OWASP Zhytomyr
Who are we
OWASP Zhytomyr chapter was founded in 2019 by Bohdan Nikitenko
Second leader is Julia Potapenko
The chapter aims at holding quarterly meetups in the format of 4 talks and probably 1 workshop.
How to find us
Follow our news and announcements on social media: Facebook Telegram Meetup
How to support the chapter
If your company wishes to support the chapter, please contact Bohdan Nikitenko or Julia Potapenko
Future Events
Become a Speaker
Call For Speakers at OWASP Zhytomyr events is permanently open. If you want to present at future events simply send the title and abstract of your talk and speaker bio to Bohdan Nikitenko or Julia Potapenko
Become a Sponsor
To sponsor an OWASP Zhytomyr event, contact Bohdan Nikitenko or Julia Potapenko
We don’t have any special sponsorship package, however the sponsoring organization or individual will receive our warm thanks and a fair amount of gratitude spread over our social media presence, placed at the chapter official web-page, and announced at the event itself
Become a Host
To host an OWASP Zhytomyr event, contact Bohdan Nikitenko Venue requirements include:
- Capacity to welcome up to 40-50 attendees
- Separate high-quality internet connection for online streaming
- No need for additional attendee registration or providing attendee lists
- No marketing, advertising, or hiring at the event
Our supporters
Chapter meeting sponsors
These companies have demonstrated their support for Ukrainian Application Security community by funding our quarterly chapter meetings.
If you want to support or collaborate with us
Please, check the next document and contact to Bohdan or Julia.
Call For Papers 2022
Call For Speakers at OWASP Zhytomyr events is permanently open. If you want to present at future events simply send the title and abstract of your talk and speaker bio to Bohdan Nikitenko or Julia Potapenko Due to the DGPR rules, we can’t use Google forms anymore. So, we are testing the new CFP platform: Apply Talk
Chapter Webinars 2019
When?
29 June 2019 16:00 - 20:00
Where?
Reikartz Hotel (2d floor). Zamkova Square, 5/8, Zhytomyr, 10002
Our Speakers
- Oleg Yudintsev. Independent InfoSec Researcher. “How tasty are your cookies?”
How cookies can leak over insecure channel? How an Attacker can tamper or hijack remotely sensitive cookies of the user? What severe consequences can happen as a result of insecure cookie processing? In this presentation I’m going discuss different weaknesses in cookie lifecycle and how to process cookies securely.
- Julia Potapenko. iOS Software Engineer at Stuzo. “Touch ID and Face ID. Is it secure?”
Even though Touch ID and Face ID have been here for a while, the users continue to ask if they are secure enough. We will talk about Apple’s Biometrics, Keychain and Secure Enclave, looking into the proper way local authentication should be implemented on iOS devices.
- Oleksandr Mezherytskyi. Cybersecurity Engineer at Armed Forces of Ukraine. “STOP DDOS”
Oleksandr will tell us about his own experience and practical advices on how to stop attacks on web sites - fitches, tools, and mistakes.
- Yulia Vashchenko. macOS Software Engineer at MacPaw. “Malware on macOS: hottest news from Objective by the Sea conference”
Chapter Webinars 2020
№1
When?
July 31 18:30
Where?
Zoom conference
Meetup link with details:
№2
When?
September 22 19:00
Where?
Zoom conference
Meetup link with details:
№3
When?
December 5 11:00
Where?
Streamyard
Zhytomyr is main org!
Welcome to the sixth annual OWASP Ukraine 2020 conference - the largest Application Security conference in Ukraine, organized by OWASP Zhytomyr, Kyiv and Lviv. This year the conference will be held on December 5 in the format of an online meetup. We have interesting reports from speakers from Ukraine and beyond, workshops and raffles with cool prizes. And it’s all free!
Schedule (could be changed)
11:00 Opening + lottery/raffles announcement
11:25 Maksym Khramov & Serhii Korolenko - 6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days + OTP Lottery
11:45 Julia Potapenko - React Native Security: Addressing Typical Mistakes
12:30 Константин Корсун - Безпека додатку Дія - “Оскар” чи “Золота малина”
13:30 Anatolii Bereziuk - OAuth2.0: What? Where? When?
14:30 Lottery/raffles updates
14:40 Serhii Korolenko & Eduard Kiiko & Oksana Safronova - OWASP JuicyShop Workshop
16:00 Philippe Humeau - Leveraging the crowd power to regain faith in Internet’s zero trust architecture (in English)
17:00 Pawel Rzepa - Serverless security: attack & defense (in English)
18:00 Lottery/raffles results
18:30 Closing word
Meetup link with details:
№1 OWASP Zhytomyr Spring Meetup 2021
When?
March 25 19:30
Where?
Zoom conference
Meetup link with details:
Spring is here! And it means we celebrate OWASP Zhytomyr Birthday with an inspirational meetup.
Let’s meet in a friendly atmosphere and discuss security with our special guest – Anastasi Vixentael.
No slides and boring lectures. We’ll talk about “Security on your project from scratch”. The questions from the audience will be very welcome! Join us on March 25, 19:30, online.
№2 OWASP Zhytomyr Spring Meetup 2021
When?
April 20
19:00
Where?
Zoom conference
Meetup link with details:
It’s getting hot with so many events from Ukrainian OWASP Chapters. Last month we had a great interview-style meetup, and we are ready again to bring you two awesome speakers.
Sam Stepanyan is an OWASP London Chapter Leader and an Independent Application Security Consultant with over 20 years of experience. His talk is about the OWASP Nettacker Project, one of OWASP’s “Unsung Hero” projects. Nettacker is a little-known yet awesome and powerful ‘swiss-army-knife’ type tool for information gathering and vulnerability scanning.
Volodymyr Nevmerzhytskyi has more than 6 years of experience in mobile app development, and as of right now, he is leading a banking app project. In his talk, he will show us common mobile app vulnerabilities in real-life examples. He’ll demonstrate how to fix them and protect from further attacks.
OWASP Zhytomyr 2021 Meetup #3
When?
24.11.2021 19:00
Where?
YouTube
Meetup link with details:
Details and description:
Attention please! Because we are going to rock all the things on our next OWASP ZHYTOMYR #3 meetup! This event will be held online. 24.11.2021 at 19:00. By the way, we are ready to announce our speakers!
Please, meet our first speaker Artur!
Artur is a security engineer at Cossack Labs, CISSP, with more than 8 years spent in the security trenches – breaking & improving mobile apps, web apps, and huge infrastructures.
During his talk we will discuss how to setup testing environment (root an Android emulator, how to integrate Burp Suite correctly, etc), which tools to use to make your life as a security researcher nice & easy.
Using this research lab, I’ll show you how different apps implement certain OWASP MASVS requirements – like certificate pinning, or root protection. We will see where to look to spot the missing security controls.
Okay, next speaker! Meet Ali Huseyn!
Ali will tell us about Reconnaissance in Hacking. This speech is going to be about the reconnaissance stage in hacking. During the presentation, we will cover several topics, such as what is intelligence gathering, why is recon so important, and how to collect the necessary information at this stage. Ali Huseyn Aliyev (@chmodxrw)
OWASP Zhytomyr last but not least speaker, Dmytro Pavlov!
Dima is a Security engineer/penetration tester at Ciklum. Talk: “JS prototype pollution 101” Description: Prototype pollution vulnerability might vary from “extremely dangerous threat that resulted into RCE” to “harmless deviation from best practices”. In this talk will be covered how prototype pollution works, how it can be used by attackers with different examples.
Aaaand of course our sponsor! Welcome Huawei!
“HUAWEI – це світовий лідер на ринку телекомунікаційного обладнання, а також один з п’яти найбільших R&D інвесторів. Створюючи інтегровані рішення в чотирьох основних областях (телекомунікаційні мережі, ІТ, «розумні» пристрої і хмарні сервіси), ми прагнемо відкрити цифровий світ, в якому все є інтелектуальним і взаємопов’язаним, для кожної людини, оселі та організації. Компанія надає послуги понад 1500 операторам зв’язку та трьом мільярдам кінцевих користувачів у 170 країнах світу.
Кібербезпека та захист персональних даних є пріоритетами Huawei. У своїй діяльності компанія дотримується кращих світових практик та стандартів з безпечної розробки та захисту програмного забезпечення, а також робить власний вагомий внесок у розвиток відповідних стандартів. Компанія вкладає значні кошти в фундаментальні дослідження, концентруючись на технологічних проривах, які просувають світ уперед.”
See you!
OWASP Zhytomyr Meetup 2022 #1
When?
Feb 15 19:00
Where?
YouTube stream
Meetup link with details:
OWASP Zhytomyr starts this year with a practical topic - gaining certifications: which one to choose, are they useful, and what the process is. By the way, we have a special guest - Oleksii Baranovskyi. He has big amount of certifications from (ISC)², ISACA, EC-Council, CompTIA, etc.
Join OWASP Zhytomyr Youtube stream on February 15 at 19:00. Language: Ukrainian/Russian.
Stay tuned for updates!
Welcome to the first OWASP Zhytomyr event in 2023!
OWASP Zhytomyr Meetup 2023 #1
When?
Feb 17 12:00
Where?
Zhytomyr Polissya National University
Description
Шановне товариство! Цієї пʼятниці (17.02.2023) на базі Поліського Національного Університету відбудеться сумісна з OWASP Zhytomyr подія. Лідер чаптеру Богдан Нікітенко виступить з презентацією на тему “Types of cyber attacks and how to protect against them” Подія відбудеться о 12.00. Всім, хто відноситься до напрямку КБ бути обовʼязково.