OUR SPEAKERS

speaker_badge_banner_red.png
Share on:
Asset 14icon.png
Asset 39icon.png
Asset 12icon.png

Ira is a senior software engineer working on Seeker, the Interactive Application Security Testing solution from Synopsys.

Ira's experience is diverse - she has a BA in Computer Science, a BSc in Biochemistry, and a MSc in Quantum Mechanics and she is now back to the Cybersecurity field at Synopsys.

In her day job she uses instrumentation in Java to help developers secure their applications.
She is also a mentor for women in tech, and when she isn’t coding or mentoring, she enjoys taking her family on challenging hikes and climbs.

Ira Cherkes Levinshteyn

Senior Software Engineer
Asset 12icon.png
Asset 1TWITTER.png
Asset 39icon.png
Asset 17icon.png
linkedin.png
twitter.png
facebook.png
github.png
English, Hebrew
Languages:
Asset 7TWITTER.png
Location:
Rehovot, Israel
Asset 7TWITTER.png
Can also give an online talk/webinar
Paid only. Contact speaker for pricing!

MY TALKS

Java code instrumentation for beginners

Software Engineering, Security / Privacy, Backend

Asset 12SLIDES.png
Asset 21talk.png
Asset 11SLIDES.png

Curious about how profilers can estimate the time spent in each method or follow memory allocations?
One of the most common ways is to use instrumentation. Instrumentation is the addition of functionality to code for the purpose of gathering data. Profilers inject code into the software under test and extract information for performance analysis. Agents and event loggers also use this strategy.
In this workshop we will go over the basics of JVM, Java bytecode, Java agents, and code instrumentation. By using the Java Instrumentation API, we will build a simple “profiler” that counts the number of times a particular method was invoked. You will learn how to inject code into a Java application and follow the path of the instrumentation to see in detail the way it works.

Basic knowledge of Java is required.

Code for the exercise can be found here: https://github.com/irachle/JavaInstrumentationWorkshop

Asset 1icon.png

Using JWT securely : The dos and don’ts

Software Engineering, Security / Privacy, Backend

Asset 12SLIDES.png
Asset 21talk.png
Asset 11SLIDES.png

JSON Web Tokens (JWTs) became widely used in authentication processes to transfer information in a JSON format while ensuring data integrity. However merely using a JWT is not enough to ensure your information is handled in a secure way. Due to its simplicity, it is common to change the configuration or misuse the data that is sent, thus building a vulnerable application while thinking it's perfectly secure.

In this talk you will learn what a JWT is and how to avoid common security mistakes when using it. We will discuss proper validation of the tokens, settings that disable the JWT signature and should be avoided, and what information should not be sent when creating a JWT.

Asset 1icon.png

Java code instrumentation for beginners

Completed

true

Visible

true

Order

2

Go to lecture page

Using JWT securely : The dos and don’ts

Completed

true

Visible

true

Order

3

Go to lecture page