Hong Kong

From OWASP

Welcome to the OWASP Hong Kong Local Chapter

Welcome to the local Hong Kong chapter homepage. The chapter leader is Anthony LAI,CISSP,CISA

Participation

OWASP chapter meetings are free and open to anyone interested in application security. We encourage members to give presentations on specific topics and to contribute to the local chapter by sharing their knowledge with others. Prior to participating with OWASP please review the Chapter Rules.

To join the chapter mailing list, please visit our mailing list homepage. The list is used to discuss the meetings and to arrange meeting locations. You can also review the email archives to see what folks have been talking about. Please check the mailing list before coming to a meeting to confirm the location and time and to catch any last minute notes.

The Hong Kong chapter was formed in December 2004. The objectives to establish OWASP Hong Kong Chapter are mainly because: -There are many web applications established in past 10 years. However, how many developers know that their developed application are secure. Meanwhile, there are many transactional-based systems, we should not ignore that the web application is another channel for hackers to compromise one's confidential information and interrupt any critical business operations.

- Raise the security awareness of web application development among the professionals.

- Encourage professionals to reference standard like ISO7799 for their web application security and post-deployment review as well as audit.

- Accelerate to Share, learn, discuss and review best practices of the experienced web application development security professionals even across various user groups (Java User Group and .NET User Group ) and security associations (i.e. PISA) in Hong Kong.

From left to right: James Tsao, Anthony Lai, David Walker, Richard Stagg, Marco Leung and Gary Kung

Coding Practice

- Mainstream web technologies (i.e. .NET, J2EE and PHP on Linux) security assessment

- Web application platform (i.e. Apache, IIS, Linux, Database) security assessment and review.

- Recent Web application security concerns.

- Regularly convey latest projects and presentations from OWASP.

News from Hong Kong Chapter

OWASP(HK Chapter) supports 8th Infosecurityproject Conference: URL:http://www.infosecurityproject.com/

OWASAP Committee Member, Richard Stagg, uncovered Security Reality (Mar 2007) Richard from Handshake Networking could tell you the truth of that. URL:http://www.cw.com.hk/computerworldhk/article/articleDetail.jsp?id=409104

Hong Kong Standard: HKU changes Internet policy to boost security Hong Kong University has changed its Internet policy a week after The Standard reported that improperly indexed material listed on its Web sites could be accessed by users of the Google Internet search engine. Doug Crets 4/3/2006

URL: http://www.thestandard.com.hk/news_detail.asp?pp_cat=11&art_id=15675&sid=7341056&con_type=1&d_str=20060403&sear_year=2006

Hong Kong Standard: Online enemy within The biggest threats to computer users are not hackers but their own ignorance, complacency or carelessness, writes Doug Crets 3/27/2006 URL:http://www.thestandard.com.hk/news_detail.asp?pp_cat=11&art_id=15121&sid=7238709&con_type=1&d_str=20060327&sear_year=2006

Web Application Security with PISA: http://www.pisa.org.hk/event/web-appl-sec.htm

OWASP (Hong Kong Chapter): Successful Web Application Security and Hacking Demo seminar co-organized with Hong Kong Java User Group (30 Jul 2005 https://hkjug.dev.java.net/gatherings/2005/0730.html

OWASP (Hong Kong Chapter): Web Application Security organized with Sun Wah Pearl Linux (29 Oct 2005)

Contact Us

Chapter Mailbox

P.O. Box No. 6684, General Post Office, Hong Kong SAR

Recent Update

--Anthony Lai 11:25, 6 July 2006 (EDT)