OWASP Zhytomyr

Local News

Meeting Location - Reikartz Hotel. Zhytomyr. June 29-th

All details about our event you can find in our:

FB page - OWASP ZHYTOMYR FB PAGE

Telegram OFFICIAL - OWASP ZHYTOMYR OFFICIAL

Telegram CHAT - OWASP ZHYTOMYR CHAT

Call For Papers form:

Submit my speach

Category:OWASP Chapter


Our supporters

Chapter meeting sponsors

These companies have demonstrated their support for Ukrainian Application Security community by funding our quarterly chapter meetings.

Stuzo


Huawei

If you want to support or collaborate with us

Please, check the next document and contact to Bohdan or Julia.


Call For Papers 2022

Call For Speakers at OWASP Zhytomyr events is permanently open. If you want to present at future events simply send the title and abstract of your talk and speaker bio to Bohdan Nikitenko or Julia Potapenko Due to the DGPR rules, we can’t use Google forms anymore. So, we are testing the new CFP platform: Apply Talk


Chapter Webinars 2019

When?

29 June 2019 16:00 - 20:00

Where?

Reikartz Hotel (2d floor). Zamkova Square, 5/8, Zhytomyr, 10002

OWASP ZHYTOMYR 2019

Our Speakers

  • Oleg Yudintsev. Independent InfoSec Researcher. “How tasty are your cookies?”

How cookies can leak over insecure channel? How an Attacker can tamper or hijack remotely sensitive cookies of the user? What severe consequences can happen as a result of insecure cookie processing? In this presentation I’m going discuss different weaknesses in cookie lifecycle and how to process cookies securely.

  • Julia Potapenko. iOS Software Engineer at Stuzo. “Touch ID and Face ID. Is it secure?”

Even though Touch ID and Face ID have been here for a while, the users continue to ask if they are secure enough. We will talk about Apple’s Biometrics, Keychain and Secure Enclave, looking into the proper way local authentication should be implemented on iOS devices.

  • Oleksandr Mezherytskyi. Cybersecurity Engineer at Armed Forces of Ukraine. “STOP DDOS”

Oleksandr will tell us about his own experience and practical advices on how to stop attacks on web sites - fitches, tools, and mistakes.

  • Yulia Vashchenko. macOS Software Engineer at MacPaw. “Malware on macOS: hottest news from Objective by the Sea conference”

Chapter Webinars 2020

№1

OWASP ZHYTOMYR 2020

When?

July 31 18:30

Where?

Zoom conference

Meetup


№2

OWASP ZHYTOMYR 2020

When?

September 22 19:00

Where?

Zoom conference

Meetup


№3

OWASP UKRAINE online meetup 2020

When?

December 5 11:00

Where?

Streamyard

Zhytomyr is main org!

Welcome to the sixth annual OWASP Ukraine 2020 conference - the largest Application Security conference in Ukraine, organized by OWASP Zhytomyr, Kyiv and Lviv. This year the conference will be held on December 5 in the format of an online meetup. We have interesting reports from speakers from Ukraine and beyond, workshops and raffles with cool prizes. And it’s all free!

Schedule (could be changed)

11:00 Opening + lottery/raffles announcement

11:25 Maksym Khramov & Serhii Korolenko - 6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days + OTP Lottery

11:45 Julia Potapenko - React Native Security: Addressing Typical Mistakes

12:30 Константин Корсун - Безпека додатку Дія - “Оскар” чи “Золота малина”

13:30 Anatolii Bereziuk - OAuth2.0: What? Where? When?

14:30 Lottery/raffles updates

14:40 Serhii Korolenko & Eduard Kiiko & Oksana Safronova - OWASP JuicyShop Workshop

16:00 Philippe Humeau - Leveraging the crowd power to regain faith in Internet’s zero trust architecture (in English)

17:00 Pawel Rzepa - Serverless security: attack & defense (in English)

18:00 Lottery/raffles results

18:30 Closing word

Meetup


№1 OWASP Zhytomyr Spring Meetup 2021

OWASP ZHYTOMYR 2021

When?

March 25 19:30

Where?

Zoom conference

Meetup

Spring is here! And it means we celebrate OWASP Zhytomyr Birthday with an inspirational meetup.

Let’s meet in a friendly atmosphere and discuss security with our special guest – Anastasi Vixentael.

No slides and boring lectures. We’ll talk about “Security on your project from scratch”. The questions from the audience will be very welcome! Join us on March 25, 19:30, online.


№2 OWASP Zhytomyr Spring Meetup 2021

OWASP ZHYTOMYR 2021

When?

April 20

19:00

Where?

Zoom conference

Meetup

It’s getting hot with so many events from Ukrainian OWASP Chapters. Last month we had a great interview-style meetup, and we are ready again to bring you two awesome speakers.

Sam Stepanyan is an OWASP London Chapter Leader and an Independent Application Security Consultant with over 20 years of experience. His talk is about the OWASP Nettacker Project, one of OWASP’s “Unsung Hero” projects. Nettacker is a little-known yet awesome and powerful ‘swiss-army-knife’ type tool for information gathering and vulnerability scanning.

Volodymyr Nevmerzhytskyi has more than 6 years of experience in mobile app development, and as of right now, he is leading a banking app project. In his talk, he will show us common mobile app vulnerabilities in real-life examples. He’ll demonstrate how to fix them and protect from further attacks.


OWASP Zhytomyr 2021 Meetup #3

OWASP ZHYTOMYR 2021

When?

24.11.2021 19:00

Where?

YouTube

Meetup

Details and description:

Attention please! Because we are going to rock all the things on our next OWASP ZHYTOMYR #3 meetup! This event will be held online. 24.11.2021 at 19:00. By the way, we are ready to announce our speakers!


Please, meet our first speaker Artur!

OWASP ZHYTOMYR 2021

Artur is a security engineer at Cossack Labs, CISSP, with more than 8 years spent in the security trenches – breaking & improving mobile apps, web apps, and huge infrastructures.

During his talk we will discuss how to setup testing environment (root an Android emulator, how to integrate Burp Suite correctly, etc), which tools to use to make your life as a security researcher nice & easy.

Using this research lab, I’ll show you how different apps implement certain OWASP MASVS requirements – like certificate pinning, or root protection. We will see where to look to spot the missing security controls.


Okay, next speaker! Meet Ali Huseyn!

OWASP ZHYTOMYR 2021

Ali will tell us about Reconnaissance in Hacking. This speech is going to be about the reconnaissance stage in hacking. During the presentation, we will cover several topics, such as what is intelligence gathering, why is recon so important, and how to collect the necessary information at this stage. Ali Huseyn Aliyev (@chmodxrw)


OWASP Zhytomyr last but not least speaker, Dmytro Pavlov!

OWASP ZHYTOMYR 2021

Dima is a Security engineer/penetration tester at Ciklum. Talk: “JS prototype pollution 101” Description: Prototype pollution vulnerability might vary from “extremely dangerous threat that resulted into RCE” to “harmless deviation from best practices”. In this talk will be covered how prototype pollution works, how it can be used by attackers with different examples.


Aaaand of course our sponsor! Welcome Huawei!

OWASP ZHYTOMYR 2021

“HUAWEI – це світовий лідер на ринку телекомунікаційного обладнання, а також один з п’яти найбільших R&D інвесторів. Створюючи інтегровані рішення в чотирьох основних областях (телекомунікаційні мережі, ІТ, «розумні» пристрої і хмарні сервіси), ми прагнемо відкрити цифровий світ, в якому все є інтелектуальним і взаємопов’язаним, для кожної людини, оселі та організації. Компанія надає послуги понад 1500 операторам зв’язку та трьом мільярдам кінцевих користувачів у 170 країнах світу.

Кібербезпека та захист персональних даних є пріоритетами Huawei. У своїй діяльності компанія дотримується кращих світових практик та стандартів з безпечної розробки та захисту програмного забезпечення, а також робить власний вагомий внесок у розвиток відповідних стандартів. Компанія вкладає значні кошти в фундаментальні дослідження, концентруючись на технологічних проривах, які просувають світ уперед.”

See you!


OWASP Zhytomyr Meetup 2022 #1

OWASP ZHYTOMYR 2022

When?

Feb 15 19:00

Where?

YouTube stream

Meetup

OWASP Zhytomyr starts this year with a practical topic - gaining certifications: which one to choose, are they useful, and what the process is. By the way, we have a special guest - Oleksii Baranovskyi. He has big amount of certifications from (ISC)², ISACA, EC-Council, CompTIA, etc.

Join OWASP Zhytomyr Youtube stream on February 15 at 19:00. Language: Ukrainian/Russian.

Stay tuned for updates!


Welcome to the second OWASP Zhytomyr event in 2022! As always, we will meet online and learn from the masters. We hope that you are hungry for the new security-talks =) CFP link