Difference between revisions of "OWASP Israel 2008 Conference at the Interdisciplinary Center Herzliya (IDC)"

From OWASP
Jump to: navigation, search
(Agenda)
(Moved videos from Google Video to YouTube due to GV shutdown...)
 
(14 intermediate revisions by 3 users not shown)
Line 1: Line 1:
 +
[[Category:Israel]]
 
{{Template:OWASP_IL_2008_Sponsors}}
 
{{Template:OWASP_IL_2008_Sponsors}}
  
Line 13: Line 14:
 
|- style="font-size:11pt"
 
|- style="font-size:11pt"
 
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
 
|style="color:#1F497D" height="15" align="right" valign="top" | 9:00-9:15
|  valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder
+
|  valign="top" | Opening words by Ofer Shezaf, OWASP Israel founder ([ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Opening%20Words_chunk_1.wmv download video])
 
|  valign="top" |  
 
|  valign="top" |  
  
Line 33: Line 34:
 
|- style="font-size:11pt"
 
|- style="font-size:11pt"
 
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
 
|style="color:#1F497D" height="45" align="right" valign="top" | 9:15-10:00
|  valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] ([[Media:OWASP_IL_2008_Amichai_Shulman_BeyondGoogleHackingn.ppt‎|download ppt)]]<BR>Amichai Shulman, Imperva
+
|  valign="top" | [[OWASP_Israel_2008_Conference_Amichai_Shulman|Web Application Security and Search Engines – Beyond Google Hacking]] ([[Media:OWASP_IL_2008_Amichai_Shulman_BeyondGoogleHackingn.ppt|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_1.wmv video part 1], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amichai%20Sholman_chunk_2.wmv video part 2])<BR>Amichai Shulman, Imperva
|  valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]]<BR>Maty Siman, Checkmark
+
|  valign="top" | [[OWASP_Israel_2008_Conference_Maty_Siman|Application Security - The code analysis way]] ([[Media:OWASP_IL_2008_Maty_Siman_Security_Code_Analysis.ppt‎|download ppt]])<BR>Maty Siman, Checkmark
  
 
|- style="font-size:11pt"
 
|- style="font-size:11pt"
 
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
 
|style="color:#1F497D" height="45" align="right" valign="top" | 10:00-10:45
|  valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] <BR>Ivan Ristic, Breach Security
+
|  valign="top" | [[OWASP_Israel_2008_Conference_Ivan_Ristic|No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling]] ([http://www.youtube.com/watch?v=TAAGN7Ac8Wk watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ivan%20Ristic_chunk_1.wmv download video])<BR>Ivan Ristic, Breach Security
|  valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]]<BR>Adi Sharabani & Yinnon Haviv, IBM
+
|  valign="top" | [[OWASP_Israel_2008_Conference_Adi_Sharabani|Black Box vs. White Box - pros and cons]] ([[Media:OWASP_IL_2008_Sharabani_BlackBox_Vs_WhiteBox.ppt‎|download ppt]])<BR>Adi Sharabani & Yinnon Haviv, IBM
  
 
|- style="font-size:11pt"
 
|- style="font-size:11pt"
Line 47: Line 48:
 
|- style="font-size:11pt"
 
|- style="font-size:11pt"
 
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
 
|style="color:#1F497D" height="30" align="right" valign="top" | 11:00-11:45
|  valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] ([[Media:AppSecEU2008-WHID.ppt|download ppt]]) <BR>Ofer Shezaf, Breach Security
+
|  valign="top" | [[AppSecEU08_Trends_in_Web_Hacking_Incidents:_What%27s_hot_for_2008|Trends in Web Hacking: What's hot in 2008]] ([[Media:AppSecEU2008-WHID.ppt|ppt]], [http://www.youtube.com/watch?v=Hl-JIxq0IrI watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Shezaf%20Trends%202008_chunk_1.wmv download video]) <BR>Ofer Shezaf, Breach Security
 
|  valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] ([[Media:OWASP IL 2008 David Movshovitz AJAX.ppt|download ppt]])<BR>Dr. David Movshovitz, IDC
 
|  valign="top" | [[OWASP_Israel_2008_Conference_David_Movshovitz|AJAX - new technologies new threats]] ([[Media:OWASP IL 2008 David Movshovitz AJAX.ppt|download ppt]])<BR>Dr. David Movshovitz, IDC
  
 
|- style="font-size:11pt"
 
|- style="font-size:11pt"
 
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
 
|style="color:#1F497D" height="30" align="right" valign="top" | 11:45-12:30
|  valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testing the Tester – Measuring Quality of Security Testing]]<BR>Ofer Maor, Hacktics
+
|  valign="top" | [[OWASP_Israel_2008_Conference_Ofer_Maor|Testin g the Tester – Measuring Quality of Security Testing]] ([[Media:OWASP_IL_2008_Ofer_Maor_Testing_The_Tester.ppt‎|ppt]], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Ofer%20Maor%20Testing%20The%20Tester_chunk_1.wmv download video])<BR>Ofer Maor, Hacktics
 
|  valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] ([[Media:OWASP_IL_2008_Yuli_Stremovsky.GreenSQL_Database_Firewall.ppt‎|download ppt]])<BR>Yuli Stremovsky  
 
|  valign="top" | [[OWASP_Israel_2008_Conference_Yuli_Stremovsky|GreenSQL - an open source database security gateway]] ([[Media:OWASP_IL_2008_Yuli_Stremovsky.GreenSQL_Database_Firewall.ppt‎|download ppt]])<BR>Yuli Stremovsky  
  
Line 71: Line 72:
 
|- style="font-size:11pt"
 
|- style="font-size:11pt"
 
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
 
|style="color:#1F497D" height="45" align="right" valign="top" | 13:15-14:00
|  valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] ([[Media:OWASP IL 2008 Shai Chen PT to Java Client Server Apps.ppt|download ppt]])<BR>Shai Chen, Hacktics
+
|  valign="top" | [[OWASP_Israel_2008_Conference_Shai_Chen|Achilles’ heel – Hacking Through Java Protocols]] ([[Media:OWASP IL 2008 Shai Chen PT to Java Client Server Apps.ppt|ppt]], [http://www.youtube.com/watch?v=O2uOOiy8yxw watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Shai%20Chen_chunk_1.wmv download video])<BR>Shai Chen, Hacktics
|  valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] ([[Media:OWASP_IL_2008_Amir_Herzberg_Defending_against_Phishing_without_Client-side_Code.ppt|download ppt]]) <BR>Prof. Amir Herzberg, Bar-Ilan University
+
|  valign="top" | [[OWASP_Israel_2008_Conference_Amir_Herzberg|Defending against Phishing without Client-side Code]] ([[Media:OWASP_IL_2008_Amir_Herzberg_Defending_against_Phishing_without_Client-side_Code.ppt|ppt]], [http://www.youtube.com/watch?v=vmzhWA6_Li4 watch video], [ftp://ftp.idc.ac.il/csvideos/OWASP%2008/Amir%20Herzberg.wmv download video]) <BR>Prof. Amir Herzberg, Bar-Ilan University
  
 
|- style="font-size:11pt"
 
|- style="font-size:11pt"
Line 91: Line 92:
 
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
 
|style="color:#1F497D" height="30" align="right" valign="top" | 15:45-16:30
 
|  valign="top" colspan="2" | Turbo talks (Rump Session), Currently scheduled presentations:  
 
|  valign="top" colspan="2" | Turbo talks (Rump Session), Currently scheduled presentations:  
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) ([[Media:OWASP_IL_2008_Yossi_Oren_APEG.ppt‎|download ppt]])
+
* Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) ([[Media:OWASP_IL_2008_Yossi_Oren_APEG.ppt|download ppt]])
 
* Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
 
* Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning
+
* Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning ([[Media:UnknownMalcodeDetection_OWASP-IL-08.pdf|download pdf]])
* Yaniv Miron, Comsec, UTF7 XSS ([[Media:OWASP_IL_2008_Yaniv_Miron_UTF7_XSS.ppt‎|download ppt]])
+
* Yaniv Miron, Comsec, UTF7 XSS ([[Media:OWASP_IL_2008_Yaniv_Miron_UTF7_XSS.ppt|download ppt]])
* Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths
+
* Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths ([[Media:2008-09-14_OWASP_Israel_2008.ppt‎|download ppt]])
  
 
'''Closing Words, Ofer Shezaf'''
 
'''Closing Words, Ofer Shezaf'''

Latest revision as of 08:22, 4 May 2011

Organizers:     OWASP_IL_Sponsors_IDC_New.JPG     OWASP_IL_Breach_Labs_Logo.jpg
Sponsors:     OWASP_IL_Sponsor_Checkpoint.gif     OWASP_IL_Sponsor_Comsec.gif     OWASP_IL_Sponsors_Imperva.png     OWASP_IL_Sponsor_GamaSec_Logo.jpg
    OWASP_IL_Sponsor_Logo_Checkmarx.jpg     OWASP_IL_Sponsor_Hacktics.jpg     OWASP_IL_Sponsors_Avent.jpg     OWASP_IL_Sponsors_IBM.jpg
Partners:     OWASP_IL_IDC_Logo.gif     OWASP_IL_LOGO_NISF.jpg     OWASP_IL_ISSA_Logo.gif

The OWASP Israel 2008 conference was held on September 14th at the Interdisciplinary Center Herzliya with 250 attendees. The agenda of the full day two track event can be found below.

Contents

Agenda

8:30-9:00 Gathering and Socializing  
9:00-9:15 Opening words by Ofer Shezaf, OWASP Israel founder (download video)  
     
  Room #1 Room #2
  Management Track Fundamentals Track
9:15-10:00 Web Application Security and Search Engines – Beyond Google Hacking (ppt, video part 1, video part 2)
Amichai Shulman, Imperva
Application Security - The code analysis way (download ppt)
Maty Siman, Checkmark
10:00-10:45 No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler Using Traffic Profiling (watch video, download video)
Ivan Ristic, Breach Security
Black Box vs. White Box - pros and cons (download ppt)
Adi Sharabani & Yinnon Haviv, IBM
10:45-11:00 Break
11:00-11:45 Trends in Web Hacking: What's hot in 2008 (ppt, watch video, download video)
Ofer Shezaf, Breach Security
AJAX - new technologies new threats (download ppt)
Dr. David Movshovitz, IDC
11:45-12:30 Testin g the Tester – Measuring Quality of Security Testing (ppt, download video)
Ofer Maor, Hacktics
GreenSQL - an open source database security gateway (download ppt)
Yuli Stremovsky
12:30-13:15 Lunch
     
  Advanced Technology Track Practical Technology Track
13:15-14:00 Achilles’ heel – Hacking Through Java Protocols (ppt, watch video, download video)
Shai Chen, Hacktics
Defending against Phishing without Client-side Code (ppt, watch video, download video)
Prof. Amir Herzberg, Bar-Ilan University
14:00-14:45 Cryptographic elections - how to simultaneously achieve verifiability and privacy (download pdf)
Dr. Alon Rosen, IDC
.NET Framework rootkits - backdoors inside your Framework (download ppt)
Erez Metula, 2Bsecure
14:45-15:00 Break
15:00-15:45 Automated Crawling & Security Analysis of Flash/Flex based Web Applications (download ppt)
Ronen Bachar, IBM
Korset: Code-based Intrusion Detection System for Linux (download pdf)
Ohad Ben-Cohen
15:45-16:30 Turbo talks (Rump Session), Currently scheduled presentations:
  • Yossi Oren, Automatic Patch-Based Exploit Generation (APEG) (download ppt)
  • Avi Weissman, Introduction to the Israeli Forum for Information Security (ISIF)
  • Robert Moskovitch, Detection of Unknown Malicious Code via Machine Learning (download pdf)
  • Yaniv Miron, Comsec, UTF7 XSS (download ppt)
  • Shay Zalalichin & Avi Douglen, Comsec, Breaking CAPTCHA Myths (download ppt)

Closing Words, Ofer Shezaf

The people behind the conference

OWASP Israel is made by the people who contribute their time and brain to its success. The following people are working to ensure that OWASP Israel 2008 is a success.

If you feel that you also can contribute or have interesting ideas regarding the conference, don't hesitate to contact me.

Steering Committee

The steering committee includes prominent individuals in the field of information security and help set the program for the conference:

  • Adi Sharabani (IBM)
  • Dr. David Movshovitz (Interdisciplinary Center Herzliya)
  • Ofer Maor (Hacktics)
  • Ofer Shezaf (Breach Security)
  • Ory Segal (IBM)
  • Shay Zalalichin (ComSec)
  • Yossi Oren (Proxy Software Systems)

Organization Committee

The organization committee is in charge of making this all happen:

  • Dr. Anat Bremler-Barr (Interdisciplinary Center Herzliya)
  • Neer Roggel, the technion
  • Shay Shuker
  • Ofer Shezaf (Breach Security)


~ Ofer Shezaf,Conference Chair
ofer@shezaf.com