top of page
OUR SPEAKERS
Share on:
Ira is a senior software engineer working on Seeker, the Interactive Application Security Testing solution from Synopsys.
Ira's experience is diverse - she has a BA in Computer Science, a BSc in Biochemistry, and a MSc in Quantum Mechanics and she is now back to the Cybersecurity field at Synopsys.
In her day job she uses instrumentation in Java to help developers secure their applications.
She is also a mentor for women in tech, and when she isn’t coding or mentoring, she enjoys taking her family on challenging hikes and climbs.
Ira Cherkes Levinshteyn
Senior Software Engineer
English, Hebrew
Languages:
Location:
Rehovot, Israel
Can also give an online talk/webinar
Paid only. Contact speaker for pricing!
MY TALKS
Java code instrumentation for beginners
Software Engineering, Security / Privacy, Backend
Curious about how profilers can estimate the time spent in each method or follow memory allocations?
One of the most common ways is to use instrumentation. Instrumentation is the addition of functionality to code for the purpose of gathering data. Profilers inject code into the software under test and extract information for performance analysis. Agents and event loggers also use this strategy.
In this workshop we will go over the basics of JVM, Java bytecode, Java agents, and code instrumentation. By using the Java Instrumentation API, we will build a simple “profiler” that counts the number of times a particular method was invoked. You will learn how to inject code into a Java application and follow the path of the instrumentation to see in detail the way it works.
Basic knowledge of Java is required.
Code for the exercise can be found here: https://github.com/irachle/JavaInstrumentationWorkshop
Using JWT securely : The dos and don’ts
Software Engineering, Security / Privacy, Backend
JSON Web Tokens (JWTs) became widely used in authentication processes to transfer information in a JSON format while ensuring data integrity. However merely using a JWT is not enough to ensure your information is handled in a secure way. Due to its simplicity, it is common to change the configuration or misuse the data that is sent, thus building a vulnerable application while thinking it's perfectly secure.
In this talk you will learn what a JWT is and how to avoid common security mistakes when using it. We will discuss proper validation of the tokens, settings that disable the JWT signature and should be avoided, and what information should not be sent when creating a JWT.
Java code instrumentation for beginners
Completed
true
Visible
true
Order
2
Using JWT securely : The dos and don’ts
Completed
true
Visible
true
Order
3
bottom of page