OWASP Riga Chapter

This event is kindly hosted by Latvijas Universitātes Banku Augstskola. There is limited seating available for in-person attendees. Registration required.

Venue Location: Latvijas Universitātes Banku Augstskola, K. Valdemāra iela 161, Rīga
Auditorija 101 – Konferenču zāle (1st floor)

Maps: https://share.google/uxbLCjgTzEBmEQ8Yl
Please use the main entrance and follow the signs to Auditorija 101.

Doors Open at 17.30 for registration, cookies and networking. The talks start at 18.00 (we start on time!).

TALKS

OWASP Introduction, Welcome and News - Vladislavs Kolosovs, Andrey Gubarev - OWASP Riga Chapter Leaders

Beyond Hidden Secrets: Our Path to Scalable Hybrid Secret Management - Ieva Lapiņa & Māris Titovs

Our approach to secret management in a hybrid environment:
When the manual management of secrets becomes unsustainable, a new way to conveniently handle them is needed.
In this talk we will share our journey to create a secret management solution that allows our teams to work autonomously in an ever growing hybrid environment. We will touch on challenges faced, the decisions made, and the solutions implemented in this journey we continue to refine.

Firebase vs Supabase: Security Models, Attack Classes, and Hardening
- Valerijs Karklins
A practical exploration of two leading backend-as-a-service platforms. This talk uncovers how Firebase and Supabase handle authentication, data access, and configuration security. We’ll examine common attack surfaces, demonstrate realistic exploitation paths, and discuss tested hardening measures to align both platforms with OWASP best practices.

SPEAKERS

Ieva Lapiņa & Māris Titovs
Part of the DevOps team at airBaltic with a background in System Administration. Work primarily with internal company systems, building processes and infrastructure that help teams work effectively in a hybrid environment without sacrificing security and sanity.

Valerijs Karklins
Founder of Laitweit Software and creator of Pawkeeper, a veterinary CRM platform built with security and scalability in mind. Valērijs combines years of experience in complex system development with applied expertise in secure software design. His work focuses on building systems that balance strong protection, maintainability, and real-world usability.

TICKETS
OWASP meetups are free and open to anyone interested in application security. Please note that you MUST book your place to be admitted to the event by the building security.

CODE OF CONDUCT
We hope you enjoy the event, we care deeply about inclusivity and diversity so that OWASP is a comfortable and welcoming community for everyone. Please reach out to one of our chapter leaders if you have any feedback/concerns or would like to speak to us, we take these matters very seriously.

OWASP Code Of Conduct: https://owasp.org/www-policy/operational/code-of-conduct