This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Israel 2010 01

From OWASP
Revision as of 19:13, 30 December 2009 by Ofer Maor (talk | contribs) (Created page with 'The meeting will be held at 17:00 on Tuesday, Jan 12th, 2010. Location: Breach Security, 11 Bareket St., Herzliya (Sixth floor). == '''Agenda''' == == 17:00 - 17:20 : Gatheri…')

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

The meeting will be held at 17:00 on Tuesday, Jan 12th, 2010.

Location: Breach Security, 11 Bareket St., Herzliya (Sixth floor).

Agenda

17:00 - 17:20 : Gathering, Mingling & Food

17:20 - 17:30 : Opening Notes

Ofer Maor, Hacktics

17:30 - 18:10 : Top 5 Security Trends for 2010

Noa Bar-Yosef, Imperva

As we approach a new decade, battle lines have been firmly drawn between organizations seeking to protect their most sensitive data and dangerous cyber-criminals intent on attacking that data. Join Noa Bar-Yosef for this informative talk in which she discusses the predictions for the five most important security trends to watch for in 2010.

18:10 - 18:40 : WAFs in the Cloud

Ofer Shezaf, Better Place

Like any other new concept, cloud computing presents challenges in many different areas. Since many cloud based applications are web based, Web Application Firewalls (WAFs) is a technology that we need to adapt to cloud computing. In the presentation we will discuss two aspects of integrating WAFs into cloud computing: on the one hand WAF as a service, and on the other hand how to protect a cloud based web service, with a cloud based WAF or without it. We shall examine the pros and cons of a cloud based WAF and look into existing WAF services such as Akamai and Art of Defense. We shall compare them to regular WAF solutions as well as to alternative methods for protecting cloud based services such as virtual WAF or a host based WAF.

18:40 - 19:00 : Advanced Heap Spraying Techniques

Moshe Ben Abu, Recognize Security

Heap Spraying is the de-facto method for executing arbitrary commands on web browsers and components (Java, Flash, etc). The known methods so far for Heap Spraying are using JavaScript, Flash, Java and .NET DLL memory techniques. In this presentation Moshe Ben Abu will present new methods & techniques for Heap Spraying developed by him, such as using bitmap files, Silverlight and more.