OWASP Israel April 2014

The 2nd meeting of 2014 for the Israel chapter of OWASP took place on April 23, at 17:00.

The meeting was held at Akamai, 3 Ha’mada St. Herzliya Pituach, 2nd floor.

Close to 100 people participated.

Agenda:
 17:00 – 17:30    Gathering, food, and drinks (KOSHER)

 17:30 – 17:45    Opening note 

 17:45 – 18:30     Cloudy with a chance of WAF - Or Katz, Akamai Technologies ([[Media:OWASPIL-2014-04-23_Cloudy_with_a_Chance_to_WAF.pdf|download presentation]] | online prezi)‎

Web application firewalls are a critical tool to those seeking to protect their web applications - it is the first line of defense that virtually shields modern web applications from the malicious actions of web hackers. 5 years ago a typical web application firewall was an on-premise solution, which was deployed and maintained by web application owners. Nowadays, as more and more applications are migrated to the cloud, we are also witnessing the cloudification of Web Application Firewalls.

In this presentation I will discuss the non-obvious benefits and advantages of cloud-based WAFs, for example - the ability to correlate web application firewall events across numerous applications around the internet, detecting widely distributed attack campaigns that in some cases go unnoticed and in other cases may use zero day exploits that could not be detected otherwise, etc.

 18:30 – 19:15     An Arms Race: Using Banking Trojan and Exploit Kit Tactics for Defense - Ziv Mador, SpiderLabs (Trustwave) ([[Media:OWASPIL-2014-04-23_Using_Hackers_Tactics_for_Defensive_Code_-_Trustwave_Ziv_Mador.pdf|download presentation]])

During this talk we will show how security products can use hackers' advanced obfuscation tactics for their own defensive code. Once the malware is “improved” to overcome that obfuscation we will demonstrate how to back deploy these hacker tricks to a security product Proof Of Concept to better block exploit kits and other similar web based threats.

(Note that this is a repeat of the talk Ryan Barnett and Ziv gave at the RSA conference several weeks ago: http://www.rsaconference.com/events/us14/agenda/sessions/1056/an-arms-race-using-banking-trojan-and-exploit-kit. More details about it are included in the blog they posted after their talk: http://blog.spiderlabs.com/2014/03/bloodletting-the-arms-race-using-attackers-techniques-for-defense.html. )

19:15 – 19:30     Coffee break

19:30 – 20:30     The Security of SSL - Itsik Mantin, F5 Networks ([[Media:OWASPIL-2014-04-23_The_Security_of_SSL.pptx|download presentation]])

Over last few years, a number of attacks have been discovered in the Transport Layer Security protocol. The BEAST, TIME, BREACH and Lucky13 attacks were able to break the SSL protocol and extract data protected by SSL such as session cookies.

In the presentation I will discuss the details of these attacks from a cryptographic perspective, and in particular how does it happen that state-of-the-art cryptographic algorithms suffer from a relatively large number of vulnerabilities.

In addition, I will discuss the technical details and the implications of the recently discovered Heartbleed bug (http://heartbleed.com/).