0.5
okwinter2022
OWASP Kyiv Winter 2022 ONLINE Meetup
2022-02-26
2022-02-26
1
00:05
https://cfp.owaspukraine.org/okwinter2022/schedule/
2022-02-26T10:15:00+02:00
10:15
00:30
ZOOM
okwinter2022-134-red-blue-purple-specifics-of-offensive-and-defensive-teams-cooperation
https://cfp.owaspukraine.org/okwinter2022/talk/QRNLAF/
false
Red+Blue = Purple: specifics of offensive and defensive teams cooperation
Talk
en
Red team operations can be effectively performed in close cooperation with the defensive (blue) team - this format differs in some key points from the classical redteaming or penetration testing. Organizational faults or wrong understanding of what is going on can decrease the overall effectiveness of the operation dramatically for both sides.
Looking from the side of red team, discussing, what purple teaming really is, how it should be carried out to be really effective and what are the main constraints on this way.
Red team operations can be effectively performed in close cooperation with the defensive (blue) team - this format differs in some key points from the classical redteaming or penetration testing. Organizational faults or wrong understanding of what is going on can decrease the overall effectiveness of the operation dramatically for both sides.
Looking from the side of red team, discussing, what purple teaming really is, how it should be carried out to be really effective and what are the main constraints on this way.
Roman Draguntsov
2022-02-26T10:50:00+02:00
10:50
01:00
ZOOM
okwinter2022-132-how-to-make-php-web-applications-less-vulnerable-
https://cfp.owaspukraine.org/okwinter2022/talk/VGHGDC/
false
How to make PHP WEB applications less vulnerable?
Talk 60
en
Hi, I'm Kostia. Currently, I work as a Software Engineer at GOG.com. And I'd like to share some of my knowledge about WEB apps security.
At the presentation, I'd like to share my point of view on the WEB applications security. I classified the most common threats with examples and solutions. As a result, the listener obtains a holistic understanding of these threats and the correct mindset for building relatively secure applications.
/media/okwinter2022/images/VGHGDC/picture_f1Gq7Qw.jpg
Deleted User
2022-02-26T12:00:00+02:00
12:00
00:30
ZOOM
okwinter2022-140----winter-2021-2022
https://cfp.owaspukraine.org/okwinter2022/talk/PXW8ZW/
false
Новини стратегічної кібербезпеки, Winter-2021-2022
Talk
en
Огляд новини стратегічної кібербезпеки України та Світу, які хтось міг пропустити, але які важливо знати.
Важливі новини кібербезпеки стратегічного характеру, які не бажано пропускати, щоб залишатися "в матеріалі", "в потоці" та "в моменті".
/media/okwinter2022/images/PXW8ZW/Kos-OWASP-Kyiv-chapter-2021_3gduj20.jpg
Kostiantyn Korsun
2022-02-26T12:45:00+02:00
12:45
00:45
ZOOM
okwinter2022-133-wordpress-hacking-and-securing
https://cfp.owaspukraine.org/okwinter2022/talk/9GATLL/
false
WordPress: Hacking and Securing
Talk 45
en
WordPress is the world's most popular Content Management System, which makes it a lucrative target for cyber criminals. Thousands of WordPress-based websites get hacked daily and according to the GoDaddy report 90% of hacked websites in 2019 were running WordPress CMS. In this talk you will learn about several vulnerabilities and methods used to hack into WordPress websites (including live demo) and some of the mitigations and methods you can use to improve the security of your WordPress websites.
WordPress is the world's most popular Content Management System, which makes it a lucrative target for cyber criminals. Thousands of WordPress-based websites get hacked daily and according to the GoDaddy report 90% of hacked websites in 2019 were running WordPress CMS. In this talk you will learn about several vulnerabilities and methods used to hack into WordPress websites (including live demo) and some of the mitigations and methods you can use to improve the security of your WordPress websites.
Sam Stepanyan
2022-02-26T13:40:00+02:00
13:40
00:30
ZOOM
okwinter2022-135-infrastructure-as-a-code-security-scanning-in-ci-cd
https://cfp.owaspukraine.org/okwinter2022/talk/UPQJM8/
false
Infrastructure as a code security scanning in CI/CD
Talk
en
Current speech is about security scanners which will help you to find misconfigurations and follow best practices for terraform and similar IAC tools in CI/CD. The main goal of topic is to teach you how to protect your project with the best suitable tool.
Particularly will be discussed about snyk, tfsec, kics tools, vulnerable terraform project and Gitlab CI/CD
Volodymyr Skorupskyi
2022-02-26T14:20:00+02:00
14:20
00:30
ZOOM
okwinter2022-138-threat-modeling-all-the-things-why-do-we-need-it-how-to-achieve-it-
https://cfp.owaspukraine.org/okwinter2022/talk/ETFW8M/
false
threat modeling all the things . why do we need it. how to achieve it.
Talk
en
what if i tell you that security vulnerabilities could be find before the pen test and sometimes before coding the functionality. if it sounds interesting to you - please, visit my talk and get some new information about thread modeling process and it implementation in the company
Nadia Klymenko
2022-02-26T15:00:00+02:00
15:00
00:30
ZOOM
okwinter2022-136-what-i-learned-while-teaching-cybersecurity-to-ukrainian-veterans
https://cfp.owaspukraine.org/okwinter2022/talk/GKWHBH/
false
What I learned while teaching Cybersecurity to Ukrainian Veterans
Talk
en
Recently Ukraine has been at the forefront of the world news due to active war phases occurring on multiple operational areas: physical, cyber, informational, etc. In this presentation I share my story and ideas about how Ukrainian veterans can we help address cybersecurity situation in Ukraine.
There are almost half a million war veterans in Ukraine. These are people who have defended territorial integrity of their country. Many (if not all) possess critical skillsets of operating under stress, commitment to mission and teamwork. When veterans are back to civil life, they are faced with a number of problems - discrimination, lack of professional job prospects, financial hardships, PTSD and so on. Veterans are dedicated and committed individuals that deserve respect and a better life. IT and cybersecurity can be one of the ways to positively influence their lives. And how others can help as well.
/media/okwinter2022/images/GKWHBH/veteranius_im3ukhU.png
Dmytro Kavun