AsiaTour2014

=WELCOME=


 * October 22:  Wuhan, China
 * October 25:  ChengDu, China
 * November 1: Hong Kong
 * November 4:  Kuala Lumpur, Malaysia
 * November 6:  Harbin, China
 * November 7:  Singapore, Singapore
 * November 29:  Tokyo, Japan
 * December 5: Seoul, Korea (plus one or two day training in 3-4 December)
 * December 11:  Bangkok, Thailand

Asia Tour Objective

The OWASP Asia Tour objective is to raise awareness about application security in the Asia region, so that people and organizations can make informed decisions about true application security risks. Everyone is free to participate in OWASP and all of our materials are available under a free and open software license.

We are proposing a chapters conference driven model in which the sessions are free for everybody and the costs are supported by a mix of funding i.e. OWASP Foundation, local chapter budget, external sponsorship, etc. 1-day training sessions are also offered in some tour stops. These sessions’ fees are $ 200USD for OWASP members and $ 250 USD for non-members (group discounts may apply).

Who Should Attend the Asia Tour?


 * Application Developers
 * Application Testers and Quality Assurance
 * Application Project Management and Staff
 * Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
 * Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
 * Security Managers and Staff
 * Executives, Managers, and Staff Responsible for IT Security Governance
 * IT Professionals Interesting in Improving IT Security
 * Anyone interested in learning about or promoting Web Application Security

Special offer - Become an OWASP Member

As part of the OWASP Asia Tour, you could become an OWASP Member by ONLY paying 20 U$D (normal price is 50 U$D). Show your support and become an OWASP member today! Please use discount code Asia when registering as member to avail this special discount.



QUESTIONS


 * If you have any questions about the Asia Tour, please send an email to tobias.gondrom@owasp.org or laura.grau@owasp.org

=Harbin=

基本信息Info
沙龙主题 Subject： 待定

沙龙时间 Date： 11月6日

沙龙地点 Venue： 待定

活动报名 Registration
=Wuhan=

基本信Info
沙龙主题Subject： 培养具备网络安全思维的复合型IT人才

沙龙时间Date： 10月22日14:30-17:30

沙龙地点Venue： 湖北大学计算机与信息工程学院（科技大楼）1305会议室（湖北省武汉市武昌区友谊大道368号）

沙龙议程Agenda
14:30-14:40 领导致辞

14:40-15:20 如何培养高校信息相关专业学生动手能力--张绍浪

15:20-16:00 从大学生到信息安全专家--韩名羲

16:00-16:10 休息

16:10-17:00 如何培养具备网络安全思维的复合型IT人才--袁晓峰

17:00-17:40 如何在软件编码阶段保障软件安全--韩建

17:40-18:10 自由讨论

演讲嘉宾 Speaker Bio
韩名羲，国家信息安全水平考试（NISP）全国运营中心 副主任

袁晓峰，信息安全与IT服务管理领域专家, 持有CISSP, CISA, ISO27001 LA, CEH, CBCP, CCNP,PMP, ITIL, CCSA, Entrust PKI等国际资质证书; 拥有18年IT 工作经验, 13年信息安全实践经验, 10年基于ITIL与COBIT的IT治理与IT服务实践经验. 涉及系统管理, 网络管理, 业务连续性管理与灾难恢复,IT治理与服务管理, 信息安全与风险管理, 安全审计与IT合规,物理,人身,事件安全与风险管理,应急响应与危机处理,安全事件调查,项目管理， 供应链安全管理等多方面工作; 先后担任过加拿大安大略省卫生部和美国朗讯公司信息安全顾问, 爱立信大中国区安全与风险经理, 春秋集团安全官兼IT部质量经理, 友邦保险公司集团IT治理部信息安全与合规经理, 联想集团全球网络安全高级经理，现担任西班牙电信亚太区高级安全经理. 对ISO27001, ITIL, COBIT, BS25999, PCI-DSS, HIPPA, 等级保护等国际国内标准有深入研究和长期实践.

韩建，北京奇虎测腾科技有限公司资深安全工程师

活动报名 Registration
请提供OWASP中国区会员编号+姓名)邮件到member@owasp.org.cn报名， 邮件标题请注明“参加OWASP***区域活动”

OWASP中国： http://www.owasp.org.cn/OWASP_Events/owaspyazhou

=Chengdu=

基本信息Info：
沙龙主题 Subject：OWASP应用安全探讨

沙龙时间 Date： 10月25日14:00-17:30

沙龙地点 Venue： 成都电子科技大学沙河校区第二教学楼201教室 感谢“电子科技大信息与软件工程学院凌睿工作室” 的场地支持

沙龙议程 Agenda：
14:00-14:20 签到

14:20-15:20 高级APT战术研究-WaterWave（水波）

15:20-16:00 一体化云安全监控平台探讨-权小文

16:00-16:20 休息

16:20-17::00 基于FLASH的XSS攻击-gainover

17:00-17:30 自由讨论

演讲嘉宾Speaker Bio：
WaterWave（水波） ，OWASP会员，ISF互联网安全论坛联合创始人，资深信息安全顾问，从事信息安全工作十余年. 长期从事信息安全体系规划设计及安全事件应急响应工作，熟悉国际国内信息安全法律法规与标准，精通计算机犯罪应用心理学与计算机取证调查. 他同时也是一名IT媒体资深撰稿人，在多家专业媒体发表多篇专栏文章，并参与编写《智慧城市与信息安全》一书.

权小文，Web应用安全厂商WebRay 创始人，CTO. 拥有2项网络安全相关的发明专利，14年信息安全从业经验，曾服务于Juniper等著名安全公司.

gainover，乌云核心白帽，PKAV团队成员. 擅长WEB安全及相关开发. 议题简介： 介绍基于FLASH的XSS攻击原理、实际案例与具体危害.

活动报名Registration：
请提供OWASP中国区会员编号+姓名)邮件到member@owasp.org.cn报名， 邮件标题请注明“参加OWASP***区域活动”

= Hong Kong =

'''Please register here: https://www.facebook.com/events/351049275069652/ '''

Agenda

 * 1. 1000 - 1100: SQLi and CTF for fun and profit (Speakers: Ace Seven King and Anthony Lai) (bring your laptop encouraged for the CTF)
 * 2. 1100-1120: Turbo Talk: Web Hack Tricks (Speaker: Kenneth Tse)
 * 3. 1135-1230: Secure Coding with OWASP (Speaker: Tobias Gondrom)

Please send your registration with the following details via Facebook message in OWASP Hong Kong Chapter page.: (if N, the event is free and open to everyone, but we would welcome you to support us and register for an OWASP membership with 20 USD online: https://myowasp.force.com/MemberAppstep1?region=AsiaPac or here: https://www.owasp.org/index.php/Membership
 * Name:
 * Email:
 * Company/Party:
 * Whether you are OWASP Hong Kong Chapter member?:Y/N

Please pick "APAC", chapter allocation: Hong Kong. The fund will be kept by OWASP HQ, and 40% will be allocated to Hong Kong Chapter, so that we could invite more guest in the future or even hold the conference)

See you on Saturday and thank you so much for your support.

'''Please register here: https://www.facebook.com/events/351049275069652/ '''

=Kuala Lumpur=

Invitation: OWASP Malaysia Meetup 2014 Q4
The Open Web Open Web Application Security Project (OWASP) Malaysia Chapter would like to invite to join the 2nd OWASP Malaysia Meetup 2014 as follow:

Event

 *  Topic : OWASP Meetup Q4 2014
 *  Date : 4 November 2014 (Tuesday)
 *  Time : 9.00a.m - 1.00p.m
 *  Venue : Dewan Seminar, Menara Tun Razak, UTM, Jalan Semarak

Event Program:

 * 8.30a.m - 9.00a.m - Arrival of Participants
 * 9.00a.m - 9.15a.m - Opening Speech by OWASP Malaysia Chapter Leader
 * 9.15a.m - 9.45a.m - Opening Ceremony by Shamsul bin Sahibuddin (Dean of Advanced Informatics School, UTM)
 * 9.45a.m - 10.15a.m - Social Activity
 * 10.15.a.m - 11.15a.m – Talk by Tobias Gondrom (OWASP Foundation)
 * 11.15a.m - 11.45a.m – Talk by Wann Senn (Regal Paradigm)
 * 11.45a.m - 12.15p.m – Talk by Amir Haris Ahmad (Localhost)
 * 12.15p.m - 1.00p.m - Honorable Talk By Dr. Aswami Ariffin (CyberSecurity Malaysia)
 * 12.50p.m -         Network & End of the event.

Please register here :
https://docs.google.com/forms/d/1J05m6wonvb6BYvAgK90JXN40PFkIWLX1XqR-dXlKs64/viewform

OWASP Malaysia Chapter Malaysia
Thank you.

=Singapore=

=Tokyo=

OWASP Asia Tour in Japan
OWASPは、アジアパシフィック地域での活動の活性化のため、OWASP Asia Tour 2014というイベントを行います.

これは、各国のチャプターがそれぞれ連なって、国際的な（？）イベントをそれぞれ行うというもので、１０月から１２月までの期間に続々と開催されます.

URL: https://www.owasp.org/index.php/AsiaTour2014

日本では、11/29土曜日午後に"OWASP DAY"として都内で開催予定です.

これには、OWASP KANSAIチャプターにより11/28,29に関西で出展するイベント「神戸ITフェスティバル」のOWASPブースとのコラボコーナーも設ける予定です.

参加登録は１１月に入ってからオープンいたしますが、*ご予定の確保*をお願いいたします.

スケジュール
仮のスケジュールです. セッションの時間などは予告なく変更いたします.
 * 12:30 Venue Open
 * 13:00 Opening Session
 * 13:30 OWASP Japan Project Report
 * 14:00 Session 0
 * 14:40 Session 1
 * 15:20 Session 2
 * 16:00 Session 3
 * 16:30 Session 4
 * 17:00 Closing Session
 * 17:30 dismiss

スピーカー募集
また、あわせて、この特別な機会のスピーカーを募集したいと思います.

1. 氏名、ご所属

2. メールアドレス

3. スピーチタイトル

4. 概要 (200-400文字程度)

5. 以下のどのトピックに関係があるか


 * Mobile Security
 * OWASP Projects一般/共同作業のお誘い
 * Software/Application Security Defence (Defence & Countermeasures)
 * Software/Application Security Offense (Vulnerabilities & Exploits)
 * Web and Mobile Application Security
 * Cryptography
 * Critical Infrastructure Security
 * Enterprise End to End Security
 * Government Initiatives & Government Case Studies
 * Effective case studies in Policy, Governance, Architecture or Life Cycle

上記を、10/31 までに、asiatour2014 at owaspjapan.org あてにお送りください. なおスピーチは30分程度を前提としてください. もちろん、デモンストレーションを含めてもかまいません. スピーカーは日本語、英語のいずれでもかまいません.

※ OWASPのミーティングにおけるスピーカーは、OWASP Speaker Agreement に同意することが前提となります. スピーカーへの金銭的報酬はありません. また、コンテンツはオープンにできるものとなります.

=Seoul=

=Bangkok=

=SPONSORS=

We are looking for Sponsors for the Asia Tour 2014
This is a truly unique opportunity to increase your brand recognition as a company dedicated to the highest standards of professional technology & security in the Asia region but also internationally throughout the world while supporting the continued activities conducted by OWASP worldwide.


 *  Sponsorship benefits for organizations specializing in IT & Security:
 * Opportunity to use the latest technological trends for professional training / development
 * Strengthen your company strategy by learning the latest trends in web software security
 * Improve your business development strategy with leading information from the security industry
 * Get networking and headhunting opportunities with world-class specialists and professionals
 * Get the chance to interact with high-need discerning users to improve product development
 * Increase your image as a professional company through this unique branding opportunity


 * Sponsorship benefits for organizations utilizing the internet in their business:
 * Opportunity to increase the international brand awareness and conduct business networking
 * Strengthen your company strategy by learning the latest trends in web software security
 * Improve your service development by understanding the latest trends in security issues & risks
 * Contribute to information society as a company by developing safe and secure services
 * Get the chance to interact with high-need discerning users to improve product development
 * Opportunity to brand your company as one that focuses on the highest standards in technology

Make your company part of the conversation. Become a sponsor of the tour today! ‎ SPONSOR OPPORTUNITIES

=TEAM=

Asia Tour Team

Chapter Leaders


 * RIP & Ivy (China)
 * Onn Chee (Singapore)
 * Fazli (Malaysia)
 * Riotaro OKADA and Sen Ueno (Japan)
 * Yune (Korea)
 * Kitisak (Thailand)

Operations


 * Laura Grau
 * Tobias Gondrom