Ali
Ali is a security researcher with over a decade of experience working in tech fields. Currently, he is application security lead at Canon EMEA. Ali is a regular speaker or trainer at industry conferences and events such as: Confidence Conf 2020 , Hack In The Box 2023 AMS, DefCon 3x, IEEE AI-ML-Workshop-2021, SSD TyphoonCon 2x, c0c0n, BSides Toronto, Budapest, Calgary, Newcastle, Barcelona, OWASP Ottawa chapter, LeHack2022, NoNameCon, YASCon, COUNTERMEASURE Conference, DragonCon, COSAC 2022, Hacktivity, DefCon Holland, etc. Moreover, he was a trainer at OWASP Summer of Security 2020, 2021 July training, and reviewer for Springer Cluster Computing Journal as well as the 2021 Global AppSec U.S. event.
Sessions
Traditional AppSec techniques such as testing, scanning, and code reviews are essential but often unable to protect against zero-day vulnerabilities before they are discovered and disclosed. In this talk, we will explore how Runtime Application Self-Protection (RASP) technologies can provide real-time behavioral monitoring and protection for applications during execution. We will dive into the limitations of pre-deployment security and explain why runtime protection is necessary. Furthermore, we will discuss the main components and architecture of a RASP solution, highlighting its key features and benefits. Attendees will gain insights into various RASP techniques, including behavioral analysis, anomaly detection, and machine learning, which are crucial for detecting unknown threats. Real-world examples of RASP preventing zero-day exploits and unknown attacks will be shared, showcasing its effectiveness in safeguarding applications. Lastly, we will provide best practices for implementing and integrating RASP into the CI/CD pipeline and DevOps workflow.