OWASP Timisoara #25: Firewalls, Product Security & Contingency plans [IN-PERSON]

The next OWASP Timisoara Chapter Meetup will be in person.

See https://owasp.org/www-chapter-timisoara/ for more information about the OWASP Timisoara chapter.

Theme sessions - Theme: Firewalls, Product Security & Contingency plans.

`Schedule` `Time:`` 18:00 to 20:30`
Introduction, OWASP News & Updates - Catalin Curelaru
Securing the Gates: The Hidden Flaws Behind the Firewall - Adrian Daniel BACANU (RAZDON)
Running a Product Security Assessment Program at scale - Alina NICULA (VISMA)
Contingency plan from security point of view - Adrian BARAN (VITESCO)

Location of the event: UBC3, et 10, Sediu VISMA, Piața Consiliul Europei 2 · Timișoara

Event powered by VISMA

More about the speakers and topics:
Adrian Daniel BACANU - CEO @ RAZDON, is the CEO and co-founder of Razdon, a pioneering CyberSecurity startup. With 14 years of enterprise experience and a lifelong passion for hacking—now spanning two decades—Daniel brings a wealth of expertise to the cybersecurity field. He still offers some Security Architectural consultancy for different companies across Europe, and from time to time, he engages in bounty hunting. When not decoding the matrix of cyber threats, Daniel enjoys life with his wife and two boys, plays football twice a week, and maintains a spirited sense of humor—because in cybersecurity, sometimes, you really can't afford to joke.
~Securing the Gates: The Hidden Flaws Behind the Firewall~
Effective cybersecurity is not just about having defenses in place but ensuring they are properly designed. 'Securing the Gates: The Hidden Flaws Behind the Firewall' illuminates the common pitfalls in firewall implementations that often go unnoticed. This presentation will demonstrate typical design errors that compromise security and provide actionable insights on how to rectify these flaws to create robust defenses. Attendees will learn how to not only deploy but also optimize firewalls to safeguard their digital assets effectively.

Alina NICULA - VASP Lead and Product security assessment service owner and reviewer @Visma. Alina has been working within product development teams as a software developer, security engineer, software and cloud service architect. In the last years she focused on software security by guiding Visma teams into securing their applications, data, cloud workloads, and delivery pipelines to avoid potential cybersecurity risks.
~Running a Product Security Assessment Program at scale~
Having a product security assessment program is essential for any company. It is equally critical to ensure that this program remains relevant over the time and is scalable as the company grows.In this presentation, I will discuss how we ensure that our designed processes empower development teams to make informed security decisions while also giving them ownership over the remediation of the security aspects that impact their products.
However, achieving this goal requires a strong and knowledgeable security review team that supports the delivery teams with informed security by design best practices.
So, how have we been able to grow our program? I hope you will leave this presentation with a clear understanding of our approach.

Adrian BARAN - Security Manager @ VITESCO,

~ Contingency plan from security point of view ~
Abstract: