OWASP Iasi

Welcome to the OWASP Iași Chapter Homepage

Include some information here about your chapter

Follow us on Meetup. Follow us on Facebook.

Everyone is welcome to join our chapter meetings, members and non-members. OWASP Iași Chapter meetings / events are free and open, so please join us!

Participation

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

Chapters are led by local leaders in accordance with the Chapter Leader Handbook. Financial contributions should only be made online using the authorized online donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP Project, independent research, or related software security topic you would like to present.

Everyone is welcome and encouraged to participate in our Projects, Local Chapters, Events, Online Groups, and Community Slack Channel. We especially encourage diversity in all our initiatives. OWASP is a fantastic place to learn about application security, to network, and even to build your reputation as an expert. We also encourage you to be become a member or consider a donation to support our ongoing work.


Next Events

The Anatomy of a supply chain attack

Date: Wednesday, March 31, 2021 – 6:00 PM to 8:00 PM GMT+3

The Anatomy of a supply chain attack

We’re kicking off OWASP Iași local chapter with a presentation on The Anatomy of a supply chain attack, where we’ll have as guest Dragoș Gavriluț, Director at BitDefender, coordinating the Cyber Threat Intelligence Lab.

A supply chain attack is any cyberattack that seeks to tamper with the production process of a third-party software package in such a way that the delivered package is malicious. Attackers first compromise the supplier using common techniques like targeted phishing emails, malicious websites, guessing weak passwords, abusing Remote Desktop Protocol, etc. Then they move to find the production server (GitHub, Apache Subversion, etc.) where versioning development occurs on the company’s product. Here, the attackers change the software build currently in production, lacing it with malicious code, taking care to hide their tracks. When development is finished and the update is ready for shipping, the company unknowingly signs it with a valid certificate and sends it off to its customers. The customers are inadvertently infected when they deploy the new software, not knowing it’s been tainted.

Don’t forget to book you seat and learn more.



Recent Events

Welcome to OWASP Iași Chapter Recent Events page.

Sadly for the moment, there is nothing to add here.


Past Events

Welcome to OWASP Iași Chapter Past Events page.

Sadly for the moment, there is nothing to add here.