My name is Ofer Shezaf, and my profession has been Web Application Security for the last 8 years. However, while for most of my peers web application security means locating vulnerabilities or fixing code, I have spent most of my time researching real time protection systems. I have created one of the first anomaly based web application firewalls, Breach Security's WebDefend and joined Ivan Ristic, the creator of ModSecurity to lead the Core Rule Set, a unique open source rule set for protecting Web Applications.
Currently I am working on many open source and community projects in the area of Web Application Security, among them:
- ModSecurity Core Rule Set, an open source generic rule set for the popular ModSecurity open source Web Application Firewall.
- The Web Hacking Incidents Database, a repository tracking web application security incidents.
- OWASP Israel, which I lead.
My CV can be found on linkedin. If you want to learn about my personal life, and you speak Hebrew, you can read my personal blog.