Loading…
AppSec Israel 2018 has ended
Simple
Expanded
Grid
By Venue
Track 1 [clear filter]
Thursday, September 6
 

10:45 IDT

The Adventures of AV/IR and the Leaky Sandbox
By Amit Klein and Dor Azouri

Suppose you have malware running on one of your endpoints. But you have a highly secure enterprise, with cloud AV, IR team, and locked down network (endpoints can’t access the external network). Can the malware still exfiltrate sensitive data out of your network? You bet! And we’ll show you how!
Speakers
avatar for Dor Azouri

Dor Azouri

Researcher, SafeBreach
Dor Azouri is a security professional, having 7+ years of unique experience in the sec field. Currently doing research @SafeBreach, previously serving in various sec positions @IDF.His experience involved security from many angles: starting with data analysis, to network research... Read More →
avatar for Amit Klein

Amit Klein

VP Security Research, Safebreach
Amit Klein is a world renowned information security expert, with 25 years in information security and over 30 published technical papers on this topic. Amit is VP Security Research at SafeBreach, responsible for researching various infiltration, exfiltration and lateral movement attacks... Read More →

Thursday September 6, 2018 10:45 - 11:30 IDT
Bar-Shira Auditorium
  Track 1

11:45 IDT

JARVIS never saw it coming: Hacking machine learning (ML) in speech, text and face recognition - and frankly, everywhere else
By Guy Barnhart-Magen and Ezra Caltum

Exploits, Backdoors, and Hacks: words we do not commonly hear when speaking of Machine Learning (ML). In this talk, I will present the relatively new field of hacking and manipulate machine learning systems and the potential these techniques pose for active offensive research.  
Speakers
avatar for Guy Barnhart-Magen

Guy Barnhart-Magen

OS Hardening, Security Architecture and Embedded Devices, Cyber Security Consultant
BSidesTLV co-founder and CTF lead, Public speaker, and recipient of the Cisco “black belt” security ninja honor – Cisco’s highest cyber security advocate rank.With nearly 20 years of experience in the cyber-security industry, Guy held various positions in both corporates and... Read More →
avatar for Ezra Caltum

Ezra Caltum

Security Research Manager, Intel
Ezra is a cyber-security practitioner, with a passion for reverse engineering, data analysis, and exploitation. He is the leader of the Tel Aviv DC9723 Defcon group and a co-founder and organizer of BSidesTlv.He is a frequent speaker at local and international events, like BHUSA... Read More →

Thursday September 6, 2018 11:45 - 12:30 IDT
Bar-Shira Auditorium
  Track 1

12:30 IDT

Stackoverflow, the vulnerability marketplace
By Danny Grander

Whether we like to admit it or not, we’ve all borrowed code from stackoverflow at one time in our lives. Many do it more often than they care to admit. If a vulnerability exists in a stackoverflow code snippet, it’s easy for it to go viral in even the most widely used frameworks and libraries. 
Speakers
avatar for Danny Grander

Danny Grander

Security, Snyk
Danny Grander is a veteran security researcher and the cofounder of Snyk.io, where he works on open source security and leads Snyk’s security research. Previously, Danny was the CTO of Gita Technologies and a lead researcher and developer for a few startups. Danny is a frequent... Read More →

Thursday September 6, 2018 12:30 - 13:00 IDT
Bar-Shira Auditorium
  Track 1

14:00 IDT

Security is everybody's job... Literally.
By Tanya Janca

This talk will explain what developers needs to adjust in order to turn DevOps into DevSecOps within their organizations. Several strategies are presented for weaving security into each of the “Three Ways”, with clear steps audience members can start implementing immediately. 
Speakers
TJ

Thursday September 6, 2018 14:00 - 14:45 IDT
Bar-Shira Auditorium
  Track 1

14:45 IDT

Path Of LeAst Resistance - Accelerating the search for vulnerable functions
By Ezra Caltum

By finding function relationships between dynamically compiled binaries and its libraries, and representing them in a Graph Database, we can quickly identify exploitation points. In this presentation, I’ll discuss Graphs, Binary Relationships and Vulnerable Functions.
Speakers
avatar for Ezra Caltum

Ezra Caltum

Security Research Manager, Intel
Ezra is a cyber-security practitioner, with a passion for reverse engineering, data analysis, and exploitation. He is the leader of the Tel Aviv DC9723 Defcon group and a co-founder and organizer of BSidesTlv.He is a frequent speaker at local and international events, like BHUSA... Read More →

Thursday September 6, 2018 14:45 - 15:30 IDT
Bar-Shira Auditorium
  Track 1

15:45 IDT

Exploiting Smart Contracts For Fun And Profit
By Erez Metula

During this talk, we'll discuss common security vulnerabilities that can occur in smart contracts and see how code that caused losses of millions of dollars looks like. We'll cover the tools and techniques to explore , analyze, identify and exploit vulnerabilities in smart contracts.

We'll talk about real world exploits, and look at the vulnerable code that caused them. We'll talk about a new class of code vulnerabilities related to smart contracts, such as re-entrancy, time manipulations, overflows, authorization bypass, exposing secrets, etc.  

Speakers
avatar for Erez Metula

Exploiting Smart Contracts for fun and profit Erez Metula AppSec Labs OWASP IL 2018 pdf
Thursday September 6, 2018 15:45 - 16:30 IDT
Bar-Shira Auditorium
  Track 1
 
Filter sessions
Apply filters to sessions.
Wednesday, September 5
Thursday, September 6
Bar-Shira Auditorium
Break
Room 001
Room 101
Room 205
Room 206
  • Activity
  • Break
  • Plenary
  • Track 1
  • Track 2
  • Track 3
  • Training
  • WIA