Skip to content

Team8 Meetup: Shifting to Developer-Led Security

Photo of Aviv Yonas
Hosted By
Aviv Y.
Team8 Meetup: Shifting to Developer-Led Security

Details

Join us to learn from industry leaders on how security can and should be an integral part of the development and DevOps process and what devastating effects can result while coding with no security in mind.

Agenda:
⏱ 1830-1900: Drinks & Refreshments

⏱ 1900-1920: Hacking the internet on its way to you! Leveraging the cloud to PWN at scale by Noam Moshe.

⏱ 1920-1940: Keep No Secrets: Zero Standing Privileges in DevOps Environments by Ori Mankali

⏱ 1940-2000: Tiny code mistakes with tremendous impact - how to write secure code by Neatsun Ziv

***

πŸ“Œ Hacking the internet on its way to you! Leveraging the cloud to PWN at scale.
Noam Moshe Security Researcher Claorty

In this presentation we will showcase a cloud-based network-device management platform that controls remote Wireless network devices and backhaul PTP devices. We will showcase RCE on wireless backhauling devices, how we exploited the dual deployment (onprem vs cloud) to reverse engineer the cloud API (no need for blackbox), and exploitation of unauthorized remote tunneling API to exploit fields devices a scale.

***

***

πŸ“Œ Keep No Secrets: Zero Standing Privileges in DevOps Environments.
Ori Mankali VP R&D Akeyless

Today, both humans (DevOps, developers, admins) and applications (CI/CD platforms, K8s pods, Web Services, scripts, home-grown apps, etc.) use credentials to access production resources such as Databases, Linux Servers, Windows machines, and more. If an attacker gains access to one of those credentials and uses it to penetrate a production environment (lateral movement), that could be catastrophic to an enterprise. In this talk, you will learn how organizations can design and implement fully protected and secure human-to-machine as well as machine-to-machine access to a production environment, using Just-In-Time Access with Zero Standing Privileges.

***
πŸ“Œ Tiny code mistakes with tremendous impact - how to write secure code
Neatsun Ziv CEO & Founder OX.Security

In this session, we will review a few case studies of small coding mistakes that created a huge impact and will learn how to avoid these mistakes and write secure code - without affecting coding velocity.

***

We look forward to seeing you all in person. πŸ˜ŽπŸŽ‰

COVID-19 safety measures

Event will be indoors
The event host is instituting the above safety measures for this event. Meetup is not responsible for ensuring, and will not independently verify, that these precautions are followed.
Events in Tel Aviv-Yafo, ILComputer SecurityDevOps
White Hat HackingSoftware DevelopmentTechnology Startups
Photo of Team8 Tech Meetups Group group
Team8 Tech Meetups Group
See more events
Team8 Tech Meetups Group
Photo of Team8 Tech Meetups Group group
Totseret ha-Arets St 7
Totseret ha-Arets St 7 Β· Tel Aviv-Yafo
Photo of Team8 Tech Meetups Group group
Team8 Tech Meetups Group
public group