OWASP Romania InfoSec Conference – October 2013

Author: Ionut – Daniel BARBU

Published: IJISC Volume 2, Issue 2, Year 2013

With the help of: Pentest.ro

OWASP Romania InfoSec Conference was a one-day Security and Hacking event that took place on October 25, 2013 at the University POLITEHNICA of Bucharest. I am computing this review from an attendant’s perspective although my help was also provided to the organizing team.

The OWASP Romania InfoSec Conference objective was to raise awareness about application security, so that people and organizations could make better and more informed decisions about valid application security risks. The attendance was free of charge which made it available to a wide variety of technical fellows from university students, teachers, IT employees, security specialists to just passionate people. However for administrative purposes, prior registration and confirmation was required. Additionally, all materials from the conference are available under a free and open software license on the conference’s web page.

I was happy to find there around 150 security experts, enthusiasts and students which had the chance to take part in excellent technical presentations and also chat with each other during the coffee and lunch breaks. Apart from this, I must admit it is nice being part of the growth of IT security community in Bucharest.

Dan VASILE, CISSP, speaker and part of organizational team: “The key speaker of the event was Mr. Martin Knobloch, an independent security professional from The Netherlands and a board member of OWASP Netherlands. He delivered a presentation about Secure Development Life Cycle in which he discussed aspects related to the good, the bad and the ugly implementations of development lifecycles. More security professionals later came on stage and delivered presentations on other various security aspects.”

Martin Knobloch

Martin Knobloch

Apart from its main sponsor, OWASP Romania InfoSec Conference partnered with industry enthusiasts such as DefCamp, ARASEC, Securitatea Informatiilor etc. to create this event. As a result, its agenda covered presentations such as: Practical Defense with mod_security Web Application Firewall held by Mihai VENTUNEAC, Online Fraud and the part it plays in Cybercrime where Alexandru DOROFTEI captured crowd’s attention with some words about best practices against fraud in e-commerce. From my perspective, very interesting was also the results presented by Adrian FURTUNA with regards to Scanning Romania using Nessus. This was at one point also amusing because it presented city hall’s sites vulnerabilities. It is worth mentioning that every PII was kept anonymous. In fact, the conference was interesting to all attendants. I am saying that because programmers found catchy what Andrei IGNAT advised about Resolving 3 Common threats in MVC, web developers discovered how to protect WordPress ecosystem from what Dan VASILE presented and grey-hat hackers were tantalized with a preview of DefCamp Conference when Anatolie PRISACARU spoke about mind reading.

OWASP Conference

OWASP Conference

To resume, if you are interested in fields of IT security look for next year’s conference organized by OWASP Romania. Do not expect a large, luxurious venue or exquisite food, but make sure you will be there for great information presented by professionals in the field. Be ready to grab a coffee in the lunch break and discuss what interests you the most with others that share the same passion. If none of this makes you curious, just be there for the community.

Thank you, organizing team, for getting us together! I will not finish this review without mentioning some words about OWASP. The Open Web Application Security Project is a worldwide not-for-profit charitable organization focused on improving the security of software. OWASP does not endorse or recommend commercial products or services, allowing our community to remain vendor neutral with the collective wisdom of the best minds in software security worldwide. If you want to be a part of this go to www.owasp.ro and join the mailing list.

Published: IJISC Volume 2, Issue 2, Year 2013


Leave a comment

Filed under Event Review

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s