OWASP Appsec Tel Aviv 2019, Tin Zaw's 'Uninvited Guests: Understanding Malicious Web Bots With OWASP Handbook' →
OWASP Appsec Tel Aviv 2019, Krzysztof Kotowicz' & Mike Samuel's 'Trusted Types: End To End Injection Safety At Scale' →
working on the Information Security Engineering Team at Google Inc.
Mike Samuel is a Software Engineer,
working on the Technical Infrastructure Team at Google, Inc.
OWASP Appsec Tel Aviv 2019, Inon Shkedy's 'Testing And Hacking APIs' →
OWASP Appsec Tel Aviv 2019, Itsik Mantin's & Ori Or-Meir's 'How NLP Can Help Us Understand Web Attackers' →
OWASP Appsec Tel Aviv 2019, Geoffrey Hill's 'Bringing Rapid Prototyping To The Threat Model Process' →
OWASP Appsec Tel Aviv 2019, Adi Belnikov's & Iris Levari's 'Testing Security In, The Right Way' →
Iris Levari is an Application Security Architect with two decades of experience in Cybersecurity; Adi Belinkov is the Vice President of Cybersecurity at JPMorgan Chase & Co, and is an Application Security Architect.
OWASP Appsec Tel Aviv 2019, Lukas Weichselbaum's 'Security For Modern Webapps: New Web Platform Security Features To Protect Your Application' →
OWASP Appsec Tel Aviv 2019, Philippe De Ryck's 'Common API Security Pitfalls' →
OWASP Appsec Tel Aviv 2019, Tom Van Goethem's 'Who Left Open The Cookie Jar?' →
OWASP Appsec Tel Aviv 2019, Yair Amit's & Igal Kreichman's 'Insights From The Trenches: Must Have Secure Coding Lessons In Mobile' →
Igal Kreichman, Dev Manager, Symantec
OWASP Appsec Tel Aviv 2019, Pedro Fortuna's 'Rhyming With Hacks: The Ballad Of Supply Chain Attacks' →
'Rhyming With Hacks: The Ballad Of Supply Chain Attacks'
Presented by Pedro Fortuna, CTO and Co-Founder of Jscrambler
OWASP Appsec Tel Aviv 2019, Taras Ivaschenko's 'Security Culture: Here Be Hackers' →
Presented by Taras Ivaschenko, Head of Product Security Team, OZON.
Head of Russian OWASP branch. Head of product security team at OZON.
OWASP Global AppSec Tel Aviv 2019 - Innovation Fair →
Innovation Fair at Global AppSec Tel Aviv 2019
Below is a list of companies who have planned to take part in the Innovation Fair:
Vicarius, Protego Labs, IXDen, L7 Defense, Cyber Intellectuals and Salt Security
OWASP Global AppSec Tel Aviv 2019, OWASP Leaders Meeting →
Hosted by Director, Projects and Technology: Harold Blankenship
Csaba Fitzl's 'Getting Root with Benign AppStore Apps'
via Objective See's 'Objective by the Sea' confab, comes enlightened security research - in this case, crafted by Csaba Fitzil (examine his presentation slides here), in the effort to garner root through curated applications downloaded via the Apple Inc. (NASDAQ: AAPL) Mac App Store. Most Certainly Today's Must Read!
New Firefox Browser To Feature Anti-Fingerprinting Capabilities
via Martin Brinkmann, writing as he does on gHacks.net, details a specific attribute to be included in the upcoming Firefox 67 release (slated for May 14th, 2019 (the date provided is somewhat 'fluid', as delays may require a reset on the claimed release date). At any rate, the specific release wil include anti-fingerprinting technology.
"Fingerprinting refers to using data provided by the browser, e.g. automatically or by running certain scripts, to profile users. One of the appeals that fingerprinting has is that it does not require access to local storage and that some techniques work across browsers." - via Martin Brinkmann, writing on his gHacks.net
Alejandro Hernandez's Exposing Security Weakness in Stock Trading Tech →
Superlative security research is still coming out of the IOActive game-changing environment (this has been going on for years now - how do they do it...).
Case in Point: The work of Alejandro Hernandez and his current project targeting the apparent insecurity of some (but not all, mind you) stock trading applications so popular amongst the budding young (and old - don't forget the greybeards) kings and queens of capitalism.
In the case under scrutiny, a highly detailed - most importantly: thoroughly accurate - examination of a large number of commercially available applications executing their binary bits on a variety of platforms. Read all about it on Mr. Hernandez's blog post at Iocactive, and white paper. You'll be glad you did.
Google's Litany of Chrome Fail: Malicious Extensions Burgeon Out of Control →
via Martin Brinkmann, writing at Ghacks, tells us of the shameful track record of Google Inc. aka Alphabet Inc. (Nasdaq: GOOG) in policing the company's own browser (Google Chrome) add-on store; based on this report from Radware.. Not too mention the astonishing numbers of malicous apps in the company's Google Play Android shop. Read it an Weep.