{"schedule": {"version": "0.2", "base_url": "https://cfp.owaspukraine.org/owaspukraine2020/schedule/", "conference": {"acronym": "owaspukraine2020", "title": "OWASP Ukraine 2020 Online", "start": "2020-12-05", "end": "2020-12-05", "daysCount": 1, "timeslot_duration": "00:05", "days": [{"index": 1, "date": "2020-12-05", "day_start": "2020-12-05T04:00:00+02:00", "day_end": "2020-12-06T03:59:00+02:00", "rooms": {"OWASP Ukraine Online 2020": [{"id": 108, "guid": "d2648cf1-265c-5a34-a80c-3e91726bb328", "logo": "", "date": "2020-12-05T11:25:00+02:00", "start": "11:25", "duration": "00:20", "room": "OWASP Ukraine Online 2020", "slug": "XCGLA3", "url": "https://cfp.owaspukraine.org/owaspukraine2020/talk/XCGLA3/", "title": "6 digit OTP for Two Factor Auth (2FA) is brute-forceable in 3 days", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "\u0412 \u0441\u0432\u043e\u0457\u0439 \u0434\u043e\u043f\u043e\u0432\u0456\u0434\u0456 \u0440\u043e\u0437\u043f\u043e\u0432\u0456\u043c \u0442\u0435\u043e\u0440\u0435\u0442\u0438\u0447\u043d\u0443 \u0447\u0430\u0441\u0442\u0438\u043d\u0443 \u043b\u043e\u0442\u0435\u0440\u0435\u0457 TOTP. \u0412 \u044f\u043a\u0456\u0439 \u0440\u043e\u0437\u0433\u043b\u044f\u043d\u0435\u043c\u043e \u0441\u043a\u0456\u043b\u044c\u043a\u0438 \u0447\u0430\u0441\u0443 \u043c\u043e\u0436\u0435 \u0437\u0430\u0439\u043d\u044f\u0442\u0438 \u0443\u0441\u043f\u0456\u0448\u043d\u0430 Brute Force \u0430\u0442\u0430\u043a\u0430 \u0442\u0438\u043c\u0447\u0430\u0441\u043e\u0432\u043e\u0433\u043e \u043e\u0434\u043d\u043e\u0440\u0430\u0437\u043e\u0432\u043e\u0433\u043e \u043f\u0430\u0440\u043e\u043b\u044e \u0442\u0430 \u044f\u043a \u0457\u0457 \u043c\u043e\u0436\u043d\u0430 \u043c\u0430\u0448\u0442\u0430\u0431\u0443\u0432\u0430\u0442\u0438.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"id": 149, "code": "XHFUQU", "public_name": "Maksym Khramov", "biography": "Penetration Tester at Berezha Security", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 104, "guid": "5eb5e3b8-dc66-52c6-83f8-cbe98150c769", "logo": "", "date": "2020-12-05T11:45:00+02:00", "start": "11:45", "duration": "00:30", "room": "OWASP Ukraine Online 2020", "slug": "TRDAKN", "url": "https://cfp.owaspukraine.org/owaspukraine2020/talk/TRDAKN/", "title": "React Native Security: Addressing Typical Mistakes.", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Many articles claim that React Native apps are less secure than the native ones. In this talk, I shed light on React Native apps\u2019 security based on my experience and explain some risks and threats developers should address to prevent typical mistakes.", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"id": 55, "code": "L3WJZH", "public_name": "Julia Potapenko", "biography": "Security Software Engineer at Cossack Labs. Chapter Leader of OWASP Zhytomyr. Mobile/Security Lead at WWCode Kyiv.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 103, "guid": "1aeede49-cbb7-53b7-a634-b12ab6e17a23", "logo": "", "date": "2020-12-05T12:30:00+02:00", "start": "12:30", "duration": "00:25", "room": "OWASP Ukraine Online 2020", "slug": "PNKYTK", "url": "https://cfp.owaspukraine.org/owaspukraine2020/talk/PNKYTK/", "title": "\u0411\u0435\u0437\u043f\u0435\u043a\u0430 \u0434\u043e\u0434\u0430\u0442\u043a\u0443 \u0414\u0456\u044f - \"\u041e\u0441\u043a\u0430\u0440\" \u0447\u0438 \"\u0417\u043e\u043b\u043e\u0442\u0430 \u043c\u0430\u043b\u0438\u043d\u0430\"?", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "\u0414\u043e\u0434\u0430\u0442\u043e\u043a \u00ab\u0414\u0456\u044f\u00bb \u0432\u0456\u0434 \u041c\u0456\u043d\u0456\u0441\u0442\u0435\u0440\u0441\u0442\u0432\u0430 \u0446\u0438\u0444\u0440\u043e\u0432\u043e\u0457 \u0442\u0440\u0430\u043d\u0441\u0444\u043e\u0440\u043c\u0430\u0446\u0456\u0457 \u0437\u0430\u0432\u0430\u043d\u0442\u0430\u0436\u0438\u043b\u043e \u0432\u0436\u0435 \u0431\u0456\u043b\u044c\u0448\u0435 5 \u043c\u0456\u043b\u044c\u0439\u043e\u043d\u0456\u0432 \u043a\u043e\u0440\u0438\u0441\u0442\u0443\u0432\u0430\u0447\u0456\u0432.\r\n\u0410\u043b\u0435 \u0449\u043e \u0434\u043e\u0441\u0442\u0435\u043c\u0435\u043d\u043d\u043e \u0432\u0456\u0434\u043e\u043c\u043e \u043f\u0440\u043e \u0431\u0435\u0437\u043f\u0435\u043a\u0443 \u0434\u043e\u0434\u0430\u0442\u043a\u0443 \u0414\u0456\u044f \u043f\u0440\u043e\u0444\u0435\u0441\u0456\u0439\u043d\u0456\u0439 \u0441\u043f\u0456\u043b\u044c\u043d\u043e\u0442\u0456?\r\n\u0427\u0438 \u043d\u0435 \u0447\u0430\u0441 \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0438 \u043f\u0440\u043e \u0446\u0435 \u0432\u0456\u0434\u043a\u0440\u0438\u0442\u043e?", "description": "\u0417 \u0432\u0456\u0434\u043a\u0440\u0438\u0442\u0438\u0445 \u0434\u0436\u0435\u0440\u0435\u043b \u043f\u0440\u043e \u0431\u0435\u0437\u043f\u0435\u043a\u0443 \u0434\u043e\u0434\u0430\u0442\u043a\u0443 \u00ab\u0414\u0456\u044f\u00bb \u0432\u0456\u0434\u043e\u043c\u043e \u043b\u0438\u0448\u0435, \u0449\u043e \u043d\u0435\u0432\u0456\u0434\u043e\u043c\u0456 \u043a\u043e\u043c\u043f\u0430\u043d\u0456\u0457 \u043f\u0440\u043e\u0432\u043e\u0434\u0438\u043b\u0438 \u0442\u0435\u0441\u0442\u0443\u0432\u0430\u043d\u043d\u044f \u0456 \u0449\u043e \u0434\u043e\u0434\u0430\u0442\u043e\u043a \u043e\u0442\u0440\u0438\u043c\u0430\u0432 \u0430\u0442\u0435\u0441\u0442\u0430\u0442 \u0432\u0456\u0434\u043f\u043e\u0432\u0456\u0434\u043d\u043e\u0441\u0442\u0456 \u041a\u0421\u0417\u0406, \u044f\u043a\u0438\u0439 \u043c\u0456\u043d\u0456\u0441\u0442\u0440 \u0424\u0435\u0434\u043e\u0440\u043e\u0432 \u043d\u0430\u0437\u0432\u0430\u0432 \u00ab\u041e\u0441\u043a\u0430\u0440\u043e\u043c\u00bb \u0437 \u043a\u0456\u0431\u0435\u0440\u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0443 \u043d\u0430\u0448\u0456\u0439 \u0434\u0435\u0440\u0436\u0430\u0432\u0456.\r\n\u042f\u043a\u0456 \u0456\u0441\u043d\u0443\u044e\u0442\u044c \u0440\u0438\u0437\u0438\u043a\u0438 \u0456 \u044f\u043a \u0457\u0445 \u043c\u0456\u043d\u0456\u043c\u0456\u0437\u0443\u0432\u0430\u0442\u0438?\r\n\u042f\u043a\u0456 \u0430\u0440\u0433\u0443\u043c\u0435\u043d\u0442\u0438 \u043c\u0430\u044e\u0442\u044c \u0440\u043e\u0437\u0440\u043e\u0431\u043d\u0438\u043a\u0438 \u0442\u0430 \u043f\u0440\u0438\u0445\u0438\u043b\u044c\u043d\u0438\u043a\u0438 \u0434\u043e\u0434\u0430\u0442\u043a\u0443?\r\n\u042f\u043a\u0430 \u0441\u0432\u0456\u0442\u043e\u0432\u0430 \u043f\u0440\u0430\u043a\u0442\u0438\u043a\u0430 \u0440\u043e\u0437\u0440\u043e\u0431\u043a\u0438 \u0434\u043e\u0434\u0430\u0442\u043a\u0456\u0432 \u0441\u0445\u043e\u0436\u043e\u0433\u043e \u0440\u0456\u0432\u043d\u044f?\r\n\u0414\u043e \u0447\u043e\u0433\u043e \u0432\u0441\u0435 \u0439\u0434\u0435 \u0456 \u044f\u043a\u0438\u0439 \u043f\u0440\u043e\u0433\u043d\u043e\u0437?\r\n\u041f\u0440\u043e \u0443\u0441\u0435 \u0446\u0435 \u044f \u0445\u043e\u0442\u0456\u0432 \u0431\u0438 \u043f\u043e\u0433\u043e\u0432\u043e\u0440\u0438\u0442\u0438 \u0437 \u0444\u0430\u0445\u0456\u0432\u0446\u044f\u043c\u0438 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0434\u043e\u0434\u0430\u0442\u043a\u0456\u0432 \u043d\u0430 OWASP Ukraine 2020.", "recording_license": "", "do_not_record": false, "persons": [{"id": 24, "code": "BADYSF", "public_name": "Kostiantyn Korsun", "biography": "\u041a\u043e\u0441\u0442\u044f\u043d\u0442\u0438\u043d \u041a\u043e\u0440\u0441\u0443\u043d\r\n\r\n\u0423 2000-2005 \u0440\u043e\u043a\u0430\u0445 \u041a\u043e\u0441\u0442\u044f\u043d\u0442\u0438\u043d \u043f\u0440\u0430\u0446\u044e\u0432\u0430\u0432 \u0437\u0430\u0441\u0442\u0443\u043f\u043d\u0438\u043a\u043e\u043c \u043a\u0435\u0440\u0456\u0432\u043d\u0438\u043a\u0430 \u0432\u0456\u0434\u0434\u0456\u043b\u0443 \u0431\u043e\u0440\u043e\u0442\u044c\u0431\u0438 \u0437 \u043a\u043e\u043c\u043f\u2019\u044e\u0442\u0435\u0440\u043d\u043e\u044e \u0437\u043b\u043e\u0447\u0438\u043d\u043d\u0456\u0441\u0442\u044e \u043f\u0440\u0438 \u0414\u0435\u043f\u0430\u0440\u0442\u0430\u043c\u0435\u043d\u0442\u0456 \u043a\u043e\u043d\u0442\u0440\u0440\u043e\u0437\u0432\u0456\u0434\u043a\u0438 \u0421\u0411\u0423, \u0430 \u043f\u0456\u0437\u043d\u0456\u0448\u0435 \u2013 \u043e\u0434\u043d\u0438\u043c \u0456\u0437 \u0437\u0430\u0441\u043d\u043e\u0432\u043d\u0438\u043a\u043e\u043c \u0442\u0430 \u043f\u0435\u0440\u0448\u0438\u043c \u043a\u0435\u0440\u0456\u0432\u043d\u0438\u043a\u043e\u043c CERT-UA.\r\n\u041f\u0456\u0441\u043b\u044f \u0437\u0432\u0456\u043b\u044c\u043d\u0435\u043d\u043d\u0456 \u0437\u0456 \u0441\u043b\u0443\u0436\u0431\u0438 \u041a\u043e\u0441\u0442\u044f\u043d\u0442\u0438\u043d \u043f\u0440\u0430\u0446\u044e\u0432\u0430\u0432 \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u0443\u043a\u0440\u0430\u0457\u043d\u0441\u044c\u043a\u043e\u0433\u043e \u043e\u0444\u0456\u0441\u0443 \u043c\u0456\u0436\u043d\u0430\u0440\u043e\u0434\u043d\u043e\u0457 \u043a\u0456\u0431\u0435\u0440\u0431\u0435\u0437\u043f\u0435\u043a\u043e\u0432\u043e\u0457 \u043a\u043e\u043c\u043f\u0430\u043d\u0456\u0457 iSIGHT Partners (\u0442\u0435\u043f\u0435\u0440 \u0454 \u0447\u0430\u0441\u0442\u0438\u043d\u043e\u044e FireEye), \u043f\u0456\u0437\u043d\u0456\u0448\u0435 \u0441\u043f\u0456\u0432\u043f\u0440\u0430\u0446\u044e\u0432\u0430\u0432 \u0437 Symantec Corp. \u0443 \u044f\u043a\u043e\u0441\u0442\u0456 \u043d\u0435\u0437\u0430\u043b\u0435\u0436\u043d\u043e\u0433\u043e \u043f\u043e\u0441\u0442\u0430\u0447\u0430\u043b\u044c\u043d\u0438\u043a\u0430 \u043f\u043e\u0441\u043b\u0443\u0433 Threat Intelligence.\r\n\u041d\u0430\u0440\u0430\u0437\u0456 \u041a\u043e\u0441\u0442\u044f\u043d\u0442\u0438\u043d \u0454 \u0441\u043f\u0456\u0432\u0437\u0430\u0441\u043d\u043e\u0432\u043d\u0438\u043a\u043e\u043c \u0442\u0430 \u0432\u0438\u043a\u043e\u043d\u0430\u0432\u0447\u0438\u043c \u0434\u0438\u0440\u0435\u043a\u0442\u043e\u0440\u043e\u043c \u043a\u0456\u0431\u0435\u0440\u0431\u0435\u0437\u043f\u0435\u043a\u043e\u0432\u043e\u0457 \u043a\u043e\u043c\u043f\u0430\u043d\u0456\u0457 \u0411\u0435\u0440\u0435\u0436\u0430 \u0421\u0435\u043a\u2019\u044e\u0440\u0456\u0442\u0456, \u044f\u043a\u0430 \u043d\u0430\u0434\u0430\u0454 \u043f\u043e\u0441\u043b\u0443\u0433\u0438 \u0442\u0435\u0441\u0442\u0443\u0432\u0430\u043d\u043d\u044f \u043d\u0430 \u043f\u0440\u043e\u043d\u0438\u043a\u043d\u0435\u043d\u043d\u044f, \u043e\u0446\u0456\u043d\u043a\u0438 \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043d\u043e\u0433\u043e \u0437\u0430\u0431\u0435\u0437\u043f\u0435\u0447\u0435\u043d\u043d\u044f, \u043e\u0446\u0456\u043d\u043a\u0438 \u043d\u0430 \u0441\u043e\u0446\u0456\u0430\u043b\u044c\u043d\u0443 \u0456\u043d\u0436\u0435\u043d\u0435\u0440\u0456\u044e, \u0440\u043e\u0437\u0440\u043e\u0431\u043a\u0438 \u0442\u0430 \u0432\u043f\u0440\u043e\u0432\u0430\u0434\u0436\u0435\u043d\u043d\u044f \u043f\u0440\u043e\u0433\u0440\u0430\u043c \u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0434\u043e\u0434\u0430\u0442\u043a\u0456\u0432, \u0431\u0435\u0437\u043f\u0435\u043a\u043e\u0432\u043e\u0457 \u043e\u0431\u0456\u0437\u043d\u0430\u043d\u043e\u0441\u0442\u0456 \u043f\u0435\u0440\u0441\u043e\u043d\u0430\u043b\u0443, Bug Bounty, \u0442\u043e\u0449\u043e.\r\n\u041f\u0430\u043d \u041a\u043e\u0440\u0441\u0443\u043d \u0454 \u0430\u043a\u0442\u0438\u0432\u043d\u0438\u043c \u0447\u043b\u0435\u043d\u043e\u043c \u0443\u043a\u0440\u0430\u0457\u043d\u0441\u044c\u043a\u043e\u0457 \u043a\u0456\u0431\u0435\u0440-\u0441\u043f\u0456\u043b\u044c\u043d\u043e\u0442\u0438, \u043f\u0440\u043e\u043f\u0430\u0433\u0443\u044e\u0447\u0438 \u0456\u0434\u0435\u0457 \u0440\u043e\u0437\u0432\u0438\u0442\u043a\u0443 \u0456\u043d\u0434\u0443\u0441\u0442\u0440\u0456\u0457 \u043a\u0456\u0431\u0435\u0440\u0431\u0435\u0437\u043f\u0435\u043a\u0438 \u0432 \u0443\u043a\u0440\u0430\u0457\u043d\u0441\u044c\u043a\u043e\u043c\u0443 \u0441\u0443\u0441\u043f\u0456\u043b\u044c\u0441\u0442\u0432\u0456.\r\n\r\nKostiantyn Korsun\r\n\r\nAs former deputy head of Cybercrime Department at Security Service of Ukraine (colonel retired), Kostiantyn was one of the founders and the first head of CERT-UA. After resigning from the service, Kostiantyn acted as Regional Director for Ukraine Research Office of iSIGHT Partners, international cyber threat intelligence company (now is a part of FireEye). Then he cooperated with Symantec Corp. as an official vendor of Threat Intelligence services.\r\n Currently, Kostiantyn is a CEO and Co-Founder of Berezha Security LLC., a company that provides services in Penetration Testing, Security Awareness Programs, Software Security Assessment, Bug Bounty Program, Social Engineering Assessment, Application Security Programs.\r\n Mr Korsun is an active member of the local cyber community in Ukraine, promoting cybersecurity ideas within Ukrainian society.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 102, "guid": "ee0d7412-c798-57c7-a8b6-abc1cbe88db5", "logo": "", "date": "2020-12-05T13:30:00+02:00", "start": "13:30", "duration": "00:30", "room": "OWASP Ukraine Online 2020", "slug": "XNFGZC", "url": "https://cfp.owaspukraine.org/owaspukraine2020/talk/XNFGZC/", "title": "OAuth2.0: What? Where? When?", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Overview of the OAuth2.0 Authorization Framework, Threat Model and Security Considerations", "description": "\u0414\u043e\u043f\u043e\u0432\u0456\u0434\u044c \u043f\u0440\u0438\u0441\u0432\u044f\u0447\u0435\u043d\u0430 \u043e\u0433\u043b\u044f\u0434\u0443 \u0430\u0432\u0442\u043e\u0440\u0438\u0437\u0430\u0446\u0456\u0439\u043d\u043e\u0433\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0443 OAuth2.0 \u0442\u0430 \u0439\u043e\u0433\u043e \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u043d\u043d\u044f. \u041c\u0438 \u043f\u0440\u043e\u0439\u0434\u0435\u043c\u043e \u0447\u0435\u0440\u0435\u0437 \u0432\u0435\u0441\u044c \"OAuth Flow\", \u0440\u043e\u0437\u0433\u043b\u044f\u043d\u0435\u043c\u043e \u043e\u0441\u043d\u043e\u0432\u043d\u0456 \u0432\u0440\u0430\u0437\u043b\u0438\u0432\u043e\u0441\u0442\u0456, \u0449\u043e \u0441\u0442\u043e\u0441\u0443\u044e\u0442\u044c\u0441\u044f \u043d\u0435\u043f\u0440\u0430\u0432\u0438\u043b\u044c\u043d\u043e\u0433\u043e \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u043d\u043d\u044f OAuth, \u0437\u043c\u043e\u0434\u0435\u043b\u044e\u0454\u043c\u043e  \u0437\u0430\u0433\u0440\u043e\u0437\u0438 \u0449\u043e \u043f\u043e\u0441\u0442\u0430\u044e\u0442\u044c \u043f\u0435\u0440\u0435\u0434 \u0441\u0443\u0447\u0430\u0441\u043d\u0438\u043c \u0432\u0438\u043a\u043e\u0440\u0438\u0441\u0442\u0430\u043d\u043d\u044f\u043c \u0434\u0430\u043d\u043e\u0433\u043e \u0444\u0440\u0435\u0439\u043c\u0432\u043e\u0440\u043a\u0443 \u0442\u0430 \u043f\u043e\u0442\u0435\u043d\u0446\u0456\u0439\u043d\u0438\u0445 \u0437\u043b\u043e\u0432\u043c\u0438\u0441\u043d\u0438\u043a\u0456\u0432.", "recording_license": "", "do_not_record": false, "persons": [{"id": 141, "code": "DYNFTC", "public_name": "Anatolii Bereziuk", "biography": "My bio", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 109, "guid": "857b257c-d799-587a-ae61-a83fe81fc149", "logo": "", "date": "2020-12-05T14:40:00+02:00", "start": "14:40", "duration": "01:00", "room": "OWASP Ukraine Online 2020", "slug": "NCCUZQ", "url": "https://cfp.owaspukraine.org/owaspukraine2020/talk/NCCUZQ/", "title": "OWASP JuiceShop Workshop", "subtitle": "", "track": null, "type": "Workshop", "language": "en", "abstract": "\u0412\u043e\u0440\u043a\u0448\u043e\u043f \u043d\u0430\u0434\u0430\u0454 \u043c\u043e\u0436\u043b\u0438\u0432\u0456\u0441\u0442\u044c \u043f\u043e\u0434\u0438\u0432\u0438\u0442\u0438\u0441\u044c \u043d\u0430 \u043e\u0434\u043d\u0443 \u0456 \u0442\u0443 \u0436 \u0441\u0430\u043c\u0443 \u0441\u0438\u0442\u0443\u0430\u0446\u0456\u044e \u0437 \u0434\u0432\u043e\u0445 \u0441\u0442\u043e\u0440\u0456\u043d: \u0437\u0456 \u0441\u0442\u043e\u0440\u043e\u043d\u0438 \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0435\u0440\u0430, \u044f\u043a\u0438\u0439 \u0442\u0435\u0441\u0442\u0443\u0454 \u0432\u0435\u0431-\u0434\u043e\u0434\u0430\u0442\u043e\u043a, \u0430 \u0442\u0430\u043a\u043e\u0436 \u0437\u0456 \u0441\u0442\u043e\u0440\u043e\u043d\u0438 \u0430\u043d\u0430\u043b\u0456\u0442\u0438\u043a\u0430, \u0449\u043e \u043f\u0440\u0430\u0446\u044e\u0454 \u0437 \u0441\u0438\u0441\u0442\u0435\u043c\u0430\u043c\u0438, \u0447\u0435\u0440\u0435\u0437 \u044f\u043a\u0456 \u043c\u043e\u0436\u043d\u0456 \u0446\u0456 \u0434\u0456\u0457 \u0432\u0438\u044f\u0432\u0438\u0442\u0438.", "description": "\u041f\u0456\u0434 \u0447\u0430\u0441 \u0432\u043e\u0440\u043a\u0448\u043e\u043f\u0443 \u0431\u0443\u0434\u0443\u0442\u044c \u043f\u043e\u043a\u0430\u0437\u0430\u043d\u0456 \u0434\u0456\u0457, \u044f\u043a\u0456 \u0432\u0438\u043a\u043e\u043d\u0443\u0454 \u043f\u0435\u043d\u0442\u0435\u0441\u0442\u0435\u0440 \u043f\u0456\u0434 \u0447\u0430\u0441 \u0442\u0435\u0441\u0442\u0443\u0432\u0430\u043d\u043d\u044f \u0432\u0435\u0431-\u0434\u043e\u0434\u0430\u0442\u043a\u0443 - \u043d\u0430 \u043f\u0440\u0438\u043a\u043b\u0430\u0434\u0456 OWASP Juice Shop. \r\n\u041a\u0440\u0456\u043c \u0442\u043e\u0433\u043e, \u0431\u0443\u0434\u0435 \u043f\u043e\u043a\u0430\u0437\u0430\u043d\u043e \u044f\u043a \u0442\u0430\u043a\u0443 \u0430\u043a\u0442\u0438\u0432\u043d\u0456\u0441\u0442\u044c \u043c\u043e\u0436\u0435 \u043f\u043e\u0431\u0430\u0447\u0438\u0442\u0438 \u0442\u0430 \u0440\u043e\u0437\u0441\u043b\u0456\u0434\u0443\u0432\u0430\u0442\u0438 \u0437\u0456 \u0441\u0432\u043e\u0433\u043e \u0431\u043e\u043a\u0443 \u0441\u0435\u043a\u044c\u044e\u0440\u0456\u0442\u0456-\u0456\u043d\u0436\u0435\u043d\u0435\u0440. \r\n\u042f\u043a \u0432\u0438\u0441\u043d\u043e\u0432\u043e\u043a, \u043e\u0431\u0433\u043e\u0432\u043e\u0440\u0438\u043c\u043e \u043f\u0435\u0440\u0435\u0432\u0430\u0433\u0438 \u043f\u043e\u0434\u0456\u0431\u043d\u043e\u0457 \u0441\u043f\u0456\u0432\u043f\u0440\u0430\u0446\u0456 \u0434\u043b\u044f \u043e\u0431\u043e\u0445 \u0441\u0442\u043e\u0440\u0456\u043d.", "recording_license": "", "do_not_record": false, "persons": [{"id": 18, "code": "JZNRBV", "public_name": "Serhii Korolenko", "biography": null, "answers": []}, {"id": 108, "code": "CNDCCK", "public_name": "Oksana Safronova", "biography": null, "answers": []}, {"id": 107, "code": "UPU3ZG", "public_name": "Eduard Kiiko", "biography": "I am a software engineer with some background in security.", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 110, "guid": "feaa0d11-d952-5207-94c2-440a726b91f7", "logo": "/media/owaspukraine2020/images/W3NQQF/Talk_image_kJsMIs5.jpeg", "date": "2020-12-05T16:00:00+02:00", "start": "16:00", "duration": "00:30", "room": "OWASP Ukraine Online 2020", "slug": "W3NQQF", "url": "https://cfp.owaspukraine.org/owaspukraine2020/talk/W3NQQF/", "title": "Leveraging the crowd power to regain faith in Internet\u2019s zero trust architecture", "subtitle": "", "track": null, "type": "Talk", "language": "en", "abstract": "Did you know that, every day across the Internet, each IP address is scanned hundreds of times? Or that more than 2,000 attacks are perpetrated, stealing 1.4 million personal records? That\u2019s right, every single day! Today, there is a way to rebalance the odds and protect our resources through crowdsourced security and reputation.", "description": "In 2020, our ways of living and working turned completely upside down in a matter of days. We all brought our companies home and our homes in our companies\u2019 systems. Staying connected to our colleagues, friends and family became a critical necessity, which opened the door for hackers to cause disruption and we saw a huge increase of attacks all around the world.\r\n\r\nEven though worldwide spending on cybersecurity is predicted to reach $1 trillion in 2021 according to Forbes, the game will still be asymmetrical and all companies will keep being hacked regardless of their security budgets. Expensive security doesn\u2019t mean better security. A new approach is needed.\r\n\r\nJoin us for this talk so we can explore why a collaborative approach to security could contribute to solving the problem and how we could make the Internet safer together.", "recording_license": "", "do_not_record": false, "persons": [{"id": 146, "code": "ELPWLK", "public_name": "Philippe Humeau", "biography": "CEO @ CrowdSec", "answers": []}], "links": [], "attachments": [], "answers": []}, {"id": 105, "guid": "467eea5d-9eb8-59e9-9080-a9e692487238", "logo": "", "date": "2020-12-05T17:00:00+02:00", "start": "17:00", "duration": "00:45", "room": "OWASP Ukraine Online 2020", "slug": "BG9ZAA", "url": "https://cfp.owaspukraine.org/owaspukraine2020/talk/BG9ZAA/", "title": "Serverless security: attack & defense", "subtitle": "", "track": null, "type": "Long Talk", "language": "en", "abstract": "In this talk I'm going to show you various attack vectors against the serverless applications built from AWS Lambda functions. You can expect the followings:\r\n* my findings on publishing malicious NPM packages to smuggle malicious code into legitimately looking dependences,\r\n* examples of validation errors in serverless applications, including Denial of Wallet attacks and RCE in a fugacious, serverless environment\r\n* insecure defaults in Serverless framework\r\n* serverless attacks and security nuances in Azure and GCP\r\n* recipes to prevent those attacks\r\n* lots of demos\r\n* lots of fun \ud83d\ude42", "description": "", "recording_license": "", "do_not_record": false, "persons": [{"id": 143, "code": "K3WASF", "public_name": "Pawel Rzepa", "biography": "Pawel is a senior security consultant in SecuRing. On a daily basis he is responsible for performing penetration tests and cloud security assessments. He has a wide experience in security field gained inter alia, as a fuzzer developer in Spirent, pentester in EY GSS, security auditor in Credit Agricole or threat analyst in IBM SOC. His skills are proven by gaining OSCP, eMAPT, AWS SAA and AWS CSS certificates. Pawel actively supports OWASP community by arranging local OWASP chapter meetings in Wroclaw.", "answers": []}], "links": [], "attachments": [], "answers": []}]}}]}}}