dcsimg

Breach Security Executives to Address Zero-Day Attacks and Web Application Security at BlackHat USA and LifeCycle Security Conferences

CARLSBAD, Calif., Aug. 4 /PRNewswire/ -- Breach Security, Inc., the leader in web application security, today announced that Ivan Ristic, vice president of security research, and Ofer Shezaf, vice president of product management, will be presenting at two upcoming security shows. Ristic and Shezaf will co-present "No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler and Traffic Profiling" at BlackHat USA 2008 on August 7. Additionally, Ristic will give an update on the Web Application Security Consortium (WASC) on August 8 and present "Evaluation Criteria for Web Application Firewalls" on August 9 at the LifeCycle Security Conference.

CARLSBAD, Calif., Aug. 4 /PRNewswire/ — Breach Security, Inc., the leader in web application security, today announced that Ivan Ristic, vice president of security research, and Ofer Shezaf, vice president of product management, will be presenting at two upcoming security shows. Ristic and Shezaf will co-present "No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler and Traffic Profiling" at BlackHat USA 2008 on August 7. Additionally, Ristic will give an update on the Web Application Security Consortium (WASC) on August 8 and present "Evaluation Criteria for Web Application Firewalls" on August 9 at the LifeCycle Security Conference.

In their presentations, Ristic and Shezaf will address the security issues caused by the rapid growth of web applications, explain current solutions on the market today and discuss the future of web application security, including the projects on which they are currently working. Both executives are members of the Breach Security(TM) Labs research team, active in industry organizations such as WASC and the Open Web Application Security Project (OWASP), and have access to worldwide web security threat data.

Additionally, at the show, Breach Security will be offering a new white paper from Breach Security Labs titled: "Enough with Default Allow in Web Applications!" This paper discusses current web application security issues associated with the default allow deployment model — a method of web application modeling, which forces applications to accept any requests, rather than only those they can handle — and methods for remediating these issues, while adopting best practices for new platforms. For more information, or for a copy of the report, please visit Breach Security at BlackHat booth #13.

Upcoming Executive Presentations BlackHat USA 2008 Who: Ivan Ristic and Ofer Shezaf What: "No More Signatures: Defending Web Applications from 0-Day Attacks with ModProfiler and Traffic Profiling" When: Thursday, August 7 at 11:15 a.m. Where: Fourth Floor Palace Tower Convention Floor, Caesars Palace Hotel and Casino, Las Vegas, Nevada Session highlights include: — Results of a project designed to help tighten the security of web applications with little effort — Benefits of a new web application traffic analysis tool that observes what's valid and what's not — How this new tool creates a tight application shield and eliminates the complexity of shield construction For more information about BlackHat USA 2008, visit: http://www.blackhat.com/index.html. LifeCycle Security 2008 Who: Ivan Ristic What: "Evaluation Criteria for Web Application Firewalls" When: Saturday, August 9 at 3:15 p.m. Where: Caesars Palace Hotel and Casino, Las Vegas, Nevada Session highlights include: — An overview of web application firewalls and which features really matter — How to customize the work of the Web Application Firewall Evaluation Criteria project — How to use the customized criteria to select the best product Who: Ivan Ristic with Tom Brennan, CTO of Proactive Risk What: WASC and OWASP update When: Friday, August 8 at 1:30 p.m. Where: Caesars Palace Hotel and Casino, Las Vegas, Nevada Session highlights include: — Ristic will give an overview and update on WASC — Brennan will give an overview and update on OWASP. For more information about LifeCycle Security 2008, visit: http://www.lifecyclesecurity.com.

About Ivan Ristic

Ivan Ristic is the vice president of Security Research for Breach Security, Inc. and a member of Breach Security Labs. He joined the company following Breach Security's acquisition of Thinking Stone Ltd. and its ModSecurity(TM) open-source web application firewall. At Breach Security, Ristic focuses primarily on educating the market about the security risks associated with conducting business on the web and continues to improve the open-source ModSecurity project. Prior to moving to the computer security field, Ristic spent a number of years working as a developer, system architect and technical director in the software development industry. He authored Apache Security for O'Reilly (http://www.apachesecurity.net), a concise yet comprehensive web security guide for administrators, system architects and programmers. Ristic earned a BSc with honors in Information Technology and Computing from the Open University. He also completed coursework at the Faculty of Electrical Engineering, University of Belgrade. Ristic is an active participant in the web application security community, an officer of WASC and the leader of the OWASP London Chapter. Ivan's blog is located at http://blog.ivanristic.com.

About Ofer Shezaf

Ofer Shezaf is the vice president of Product Management for Breach Security, Inc. and a member of Breach Security Labs. He is responsible for defining Breach Security's product roadmap and features. Shezaf brings to Breach Security both broad experience in information security and a background in entrepreneurship and venture capital. Shezaf served as a technology expert for leading venture capital funds such as Pitango and Evergreen, evaluating new opportunities and working with early-stage companies on their technology and roadmaps. Previously, Shezaf served as a group manager and, later, a special advisor on national infrastructure protection for the Israeli government and intelligence forces. As a well-known application security expert, Shezaf is an officer of WASC, where he leads the Web Hacking Incidents Database project, and leads the Israeli chapter of OWASP. Shezaf holds a bachelor's degree in computer engineering from the Technion and an MBA from Tel-Aviv University.

About Breach Security, Inc.

Breach Security, Inc. is the leading provider of real-time, continuous web application security that protects sensitive web-based information. Breach Security's products protect web applications from hacking attacks and data leakage, and ensure applications operate as intended. The company's products are trusted by thousands of organizations around the world, including leaders in finance, healthcare, ecommerce, travel and government. For more information, please visit http://www.breach.com.

Breach Security, the Breach Security logo, WebDefend and ModSecurity are trademarks of breach Security, Inc. All other brand, product and service names are the trademarks, registered trademarks or service marks of their respective owners."

SOURCE Breach Security, Inc.

Comments are closed.