{"schedule": {"version": "0.4", "base_url": "https://cfp.owaspukraine.org/okf219/schedule/", "conference": {"acronym": "okf219", "title": "OWASP Kyiv Fall 2019", "start": "2019-11-23", "end": "2019-11-23", "daysCount": 1, "timeslot_duration": "00:05", "days": [{"index": 1, "date": "2019-11-23", "day_start": "2019-11-23T04:00:00+02:00", "day_end": "2019-11-24T03:59:00+02:00", "rooms": {"Grammarly": [{"id": 84, "guid": "9bf3bcc8-542b-5c71-a3ea-d2d75fd15c3c", "logo": "", "date": "2019-11-23T10:00:00+02:00", "start": "10:00", "duration": "00:40", "room": "Grammarly", "slug": "GS3WNJ", "url": "https://cfp.owaspukraine.org/okf219/talk/GS3WNJ/", "title": "Cilium - Network Security for Microservices. Let's See How It Works with Istio", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Cilium is a CNI -compliant networking plugin used to provide multi-host network connectivity for Linux containers and a way to define granular network-layer and application-layer security policies.", "description": "Cilium brings API-aware network security filtering to Linux container frameworks like Docker and Kubernetes. Using a new Linux kernel technology called BPF, Cilium provides a simple and efficient way to define and enforce both network-layer and application-layer security policies based on container/pod identity.", "recording_license": "", "do_not_record": false, "persons": [{"id": 34, "code": "RR88SD", "public_name": "Stanislav Kolenkin", "biography": "16+ years of professional experience in the Information Technologies (IT) industry.\r\nI have received much experience in quick problem solving and not standard issues. I have done many Kubernetes projects with different plugins on OpenStack, AWS, GCP, and Bare-Metal. Last 4 years I am working with Docker, Kubernetes, Calico.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 87, "guid": "5a20cbe6-f827-50e3-86c9-93e8f144a82f", "logo": "/media/okf219/images/XYH7EV/Screenshot_2019-11-23_at_05.53.28.png", "date": "2019-11-23T11:00:00+02:00", "start": "11:00", "duration": "00:40", "room": "Grammarly", "slug": "XYH7EV", "url": "https://cfp.owaspukraine.org/okf219/talk/XYH7EV/", "title": "Quarantine Nights: exploiting macOS File Quarantine in popular apps", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Quarantine Nights: exploiting macOS File Quarantine in popular apps", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"id": 125, "code": "Z88JSJ", "public_name": "Vladimir Metnew", "biography": null, "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 88, "guid": "7e248fb6-540e-5de1-93e3-e47f0f5c6325", "logo": "", "date": "2019-11-23T12:00:00+02:00", "start": "12:00", "duration": "00:40", "room": "Grammarly", "slug": "RHPPSG", "url": "https://cfp.owaspukraine.org/okf219/talk/RHPPSG/", "title": "Injections  - 4 Ways of Penetration", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "I will show 4 types of injections and we will discuss how to protect against them.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"id": 92, "code": "8JAL7Y", "public_name": "Evgeny Tolchinsky", "biography": "4,5  \u0433\u043e\u0434\u0430 \u0432 \u0442\u0435\u0441\u0442\u0438\u0440\u043e\u0432\u0430\u043d\u0438\u0438 \r\nSenior manual Qa/Qa lead \r\n\u0421\u043f\u0438\u043a\u0435\u0440 \u043d\u0430 \u043a\u043e\u043d\u0444\u0435\u0440\u0435\u043d\u0446\u0438\u044f\u0445 (KyivQaDay, Simplicity QA 360, ComaQa Minsk), \u043c\u0438\u0442\u0430\u043f\u0430\u0445 (OpenTechWeek, Speakers\u2019 Corner, KyivTestersMeetup) \r\n\u0414\u043e \u044d\u0442\u043e\u0433\u043e 9 \u043b\u0435\u0442 \u0432 \u0431\u0430\u043d\u043a\u043e\u0432\u0441\u043a\u043e\u0439 \u0441\u0444\u0435\u0440\u0435 \r\n\u0421\u0432\u0438\u0442\u0447\u0435\u0440 :-)", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 83, "guid": "2d7b8169-c6dd-50de-b31d-36dd3808b66c", "logo": "/media/okf219/images/P89CL9/Screenshot_1.png", "date": "2019-11-23T13:00:00+02:00", "start": "13:00", "duration": "00:40", "room": "Grammarly", "slug": "P89CL9", "url": "https://cfp.owaspukraine.org/okf219/talk/P89CL9/", "title": "Pentest Expectations", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "What do pentesters looking for and what customers wish to receive in their reports? \r\nExamples of easy account compromise. \r\n\r\nWhat do pentesters look for the rest of the project time? \r\nClassic OWASP checklist. \r\n\r\nWhat are pentesters tired to report but still have to", "description": "What do we expect? A total compromise.\r\n\u2022 Account Takeover\r\n\u2022 Logic Bypass\r\n\u2022 Remote Code Execution\r\n\u2022 Easy Exploitation\r\n\r\nWhat do we get? OWASP daily work.\r\n\u2022 XSS\r\n\u2022 CSRF\r\n\u2022 Session Fixation\r\n\u2022 IDOR\r\n\u2022 Information Disclosure\r\n\u2022 Unlimited Email Spam\r\n\u2022 ARP poisoning\r\n\u2022 Mountable NFS volumes\r\n\r\nWhat are we bored of in the reports?\r\n\u2022 Versions\r\n\u2022 Ciphers\r\n\u2022 Headers\r\n\u2022 Checklists\r\n\u2022 False Positives\r\n\u2022 Automatic Reports\r\n\r\nHow to get an empty pretest report?", "recording_license": "", "do_not_record": false, "persons": [{"id": 123, "code": "9MFPMD", "public_name": "Ihor uZ", "biography": "WhiteHat focused on Secure SDLC", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 82, "guid": "b7185dcf-5490-50f3-9a60-65761192961c", "logo": "", "date": "2019-11-23T15:00:00+02:00", "start": "15:00", "duration": "00:40", "room": "Grammarly", "slug": "NHK7YG", "url": "https://cfp.owaspukraine.org/okf219/talk/NHK7YG/", "title": "Hacktoberfest \u0442\u0430 open-source", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "\u0412\u0456\u0434\u043a\u0440\u0438\u0442\u0442\u044f \u0434\u043b\u044f \u0441\u0435\u0431\u0435 _open-source_, \u0443\u0447\u0430\u0441\u0442\u044c \u0443 **Hacktoberfest** \u0442\u0430 \u0447\u043e\u043c\u0443 \u0432\u0430\u0440\u0442\u043e \u043f\u0440\u0438\u0434\u0456\u043b\u044f\u0442\u0438 \u0443\u0432\u0430\u0433\u0443 \u043f\u0440\u043e\u0435\u043a\u0442\u0430\u043c \u0437 \u0432\u0456\u0434\u043a\u0440\u0438\u0442\u0438\u043c \u043a\u043e\u0434\u043e\u043c.", "description": "* Hacktoberfest.\r\n* \u0417 \u044f\u043a\u0438\u0445 \u043f\u0440\u043e\u0435\u043a\u0442\u0456\u0432 \u0432\u0430\u0440\u0442\u043e \u043f\u043e\u0447\u0438\u043d\u0430\u0442\u0438 \u0441\u0432\u0456\u0439 \u0448\u043b\u044f\u0445.\r\n* \u0427\u043e\u043c\u0443 \u0446\u0435 \u043c\u0430\u0454 \u0437\u043d\u0430\u0447\u0435\u043d\u043d\u044f.\r\n* \u0427\u0438 \u0431\u0443\u0434\u0435 \u0437 \u0446\u044c\u043e\u0433\u043e \u0432\u0438\u0433\u043e\u0434\u0430.", "recording_license": "", "do_not_record": false, "persons": [{"id": 122, "code": "T7YJBZ", "public_name": "Mykhailo Pazyniuk", "biography": "* InfoSec enthusiast\r\n* OWASP volunteer\r\n* Intern at [UnderDefense](https://underdefense.com/)\r\n* Student at Lviv Polytechnic", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 85, "guid": "4958d881-5f1a-54d5-b6d9-787220c1131c", "logo": "", "date": "2019-11-23T16:00:00+02:00", "start": "16:00", "duration": "00:40", "room": "Grammarly", "slug": "JR9BPR", "url": "https://cfp.owaspukraine.org/okf219/talk/JR9BPR/", "title": "Basic Ideas of OSINT and Why It Is Useful", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Describing what is OSINT. Describing a couple of OSINT tools: Censys.io, Google Dorks, The Harvester, Shodan, Nmap, etc.", "description": "Describing what is OSINT. Describing a couple of OSINT tools: Censys.io, Google Dorks, The Harvester, Shodan, Nmap, etc.", "recording_license": "", "do_not_record": false, "persons": [{"id": 101, "code": "MKHQH9", "public_name": "Nadia Klymenko", "biography": "Security Assessment Engineer", "answers": []}], "links": [], "attachments": [], "answers": []}]}}]}}}