OWASP (Open Web Application Security Project) brings together large companies, educational organizations and individuals from around the world. Community members write articles and tutorials, create documentation, tools and technologies to improve the security of services and applications. All OWASP developments are publicly available.
The number of seats is limited, so you need to register in advance. Please indicate your real first name / surname when registering on this site and bring your ID with you.
Planned video broadcasting on YouTube channel.
- 18:30 Registration
- 19:00 “OWASP Projects: SAMM Issue 2”, Taras Ivashchenko, OZON. Recently, the long-awaited release of a new version of the framework for building and evaluating the effectiveness of a security program took place. Let’s talk about what’s new there and what kind of project it is in general.
- 19:15 “Typical errors in the implementation of SMS authentication”, Ramazan (r0hack), DETEACT. Many online services use SMS as a mechanism for authenticating users. But small mistakes are made that will lead to major problems. Some recommendations to reduce application risk. This is what will be discussed in this speech.
- 19:30 OWASP Sheat Sheet Series. Microservices-based security architecture documentation ”, Alexander Barabanov. How in the world of microservices to have up-to-date information about each of them in terms of security? Let’s try to find a solution to this problem and present a new leaflet as part of the OWASP Sheet Sheet Series project
- 19:55 Break
- 20:10 “Dev, Sec, Oops: How Agile Security increases Attack Surface”, Denis Makrushin. As part of an increasingly accelerated development process, automation of the maximum number of security controls is indispensable. But what if the services themselves and the automated security controls are vulnerable and can be used to attack?
- 20:35 TBA
- 21:00 End of the meeting