Copyright © The OWASP Foundation Permission is granted to copy, distribute and/or modify this document under the terms of the Creative Commons Attribution-ShareAlike 2.5 License. To view this license, visit The OWASP Foundation OWASP Israel Sep OWASP Israel 2010 Conference Ofer Maor CTO, Hacktics Chairman, OWASP Israel
OWASP Israel – Sep OWASP Israel 2010 Conference About OWASP OWASP Israel Conference Agenda Sponsors:
OWASP Israel – Sep 2010 OWASP World OWASP is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security visible so that people and organizations can make informed decisions about application security risks. OWASP is a worldwide free and open community focused on improving the security of application software. Our mission is to make application security visible so that people and organizations can make informed decisions about application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. The OWASP Foundation is a 501c3 not-for-profit charitable organization that ensures the ongoing availability and support for our work. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license. The OWASP Foundation is a 501c3 not-for-profit charitable organization that ensures the ongoing availability and support for our work.
OWASP Israel – Sep 2010 OWASP Worldwide Community 4 Membership Individual: 750 Organizations: 27 Chapters 158 around world Participants 1,470 Wiki accounts +20,000 users
OWASP Israel – Sep 2010 OWASP Dashboard 5 Worldwide UsersMost New Visitors 29,748,796 page views
OWASP Israel – Sep 2010 OWASP KnowledgeBase 9,421 total articles 427 presentations 200 updates per day +300 mailing lists 180 blogs monitored 19 deface attempts 2,962 uploaded files
OWASP Israel – Sep OWASP Top 10 Critical Vulnerabilities
OWASP Israel – Sep 2010 OWASP AppSec Guides Free and open source Cheap printed copies Covers all critical security controls Hundreds of expert authors All aspects of application security 8
OWASP Israel – Sep Many Other Projects… OWASP Top 10 AppSec Guides Application Security Verification Standard OWASP Software Assurance Maturity Model WebGoat WebScarab CSRF Tester / CSRF Guard OWASP Live CD OWASP Enterprise Security API More…
OWASP Israel – Sep About OWASP Israel Local Israeli Chapter Over 700 registered users (Bigger than NYC!) (If you’re not in – now is the time to register) Activities Monthly Meetings Annual Conference OWASP Top 10 – Hebrew Translation
OWASP Israel – Sep What do we Need? HELP! (And a lot of it…) Meetings Hosting a Meeting (~50 people) – Location + Food Speaking in Meetings (We need speakers!) Translation Most Importantly – Promote OWASP!
OWASP Israel – Sep Today’s Agenda 13:30-14:15 Gathering and Socializing 14:15-14:30 Opening Words Ofer Maor, Hacktics - OWASP Israel Chairman 14:30-15:10 Hacker Intelligence: 6 Months of Attack Vector Research Tal Be'ery, Imperva 15:10-15:50 CSA Israel & The Challenges of Cloud Security Guy Alfassi 15:50-16:30 Beyond Negative Security: Signatures Are Not Always Enough Or Katz, Trustwave 16:30-17:00 Break Room #1Room #2 17:00-17:40 Practical Mod Security: Beyond the Core Rule Set Josh Amishav-Zlatin, Pure Hacking PCI:DSS and the New PA:DSS Standards: Myths, Trends and Pragmatic Methods for Building Secure Software that Complies Shay Zalalichin, Comsec 17:40-18:20 Accelerating Multi-Pattern Matching on Compressed HTTP Traffic Yaron Koral, IDC Real Life Application DoS Attacks Ziv Gadot, Radware 18:20-19:00 Runtime Hardening Erez Metula, AppSec Cloud Computing Security: Mapping Concepts to Practical Techniques Gilad Parann-Nissany, Porticor 19:00-19:05 Closing Words Ofer Maor, Hacktics - OWASP Israel Chairman
OWASP Israel – Sep Thank You! Questions?