Imperva Blog|Login|中文Deutsch日本語

Podcasts

Launch iTunes & Subscribe  Imperva on iTunes Hide Descriptions
Selected Tag: Amichai Shulman | Show All
Next Generation WAF (NG-WAF) -- An interview with Amichai Shulman

Next Generation WAF (NG-WAF) -- An interview with Amichai Shulman


On this episode of the Imperva Security Podcast Amichai Shulman -- CTO and Co-founder of Imperva talks about the next generation of WAFs.

Amichai discusses the Industrialization of Hacking and how that's creating a need for WAF solutions to evolve so they can address automated attacks, business logic attacks, and the existing and growing list of technical attacks such as SQL Injection, XSS, etc. He also discusses mechanism for combating automated attacks and business logic attacks, deployments within MSSP and Cloud-based environments, and other components of Imperva's NG-WAF vision.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, WAF, NG-WAF, Industrialized Hacking, Automated Attacks, Business Logic Attacks, Hacking

Play Podcast Podcast Transcript (PDF)
Direct Database SQL Injection Attacks and Mitigation Techniques with Amichai Shulman -- Imperva CTO & Co-founder

Direct Database SQL Injection Attacks and Mitigation Techniques with Amichai Shulman -- Imperva CTO & Co-founder


On this episode of the Imperva Security Podcast Amichai Shulman -- CTO and Co-founder of Imperva talks about Direct Database SQL Injection attacks. A video on this subject can be found here. He discusses how these attacks are preformed directly through the database interface or through Web applications. He also talks about flaws in stored procedures that make these attacks possible.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, Direct Database SQL Injection, Database Security, Web Application Security, SQL Injection

Play Podcast Podcast Transcript (PDF)
Insider Threats, Privileged User Abuse and Mitigation Techniques with Amichai Shulman -- Imperva CTO & Co-founder

Insider Threats, Privileged User Abuse and Mitigation Techniques with Amichai Shulman -- Imperva CTO & Co-founder


On this episode of the Imperva Security Podcast Amichai Shulman -- CTO and Co-founder of Imperva talks about Insider Threats. He explores the differences between careless and nefarious insiders and talks about the difficulties of managing risks surrounding privileged users. He also discusses several threat mitigation strategies.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, Insider Threat, Privileged User, Database Security, Application Security

Play Podcast Podcast Transcript (PDF)
SQL Injection Attacks and Mitigation Techniques with Amichai Shulman -- Imperva CTO & Co-founder

SQL Injection Attacks and Mitigation Techniques with Amichai Shulman -- Imperva CTO & Co-founder


On this episode of the Imperva Security Podcast Amichai Shulman -- CTO and Co-founder of Imperva talks about SQL Injection. He discusses how these attacks are preformed, why they are so pervasive, why signature detection doesn't work, and how to mitigate these attacks.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, SQL Injection, WAF, Web Application Security

Play Podcast Podcast Transcript (PDF)
Microsoft IIS WebDAV Remote Authentication Bypass: Interview with Amichai Shulman -- CTO and Co-founder of Imperva

Microsoft IIS WebDAV Remote Authentication Bypass: Interview with Amichai Shulman -- CTO and Co-founder of Imperva


On this episode of the Imperva Security Podcast Amichai Shulman is interviewed. He talks about Microsoft Security Advisory Number 971492 that was released on May 17th 2009. This vulnerability is related to Microsoft IIS servers running WebDAV. Amichai goes into detail about the vulnerability, why servers are still vulnerable even though this is a well known exploit, and how attacks can be mitigated with WAF or Web Application Firewalls. Amichai further talk about how the Imperva SecureSphere WAF has been protecting customers from redundant UTF-8 encoding attacks just like this for over three years.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, Microsoft IIS WebDAV Remote Authentication Bypass, Redundant UTF-8 Encoding, Microsoft Security Advisory Number 971492

Play Podcast Podcast Transcript (PDF)
Interview with Amichai Shulman -- CTO and Co-founder of Imperva

Interview with Amichai Shulman -- CTO and Co-founder of Imperva


On this episode of the Imperva Security Podcast Amichai Shulman is interviewed. Amichai talks about CSRF (Cross-Site Request Forgery). He gives a detailed background on the attack, how it works, and why we aren't hearing a lot about it. He also discusses mitigation techniques.Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: Amichai Shulman, ADC, CSRF, Cross-Site Request Forgery

Play Podcast Podcast Transcript (PDF)
Interview with Amichai Shulman -- Co-founder and CTO of Imperva

Interview with Amichai Shulman -- Co-founder and CTO of Imperva


On this episode of the Imperva Security Podcast Amichai Shulman is interviewed. Amichai talks about Clickjacking. He gives a detailed background on the attack, how it works, some high profile examples, as well as mitigation techniques to protect both applications and users.

More information on this subject can be found here:
Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: ADC, Amichai Shulman, Clickjacking

Play Podcast Podcast Transcript (PDF)
Interview with Amichai Shulman, Co-founder and CTO of Imperva

Interview with Amichai Shulman, Co-founder and CTO of Imperva


On this episode of the Imperva Security Podcast Amichai Shulman is interviewed. Amichai talks about Drive-by-Downloading. He gives a detailed background on the attack, how it works, some high profile examples, as well as mitigation techniques to protect both applications and users.

Amichai Shulman is Co-Founder and CTO of Imperva, where he heads the Application Defense Center (ADC), Imperva's internationally recognized research organization focused on security and compliance. Shulman regularly lectures at trade conferences and delivers monthly eSeminars. The press draws on Shulman's expertise to comment on breaking news, including security breaches, mitigation techniques, and related technologies. Under his direction, the ADC has been credited with the discovery of serious vulnerabilities in commercial Web application and database products, including Oracle, IBM, and Microsoft. Prior to Imperva, Shulman was founder and CTO of Edvice Security Services Ltd., a consulting group that provided application and database security services to major financial institutions, including Web and database penetration testing and security strategy, design and implementation. Shulman served in the Israel Defense Forces, where he led a team that identified new computer attack and defense techniques. He has B.Sc and Masters Degrees in Computer Science from the Technion, Israel Institute of Technology.

Tags: ADC, Amichai Shulman, Drive-by-Downloading

Play Podcast Podcast Transcript (PDF)
Selected Tag: Amichai Shulman | Show All
Launch iTunes & Subscribe Request More Information