This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Timisoara
OWASP Timisoara
Welcome to the Timisoara chapter homepage. The chapter leader is Catalin Curelaru.
Upcoming Events
Participation
OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.
Sponsorship/Membership
to this chapter or become a local chapter supporter.
Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? 
Follow us on Twitter.
Local News
Meeting Location
Everyone is welcome to join us at our chapter meetings.
Timisoara has an evolved software development community and one of the most important aspects that we aim to achieve is to continuously improve the application security world.
Everyone is welcome to join our chapter meetings, members and non-members. OWASP Timisoara Chapter meetings / events are free and open, so please join us!
The Chapter Board Members are: Monica Iovan (Education), Ioana Piroska ( PR/Marketing), Claudiu Ivan, Daniel Ilies.
Next event:
For details please check Upcoming Events!
15th december 2015, OWASP InfoSecTM #8
17th February 2016, OWASP InfoSecTM #9
- Title: A new generation of cryptographic algorithms - IDEA NXT".
Speaker: Andreea Bozesan
Discover the newest generation of symmetric block ciphers, their capabilities, drawbacks and means of testability. A hardware implementation is also analyzed for providing metrics to sustain the theoretic aspects exposed in the first part of the presentation - Title: Software Protection by Code Obfuscation
Speaker: Ciprian Lucaci
Complete protection of software against unauthorized access cannot be fully guaranteed because with enough resources any protection mechanism can eventually be overcome. Thus, the goal is usually to make the job of the attacker as difficult as possible. One possibility of protecting software intellectual property is through different source code obfuscation techniques. In this presentation I will briefly discuss different software protection techniques and present virtualization obfuscation as an effective protection mechanism. Virtualization obfuscation is a particular obfuscation technique that aims to protect the intellectual property of a software vendor by hiding the control-flow of a program P. This talk will present the concept of virtualization obfuscation by comparing by introducing the advantages and disadvantages compared to other obfuscation techniques. - Speaker: Dan Negrea, Software Engineer în departamentul de Security al ACI.
Ca departament ne ocupăm de securitatea produselor ACI. Aplication Security este o felie din ce în ce mai importantă din IT Security. Voi prezenta Cross-Site Request Forgery, care ocupă poziția 8 în Top-ul OWASP. Este o vulnerabilitate ușor de exploatat, implicând foarte puțin cod. Detectarea este de asemenea ușoară. Dacă ai un website și nu știi ce înseamnă CSRF, mai devreme sau mai târziu vei afla. Mai bine mai devreme :) Iar, ca simplu utilizator, vei afla câteva ”Best Practices”. - Speaker Radu Ciorbă
Linux and Python fanboy. Problemele de securitate vreau să le înțeleg în primul rând din curiozitate, dar și pentru a ști ce să evit în sistemele pe care le construiesc. Voi prezenta, pe scurt, "The Debian SSL Fiasco" sau cum puțină "curățenie în cod" bine intenționată a introdus unul dintre cele mai grave exploituri de securitate din Debian. - Speaker: Flavius Oprițoiu
Prezentarea este intitulată "Reliable implementations for cryptographic systems with testability facilities". Tema abordată o reprezintă testarea fără degradarea securității în contextul dispozitivelor criptografice. Astfel, sunt investigate mai întâi aspectele ce țin de implementarea algoritmilor criptografici în contextul Advanced Encryption Standard (AES), algoritm pentru care va fi descrisă proiectarea unei arhitecturi duale, pentru criptare-decriptare, de dimensiuni reduse (în consecință, de consum redus), construită pin partajarea elementelor comune ale operațiilor directă și inversă. Obiectivul urmărit în proiectarea acestei arhitecturi este obținerea unui compromis cât mai bun între dimensiunile designului și capacitatea de trecere a unității. Pornind de la arhitectura AES descrisă, vor fi prezentate mai multe soluții posibile de extindere a sistemului criptografic prin mecanisme de detecție a erorilor și, respectiv, a situațiilor de atac. Strategiile de detecție a defectelor sunt clasificate în mijloace de testare concurentă, respectiv, preemptivă, fiind protejate toate operațiile de rundă ale AES prin mijloacele de testare propuse.
Check the event on FB[1]
15th March 2016, OWASP InfoSecTM #10
Presentations:
Romanian description
Become a supporter of OWASP or of OWASP's Timisoara Chapter and help us to make application security more visible.
All information about becoming a member/sponsor can be found here.
https://www.owasp.org/index.php/Local_Chapter_Supporter
