{"schedule": {"version": "0.1", "base_url": "https://cfp.owaspukraine.org/okspring2021/schedule/", "conference": {"acronym": "okspring2021", "title": "OWASP Kyiv Spring 2021 ONLINE Meetup", "start": "2021-04-24", "end": "2021-04-24", "daysCount": 1, "timeslot_duration": "00:05", "days": [{"index": 1, "date": "2021-04-24", "day_start": "2021-04-24T04:00:00+03:00", "day_end": "2021-04-25T03:59:00+03:00", "rooms": {"ZOOM": [{"id": 118, "guid": "eab4e57d-2370-5ebb-8078-f37357e93ef1", "logo": "", "date": "2021-04-24T10:00:00+03:00", "start": "10:00", "duration": "01:00", "room": "ZOOM", "slug": "LXCAJZ", "url": "https://cfp.owaspukraine.org/okspring2021/talk/LXCAJZ/", "title": "A9:Using Components with Known Vulnerabilities", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "Known Security Vulnerabilities are those gaps in security that have been identified, either by the developer/vendor of the products used, by the user/developer, or by the hacker/intruder. To exploit known security vulnerabilities, hackers identify a weak component in the system by scanning the system using automated tools (more common because these hacking tools are available online) or by analyzing the components manually (less common, because it takes more advanced skills).", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"id": 37, "code": "GLHLBN", "public_name": "Svyat Login", "biography": "Head of gangsta QA at EVO\r\nMore than 9 years in testing\r\nI've been testing for web vulnerabilities for over 5 years\r\nI provide training for bebiner in Security Testing in Start-it", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 122, "guid": "26d89b49-be33-5eee-aa38-276f658ce0c3", "logo": "", "date": "2021-04-24T11:30:00+03:00", "start": "11:30", "duration": "00:30", "room": "ZOOM", "slug": "UMMPFM", "url": "https://cfp.owaspukraine.org/okspring2021/talk/UMMPFM/", "title": "Information security academic minors in modern Ukrainian higher education", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Nowadays higher education in Ukraine takes new challenges: required knowledge level for employment is low, knowledge sometimes are outdated, student oriented on self-education. Also, education in Ukraine mostly doesn't orient on lifelong education, so it doesn't prepare wide specialists. How modern education in Ukraine can compete with these factors and being attractive and useful for students and several other questions will be discussed around this topic.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"id": 183, "code": "MER78H", "public_name": "Trokhym Babych", "biography": "Assistant at National University of \"Kyiv-Mohyla Academy\" (NaUKMA)", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 121, "guid": "eab3d7ad-0cc6-5282-8d35-18b93a5b4cc7", "logo": "/media/okspring2021/images/GHF9EC/resp_disclosure_Q5k4sy5.png", "date": "2021-04-24T12:30:00+03:00", "start": "12:30", "duration": "00:30", "room": "ZOOM", "slug": "GHF9EC", "url": "https://cfp.owaspukraine.org/okspring2021/talk/GHF9EC/", "title": "Responsible disclosure: it's not all about the money.", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Starting from an introduction to \"Responsible Disclosure\" model, we will see this process in detail, pointing out the differences with \"Full Disclosure\" model, bug bounty programs and black market.\r\nLastly, three CVEs will be publicly disclosed and presented to the audience, in order to show a real case about the responsible disclosure model.\r\nThis is the detailed agenda of the talk:\r\n\r\n1 - Intro -> total 5 minutes, divided in:\r\n     Who am I? -> 1 minute\r\n     Introduction to responsible disclosure -> 4 minutes\r\n     \r\n2 - Responsible disclosure in detail and differences with full disclosure, bug bounty programs and black marcket -> total 10 minutes\r\n\r\n3 - Real case: how to report vulnerabilities to a non-cooperative vendor, gaining the glory and avoiding to be jailed. Analysis of 3 CVEs -> total 10 minutes\r\n\r\n4 - Q&A -> 5 minutes", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"id": 180, "code": "DJJNPA", "public_name": "Carlo Di Dato", "biography": "I'm an Italian bug hunter, currently working as penetration tester and vulnerability researcher for Advantio Ltd.\r\nI love to break things and find bug. I\u2019m not old, I\u2019m vintage :-)", "answers": []}], "links": [], "attachments": [], "answers": []}]}}]}}}