This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

OWASP Israel June 2015

From OWASP
Revision as of 07:59, 3 June 2015 by Avi Douglen (talk | contribs)

Jump to: navigation, search

Our second meeting in 2015 for the Israel chapter of OWASP will take place on June 16, at 17:00, in Microsoft's Herzeliya office, 13 Shenkar St., Building Gev-Yam 5.

Attendance is free, but registration is required: https://owasp-israel-june-2015.eventbrite.com.

This time, OWASP Israel is joining forces with the Israel chapter of CSA! This will be a joint meeting, with both chapters hosting. This will give us an opportunity to expand our horizons, hear different relevant topics, and network with slightly different group of people.

Agenda:

17:00 – 17:30
Gathering, food, and drinks (KOSHER)


17:30 – 17:45
Opening note


17:45 – 18:25
One Key to Rule Them All: Detecting the Skeleton Key Malware
Itai Grady & Tal Be’ery, Microsoft

Identity is one of the cornerstones of application security. On Windows domains, identity is managed through Active Directory (AD) Domain service on the Domain Controller (DC), and many applications are integrated with AD. Therefore, it should come as no surprise that attackers are actively targeting the DC in order to gain rogue access to applications and servers.

Earlier this year, Dell Secureworks had shared a report on an advanced attack campaign utilizing a dedicated DC malware, named “Skeleton Key” Malware. The Skeleton Key malware modifies the DC behavior to accept authentications specifying a secret ”Skeleton key” (i.e. “master key”) password, thus enabling the attackers to login to any application as any domain user without installing any additional malware while keeping the original users’ authentication behavior.

In this talk, we will explore the unique interaction between such malware functionality and the Kerberos authentication protocol; We will put a special emphasis on its manifestation over the network traffic. We will also share a script that implements the remote detection of the skeleton key malware functionality.


18:30 – 19:10
Software Defined Networks are emerging – How will it affect security?
Almog Ohayon, Javelin Networks

TBA


19:10 – 19:30
Coffee break


19:30 – 20:10
Outsmarting researchers: Fraudsters and their security practices
Julia Karpin, F5 Networks

TBA

Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Israel_June_2015&oldid=195702"