Breach Security Executives to Address Web Application Threat Trends and Security Technologies at OWASP USA AppSec 2008 Conference in New York
CARLSBAD, Calif. – September 17, 2008 – Breach Security, Inc., the leader in web application integrity and security, today announced that Ofer Shezaf and Ivan Ristic will be presenting at the Open Web Application Security Project (OWASP) AppSec 2008 Conference in New York on September 24. OWASP is a worldwide free and open community focused on improving the security of application software and is a not-for-profit entity. Both executives are members of the Breach Security™ Labs research team, active in industry organizations such as The Web Application Security Consortium (WASC) and OWASP, and have access to worldwide web security threat data.
Ofer Shezaf, vice president of product management, leads the Breach Security Lab/WASC Web Hacking Incidents Database (WHID) project and heads up the Israeli chapter of OWASP. Ivan Ristic, vice president of security research, is an officer of WASC and the leader of the OWASP London chapter. Ristic authored the world’s leading web application firewall, ModSecurity, which has more than 15,000 deployments worldwide and is in its fifth year of development. He also wrote the book Apache Security, published by O’Reilly.
Who: Ofer Shezaf
What: Analysis of Web Hacking Incident Database (WHID)
Where: The 2008 OWASP AppSec Conference, The Park Central New York Hotel, New York City
When: Wednesday, September 24 at 10 a.m.
Session highlights include:
- A discussion of WHID statistics, including rising trends in web attacks in the first half of 2008.
- An explanation and dicussion of the business model common to attacks such as SQL injection crawlers and website herding.
Established in 2005, the WHID focuses on reported web hacking incidents, enabling researchers to go beyond a basic-level discussion of web vulnerabilities and provide deeper analysis of real-world incidents such as the types of sites, motivation, source and impact of each attack.
Who: Ivan Ristic
What: WAF ModSecurity
Where: The 2008 OWASP USA AppSec Conference, The Park Central New York Hotel, New York City
When: Wednesday, September 24 at 1 p.m.
Session highlights include:
- A discussion of the benefits of deploying a web application firewall versus scanning and penetration testing, and why network firewalls cannot secure a web application.
- An introduction to and history of Breach Security’s open source web application firewall (WAF), ModSecurity.
- An explanation of the benefits of ModSecurity, including the presentation of several ModSecurity user cases.
Breach Security Labs, the research arm of Breach Security, Inc., plays an active role in leading web application security industry organizations such as OWASP and WASC.
In addition to these presentations, Breach will be demonstrating their award-winning web security technologies at the event.
For more information about the OWASP USA AppSec 2008 in New York, visit: www.owasp.org/index.php/OWASP_NYC_AppSec_2008_Conference. For more information about OWASP, visit: www.owasp.org.
About Breach Security, Inc.
Breach Security, Inc. is the leading provider of real-time, continuous web application integrity and security that protects sensitive web-based information. Breach Security’s products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company’s products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel and government.
|
