AppSec Israel 2018 has ended

Log in to bookmark your favorites and sync them to your phone or calendar.

Track 3 [clear filter]
Thursday, September 6

10:45 IDT

Writing security code in Node.js
By TamarTwena

Node.js has become more and more, and lots of enterprise and B2C application implement their server with Node.js. It is becoming importent to know what are the possible vulnerabilities in your Node.js server. As a developer after this talk you will be able to write a more secure code in Node.js. 

avatar for Tamar Twena-Stern

Tamar Twena-Stern

Software Manager & Architect, Bit
I am a software manager and an architect. In the past, I Managed a development group in Edgeverve systems and was an architect of a transaction engine. I also led a team of performance experts at NCR Retail , I was a solution architect in Personetics, and I had a start up of my own... Read More →

Thursday September 6, 2018 10:45 - 11:30 IDT
Room 101

11:45 IDT

One Push Too Far - Exploiting Web-Push notifications
By Zohar Shachar

In recent years the ability to send push notifications was introduced into the web environment. After getting annoyed with yet another website asking to send me ‘notifications’, I’ve decided to explore this relatively new feature to better understand what risks are involved (Hint - Quite a few!). 

avatar for Zohar Shachar

Zohar Shachar

Tech Lead, Komodo Consulting

Thursday September 6, 2018 11:45 - 12:30 IDT
Room 101

12:30 IDT

Achieving Least Privilege IAM Permissions for AWS Lambda
By Guy Lichtman

Achieving Least Privilege permissions for AWS Lambda is key for ensuring security but in many cases very lax ones are used in practice. This talk presents real-life examples and an open source tool that leverages AWS X-Ray to auto generate a policy based on runtime resource-access profiling. 

avatar for Guy Lichtman

Guy Lichtman

Co-Founder, Functional One
Guy Lichtman is an experienced R&D Leader with over 15 years experience of working in the computer and cyber security industry. He is the Co-Founder of Functional One, a new startup in the field of Serverless Security. Previously, he was Director of Engineering and Site Manager at... Read More →

Thursday September 6, 2018 12:30 - 13:00 IDT
Room 101

14:00 IDT

Serverless Authentication with JWT
By Mehul Patel

Authentication is one of the big parts of every application. Security is always something that is changing and evolving. In this talk, I will cover what JSON Web Tokens (JWTs) are and why using JWTs in your applications when it comes to security is awesome. 

avatar for Mehul Patel

Mehul Patel

Tech Evangelist at Auth0, Mozilla | Engineer at Zimbra, Zimbra | Auth0 | Mozilla
I am a student, web developer, and tech speaker currently living in India. My interests range from technology to innovation. I am also interested in web development, writing, and safe programming.

Thursday September 6, 2018 14:00 - 14:45 IDT
Room 101

14:45 IDT

Your Apps Have Gone Serverless. Has Your Security?
By Hillel Solow

Serverless architecture presents new security challenges. Some are equal to those we know from traditional application development, but some take a new form. Both, developers and attackers must start thinking differently to gain the upper hand. Are you going to be ready when the perimeter is lifted? 

avatar for Hillel Solow

Hillel Solow

CTO, Protego Labs
Hillel is passionate about security innovation, and is driving product innovation and security at Protego. Prior to co-founding Protego, he was CTO in Cisco’s IoT Security Group, where he worked on innovative security solutions for new technology markets.

Thursday September 6, 2018 14:45 - 15:30 IDT
Room 101

15:45 IDT

Passwords are passé – WebAuthn is simpler, stronger, and ready to go
By Michael Furman

Forgot which password belongs to which website? Forgot your password altogether? Been a victim of a phishing attack? Do you want to know why Google, Microsoft, and others are moving away from old fashioned passwords? Because there’s a better way to authenticate, and it’s called WebAuthn. 

avatar for Michael Furman

Michael Furman

Lead Security Architect, Tufin
I have over 10 years of experience with application security. I have been the Lead Security Architect at Tufin for over 4 years. I am responsible for the security of all Tufin software products, including Tufin Orchestration Suite as well as our new products that integrate security... Read More →

Thursday September 6, 2018 15:45 - 16:30 IDT
Room 101
Filter sessions
Apply filters to sessions.