| layout | title | tags | level | region |
|---|---|---|---|---|
col-sidebar |
OWASP Kyiv |
example-tag |
0 |
Europe |
These companies have demonstrated their support for Ukrainian Application Security community by funding our quarterly chapter meetings.
These companies have demonstrated their support for Ukrainian Application Security community by hosting our quarterly chapter meetings.
If your company wishes to support the chapter, please contact Vlad Styran or Ihor Bliumental.
OWASP Kyiv chapter was founded in 2017 by Vlad Styran and Ihor Bliumental. The chapter is run by a team of dedicated cybersecurity enthusiasts: Kyrylo Hobrenyak, Dmytro Diordiychuk, and Serhii Korolenko.
The chapter aims at holding quarterly meetups in the format of 2 practical workshops and up to 5 talks. The meetups are normally streamed online and recorded, and are followed by unofficial parties in Kyiv pubs.
Follow our news and announcements on social media: Facebook, Twitter & Telegram
Find us on the semi-official OWASP Slack channel (you have to register first)
Watch recordings of our previous events YouTube
Join the chapter Mailing List or browse the Archives
Call For Speakers at OWASP Kyiv events is permanently open. If you want to present at future events, review and agree with the OWASP Speaker Agreement and check for upcoming events at https://cfp.owaspukraine.org, or simply send the title and abstract of your talk and speaker bio to Vlad Styran or Ihor Bliumental.
To sponsor an OWASP Kyiv event, contact Vlad Styran or Ihor Bliumental.
We don't have any special sponsorship package, however the sponsoring organization or individual will receive our warm thanks and a fair amount of gratitude spread over our social media presence, placed at the chapter official web-page, and announced at the event itself.
To host an OWASP Kyiv event, contact Vlad Styran or Ihor Bliumental.
Venue requirements include:
- Capacity to welcome up to 100 attendees
- Possibility to host a lunch (paid separately by the Chapter)
- Separate high-quality internet connection for online streaming
- No need for additional attendee registration or providing attendee lists
- No marketing, advertising, or hiring at the event
| Hosted by Grammarly. | Sponsored by Trend Micro. |
|---|---|
 |
 |
Date Nov 23 Location Grammarly Kyiv, Sportyvna Square, 1a, Kyiv, Ukraine 01601
Program
| Hosted by EVO. | Sponsored by Pentest.com.ua. |
|---|---|
|
|
Date Aug 3, 2019 Location EVO Company 02121, Україна, м Київ, Харківське шосе, 201/203, корпус 2-А, літера Ф
- “Top Mobile Applications Vulnerabilities” by Svyatoslav Login | Video
- Web Application Security Quiz | No video
- Mitre ATT&CK in Practice. Detectors, Alerting, Coverage by Den Iuzvyk | Video
- “How to Find Security Vulnerabilities in Python Applications?” by Andrey Shalaenko | Video
- “Как manual QA может протестировать проект со стороны security + XSS” by Evgeny Tolchinsky | Video
- Ruby Security Tips - Roman Rott | Video
| Hosted by Ciklum. | Sponsored by WebbyLab. |
|---|---|
|
|
Date Apr 6, 2019 Location Sky Point (Ciklum Kyiv, 20th floor): 12 Amosova street, Horizon Park business center, Kyiv, Ukraine
- All about Subdomain Takeover attack - Workshop (Kostiantyn Sanduliak) | Video
- Overview of iOS apps security assessment - Workshop (Dmytro Diordiichuk) | Video
- Shooting yourself in the feet with PHP (Taras Sharkadi) | Video
- Your web application is vulnerable! (Dmytro Naumenko) | Video
- OWASP Mobile Security Testing Guide (MSTG) in Real Life (Julia Potapenko) | Video
- Adversarial attacks on Deep Neural Networks (Andrey Shalaenko) | Video
| Hosted by InnoHub | Sponsored by Berezha Security |
|---|---|
|
|
Date Feb 2, 2019 Location InnoHub, 6-z, Vatslava Havela Blvd, Kyiv, Ukraine, 03124
- 10:00 Web Application Firewall bypass techniques - Workshop (Bohdan Lukin) | Video
- 11:40 Subdomain discovering as an essential part of the reconnaissance phase - Workshop (Kostiantyn Sanduliak) | Video
- 13:20 Introduction lstio Service Mesh (Stanislav Kolenkin) | Video
- 14:50 OWASP Top-10 A2: Broken Authentication (Svyatoslav Login) | Video
- 15:40 Email as an initial attack vector (Arthur Hil) | Video
- 16:30 Building SQL firewall: insights from developers (Artem Storozhuk) | Video
- 17:20 Application Threat Modeling (Vlad Styran) | Video
| Hosted by MacPaw | Sponsored by HackenProof |
|---|---|
|
|
Date Sep 29, 2018 Location MacPaw, 81 Antonovycha Street, Kyiv, Ukraine
- 10:00 Serhii Korolenko - XSS from zer0 to Hero (workshop) | Video
- 11:30 Eduard Babych - Burp Suite: from First Run to Website Hack in 60 min (workshop) | Video
- 12:30 Oleksii Baranovskyi - BeEF it up (workshop) | Video
- 14:00 Stanislav Kolenkin - How to Secure Your Kubernetes Cluster | Video
- 15:00 Valentin Averin - AppSec Requirements in PCI DSS | Video
- 16:00 Artem Tykhonov - Setting up the Setapp Bug Bounty Program | Video
| Hosted by Ciklum. | Sponsored by Linkos Group. |
|---|---|
|
|
Date Jul 14, 2018 Location Sky Point (Ciklum Kyiv, 20th floor): 12 Amosova street, Horizon Park business center, Kyiv, Ukraine
- Stanislav Kolenkin - Kubernetes Security | Video
- Stanislav Kolenkin - Practical Kubernetes Security (Workshop) | Video
- Pavlo Radchuk - Smart Contracts Security: Understanding Token Security (Workshop) | Video
- Ali Huseyn Aliyev - The Browser Does Not Protect You | Video
- Olha Pasko - Security Baseline for Incident Response | Video
- Yan Kravchenko - Evolution of Application Security Programs and OWASP SAMM 2.0 | Video
- Andriy Shalaenko - Intro to JS and Vue.js Sandbox Escape | Video
Date Mar 3, 2018, Location Sky Point (Ciklum Kyiv, 20th floor): 12 Amosova street, Horizon Park business center, Kyiv, Ukraine
Morning Workshops
Afternoon Talks
- Vlad Styran - OWASP Kyiv 2017 Results and 2018 Plans | Slides | Video
- Vlada Kulish - Why So Serial? Threats to Modern Serialization Capabilities | Slides | Video
- Roman Borodin - ISC2 & ISACA Certifications First-hand Experience | Slides | Video
- Ihor Bliumental - WebSocket Security | Slides | Video
- Oleksii Dorogan - A Struggle to Start a Bug Bounty for a .gov.ua. | Video
- Yevhen Teleshyk - Phishing Threats to Cloud Users | Slides | Video
Date Dec 2, 2017, Location Student Center of State University of Telecommunications, 7 Solomianska Street, Kyiv, Ukraine
Morning Workshops
- Kyrylo Hobrenyak - Bash Scripting 101 | Video
- Vladyslav Makalish & Ivan Berdnik - Cloud Security at AWS | Video
Afternoon Talks
- Anastasiia Vixentael - Don’t Waste Time on Learning Cryptography: Better Use It Properly | Video | Slides
- Pavel Radchuk - SAMM: Understanding Agile in Security | Video | Slides
- Vlad Styran - Security Economics | Video | Slides
- Dima Kovalenko - Modern SSL Pinning | Video | Slides
- Ivan Vyshnevskyi - Not So Quiet git push | Video | Slides
Event writeup by Ivan Vyshnevskyi
Date Sep 9, 2017 Location Student Center of State University of Telecommunications, 7 Solomianska Street, Kyiv, Ukraine
Morning Workshops
- Vlad Styran - "Hidden" Features of the Tools We All Love | Video | Slides
- Ihor Bliumental - Collision CORS | Video | Slides
Afternoon Talks
- Serhiy Korolenko - The Strength of Ukrainian Users’ P@ssw0rds2017 | Video | Slides
- Lidiia 'Alice' Skalytska - Security Checklist for Web Developers | Video | Slides
- Volodymyr Ilibman - Close look at Nyetya investigation | Video | Slides
- Viktor Zhora - Cyber and Geopolitics: Ukrainian factor | Video | Slides
- Andriy Shalaenko - GO security tips | Video | Slides
Date May 27, 2017 Location Smartworking "SAD", 3, Oleksandra Dovzhenka str., Kyiv, Ukraine, 03057
- Vlad Styran - Chapter Introduction and the 2017 Plan.
- Ihor Bliumental - Is there life outside OWASP Top-10? Real-life bugs that didn't make the list (yet) | Video | Slides
- Roman Rott - Ruby for Pentesters | Video | Slides
- Taras Bobalo - Application Security automation with DevOps tools and Clouds | Video | Slides
- Tim Karpinsky - OpSec! Not the PoopSec
NOTOC
Category:OWASP Chapter Category:Ukraine