OWASP Brasov

Welcome to OWASP Brasov Chapter

Welcome to the Brasov Chapter homepage. The chapter leaders are Ilca Lucian and Titus Balan. All events are often hosted by the OWASP (Open Web Application Security Project) Brasov Chapter.

Upcoming Meetings

We schedule our meetings on the OWASP Brasov Meetup Group

Due to a change in the APIs used to collate this data, this functionality is temporarily offline.

Our meetings are open to the public, and you do not need to be a member to attend. Please do consider joining OWASP if you find our community, projects, and meetings valuable, or sponsoring this chapter.

OWASP AppSec Brasov [1]

OWASP AppSec Brasov [1] - 11 A.M / 23 April 2021

Cosmin Radu

Container Insecurities

Docker is a popular container technology and has been very well accepted by industries across the world. It is used in production as well as UAT environments. However, with every new layer in the technology stack, a number of security issues can be introduced either because of loose configurations, insecure code or a combination of both.
Mihai Dancaescu

Attacking JSON Web Tokens

JSON Web Tokens are getting more and more popular each day - they are simple to use, easy to understand, and mostly secure. However, a lot of web developers don't use JWT parsers correctly or, even worse, develop new ones from scratch. This presentation will cover some of the attacks that may be used against applications that rely on JWT tokens.
Vlad Toie

Stealing credentials via NTLMv2

NTLMv2, the challenge-response authentication protocol, hacked via LLMNR poisoning(man in the middle attack). NTLM authentication is the de-facto standard in corporate networks running Windows. There are a plethora of well-understood local attacks that take advantage of the way Windows perform automatic NTLM authentication, and abusing this feature is undoubtedly on the playbook of every penetration tester and red teamer.
Bogdan-Costel Irimia

Penetration testing in healthcare environments

Health and life science organizations invest significant resources into cybersecurity as the risk of failure involves highly sensitive data that, if compromised, could not only affect staff and patient privacy but, potentially, the physical safety of patients too. Penetration testing is simply an approach in which analysts identify potential weaknesses and attempt to exploit vulnerabilities. Sometimes providing a fresh set of eyes can often identify previously undetected issues.
Andrei Dumbrava

Pros and cons of identity-based security of applications

IAM products provide IT managers with tools and technologies for controlling user access to critical information within an organization. This presentation will be related to identity-based security of applications


Participation

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

Chapters are led by local leaders in accordance with the Chapter Leader Handbook. Financial contributions should only be made online using the authorized online donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leaders with details of what OWASP Project, independent research, or related software security topic you would like to present.

Everyone is welcome and encouraged to participate in our Projects, Local Chapters, Events, Online Groups, and Community Slack Channel. We especially encourage diversity in all our initiatives. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. We also encourage you to be become a member or consider a donation to support our ongoing work.

News

Call For Speakers

Call For Speakers is open - if you would like to present a talk on Application Security at future OWASP Brasov Chapter events - please review and agree with the OWASP Speaker Agreement and send the proposed talk title, abstract and speaker bio to the Chapter Leaders via e-mail:

titus.balan (at) owasp.org

  • Chapter Supporters *

    The following are the list of OWASP Corporate Members who have generously aligned themselves with the Brasov chapter, therefore contributing funds to our chapter:

Unitbv Metropolitan Brasov

Example

Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.

Watch Star