The annual OWASP AppSec Israel Conference is the largest conference in Israel for application and software security, has been going regularly for over a decade and always draws hundreds of participants. Over 1000 people attended last year, this year we expect to exceed that since we go digital!
OWASP AppSec Israel will take place this year on October 28th 2020. The Conference usually starts at 9AM and lasts until 18:00. It will also be preceded by a day of Developer Training.
But AppSecIL is not just for security experts! We also have talks aimed at developers, testers, architects, product designers, and managers - anyone involved with the software lifecycle is welcome, regardless of type of software, website, mobile app, or any other type of application.
If you are responsible for, or involved with: * Web security * DevSecOps * Cloud security * Mobile security * Application security * Software development * Quality assurance * Software maintenance or operations … we want to hear from you at AppSecIL!
The content is selected independently of sponsors, and we do not abide “pay for play” (i.e. $ != talk). This is your chance to speak at OWASP AppSec Israel regardless of your geography, since we having an online conference this year.
AppSec Israel always has excellent talks, but even if you’ve never done this before - you should not be discouraged from submitting! It is very important to us to have a diverse variety of speakers, and even if this is your first time presenting we will ensure that you have the support needed to give a great talk, including speaker mentorship if you want. (AppSecIL is also a super friendly crowd, so it’s a great place to start out!)
Anything and everything AppSec! Application security, software security, web security…
In general, the only restriction on the subject of the talks is being related to Application Security or Software Security in some way (not necessarily Web). We will not accept any talks regarding other aspects of Security, that are not applicative in nature. Talks at any technical level can be accepted.
We especially appreciate talks from security folk in large organizations (“security consumers”) who can share different Case Studies from the field. Specifically, the topics we look for include, but are not limited to, the following subject areas:
- Secure development: secure coding, static analysis, application threat modelling, web frameworks security, countermeasures, SDLC, DevOps, etc.
- Mobile security: Development and/or testing devices and the mobile web
- Cloud security: Offensive and defensive considerations for cloud-based web applications
- Applicative Infrastructure security: Database security, VoIP, hardware, identity management, serverless and containers frameworks
- Penetration testing: Methodologies, tools, exploit development, evasion techniques, OSINT, etc.
- Emerging web technologies and associated security considerations
- Internet of Things: IoT security and other devices
- SCADA and Industrial Control Systems: and how these can be secured, or hacked, at an application or software level.
- Applied Cryptography: Relevant research, new models, algorithm usage, interesting attacks, and other applications.
- Incident response: Threat detection, triage, malware analysis, forensics, rootkit detection
- OWASP tools and projects in practice
- Policy and legal: Legislation, privacy, regulations and compliance, C-level considerations, etc.
- Cool hacks and other fun stuff: cryptography, social engineering, etc.