for participation ==
 
 
Being a community event, we are staring a call for involvement, which means it is the time to speak up if you want to:
 
 
* [[OWASP_Israel_2008_Conference_Turbo_Talks|Turbo Talk (Rump) Session]] - a new feature in this conference, consisting of a series of 5-minute talks.
 
: The deadline for submissions for the rump session is '''Monday, September 8, 2008'''.
 
* [[OWASP IL Sponsorship|Call for sponsors]]
 
* Help in organizing
 
* Otherwise participate (plenty of time for that, but if you know you will come, speak up)
 
 
'''This is also a good time to raise other ideas you have regarding the conference'''. Many of you have been to previous conferences and have great ideas, so don't be shy and speak up.
 
 
== Agenda ==
 
 
The [[OWASP_IL_CFP|CFP]] is underway and the program would be published by mid August.
 
  
 
== The people behind the conference ==
 
== The people behind the conference ==
Line 166: Line 124:
  
 
* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
 
* Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
* Daniel Kallner
+
* Neer Roggel, the technion
 +
* Shay Shuker
 
* Ofer Shezaf (Breach Security)
 
* Ofer Shezaf (Breach Security)
* Shay Shuker
 
  
  

Latest revision as of 13:22, 4 May 2011

Organizers:     OWASP_IL_Sponsors_IDC_New.JPG     OWASP_IL_Breach_Labs_Logo.jpg
Sponsors:     OWASP_IL_Sponsor_Checkpoint.gif     OWASP_IL_Sponsor_Comsec.gif     OWASP_IL_Sponsors_Imperva.png     OWASP_IL_Sponsor_GamaSec_Logo.jpg
    OWASP_IL_Sponsor_Logo_Checkmarx.jpg     OWASP_IL_Sponsor_Hacktics.jpg     OWASP_IL_Sponsors_Avent.jpg     OWASP_IL_Sponsors_IBM.jpg
Partners:     OWASP_IL_IDC_Logo.gif     OWASP_IL_LOGO_NISF.jpg     OWASP_IL_ISSA_Logo.gif

The OWASP Israel 2008 conference was held on September 14th at the Interdisciplinary Center Herzliya with 250 attendees. The agenda of the full day two track event can be found below.

Agenda

8:30-9:00 Gathering and Socializing  
9:00-9:15 Opening words by Ofer Shezaf, OWASP Israel founder (download video)  
     
  Room #1 Room #2
  Management Track Fundamentals Track
9:15-10:00 Web Application Security and Search Engines – Beyond Google Hacking (ppt, video part 1, video part 2)
Amichai Shulman, Imperva
Application Security - The code analysis way (download ppt)
Maty Siman, Checkmark
10:00-10:45 No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling (watch video, download video)
Ivan Ristic, Breach Security
Black Box vs. White Box - pros and cons (download ppt)
Adi Sharabani & Yinnon Haviv, IBM
10:45-11:00 Break
11:00-11:45 Trends in Web Hacking: What's hot in 2008 (ppt, watch video, download video)
Ofer Shezaf, Breach Security
AJAX - new technologies new threats (download ppt)
Dr. David Movshovitz, IDC
11:45-12:30 Testin g the Tester – Measuring Quality of Security Testing (ppt, download video)
Ofer Maor, Hacktics
GreenSQL - an open source database security gateway (download ppt)
Yuli Stremovsky
12:30-13:15 Lunch
     
  Advanced Technology Track Practical Technology Track
13:15-14:00 Achilles’ heel – Hacking Through Java Protocols (ppt, watch video, download video)
Shai Chen, Hacktics
Defending against Phishing without Client-side Code (ppt, watch video, download video)
Prof. Amir Herzberg, Bar-Ilan University
14:00-14:45 Cryptographic elections - how to simultaneously achieve verifiability and privacy (download pdf)
Dr. Alon Rosen, IDC
.NET Framework rootkits - backdoors inside your Framework (download ppt)
Erez Metula, 2Bsecure
14:45-15:00 Break
15:00-15:45 Automated Crawling & Security Analysis of Flash/Flex based Web Applications (download ppt)
Ronen Bachar, IBM
Korset: Code-based Intrusion Detection System for Linux (download pdf)
Ohad Ben-Cohen
15:45-16:30 Turbo talks (Rump Session), Currently scheduled presentations:
  • Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) (download ppt)
  • Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
  • Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning (download pdf)
  • Yaniv Miron, Comsec, UTF7 XSS (download ppt)
  • Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths (download ppt)

Closing Words, Ofer Shezaf

The people behind the conference

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

Steering Committee

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

  • Adi Sharabani (IBM)
  • Dr. David Movshovitz (Interdisciplinary Center Herzliya)
  • Ofer Maor (Hacktics)
  • Ofer Shezaf (Breach Security)
  • Ory Segal (IBM)
  • Shay Zalalichin (ComSec)
  • Yossi Oren (Proxy Software Systems)

Organization Committee

The organization committee is in charge of making this all happen:

  • Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
  • Neer Roggel, the technion
  • Shay Shuker
  • Ofer Shezaf (Breach Security)


~ Ofer Shezaf,Conference Chair
[email protected]