OWASP IL Meetup Aug 2021

Aug 3, 2021 · Tel Aviv-Yafo, Israel

We are happy to inform you that we decided our next meetup will be In person!

We are eager to see you all, and we are sure you are too. However, with COVID-19 still around, we ask you to take responsible decisions and join us according to local guidelines (vaccinated and/or recovered), and please make sure to wear a mask during the event (except while eating ;) )

Remember to wear masks!

------------------------------------------------------------------------------------------

About our host Sompo:
Sompo Holdings is a large Japanese insurance company that operates in more than 30 countries.

Sompo is establishing a global Cyber Center of Excellence (CCoE) in Israel and looking for talented cyber personnel. Join us as a founding member and you will have a unique Japanese experience with high impact.

For additional information, check out our LinkedIn open positions at the link below, or send your CV directly to [masked]
https://www.linkedin.com/company/sompo-digital-lab-tel-aviv/jobs/

------------------------------------------------------------------------------------------

Agenda:
17:30 - 18:00 - gathering, food & networking

18:00 - 18:20
Threat Modeling Manifesto
Avi Douglen

Many of us know that Threat Modeling, a structured methodology for security-based analysis of a complex system, is one of the most effective security activities that can be performed while building a software application.

But what is this newfangled Threat Modeling Manifesto (https://www.threatmodelingmanifesto.org/) thing? How does it work, and how can I scan my app with it? Is it expensive? What does it taste like?

All these questions and more will be answered by Avi D, one of the original authors of the Manifesto, as well as WHY a global group of leading experts decided to build this. Most importantly, we will discuss what the Manifesto can do for you (and what it won't).

18:20 - 19:00
Catch you on the flip side! Breaking down reverse proxy phishing attacks
Danna Pelleg, Cybersecurity Research Group Manager

As digital transformation is accelerated amidst the COVID pandemic outbreak, adversaries are developing customized fraud operations to automate the processes of digital credentials and identity theft on a larger scale than ever before. This session will focus on advanced fraud techniques, frameworks, and account take over automated operations, created to address the new volume of worldwide digital channel end-users. I will explain how the kill chain of a reverse proxy man-in-the-middle phishing automated framework is used to compromise digital accounts, bypass MFA methods, and conduct the perfect ATO.

19:00 - 19:15
Break

19:15 - 20:00
Artificial intelligence - an age of new risks? (in Hebrew)
Arik Klein

This lecture deals with the questions "Are there any cyber risks unique to artificial intelligence", and if so, "How to deal with them?".

The purpose of the lecture is to raise awareness of these cyber risks, accelerate activities to define secure development methodologies to reduce them, and describe practical tools, that address these emerging challenges.

In the first part of the lecture, we will review the unique cyber-attacks of AI systems and understand what are the technological & theoretical reasons that enable these attacks. We will also learn to recognize that regulators around the world are also concerned about these issues and will describe, in a nutshell, their activities in this area.

The second part of the lecture deals with methods and tools for cyber risks' management. As part of this, we will discuss the risk management processes and delve into an applicable model for examining and reducing risks. At the end of the lecture, we will understand why it is possible and right to implement these processes at the beginning of the product development life cycle.

The lecture is intended for development managers, developers and product managers of artificial intelligence products .

Event organizers

Are you organizing OWASP IL Meetup Aug 2021?

Claim the event and start manage its content.

I am the organizer
Social
Rating

based on 0 reviews

Featured Events