Dhaka



 Join Bangladesh Chapter Mailing list 

Join the Bangladesh chapter Facebook page

Follow us @OWASPBangladesh

Join the Bangladesh chapter LinkedIn group

= Upcoming Activities =

= Past Events =

securITy – Information Security Conference 2017
Recorded Session: https://www.facebook.com/BASIS.SoftExpo/videos/681561205358997/

fb event : https://www.facebook.com/events/1363319330405785/

Speaker list

Nahidul Kibria Synack Red Team Researcher, Co-Founder beetles.io Principal Software Engineer, Orbitax Bangladesh Ltd. Co-Leader, OWASP Bangladesh Chapter.

Title: "The memory remains." Fileless malware makes cyber attacks even more difficult to detect nowadays.Simple signatures are too easy for an intruder to circumvent. Cyber criminals can also program fileless malware to gain persistence after it was written directly to RAM. Fileless malware is not a revolutionary approach, However 2016 certainly saw a dramatic rise in this type of attack as the criminals worked to perfect it. This talk is about triage a system potentially impacted by fileless malware by memory analysis.

Slide: http://www.slideshare.net/nahidupa/the-memory-remains-71761360

Moshiul Islam CISSP, CISA, CFE General Manager,Robi Axiata ltd Founder & Chair, OWASP Bangladesh Chapter

Title: wannabe Cyberpunk; “I don’t know what I’m supposed to do.” The talk will provide guidance on required skills and industry certification to become successful information security professional

Slide: http://www.slideshare.net/MIslamm/wannabe-cyberpunk-i-dont-know-what-im-supposed-to-do

Shahee Mirza CEH, MCSA Co-Founder beetles.io Security Researcher, Senior Security Engineer at P1, Basundhara Group.

Title: "DevOps and AppSec" DevOps is an opportunity to make security an integral part of application development.

Slide :http://www.slideshare.net/shaheemirza/devops-and-application-security

Tarek Siddiki Synack Red Team Researcher Co-Founder beetles.io Core Researcher Cobalt.io

Title: “Trust yourself. You’ll do what’s right.” This talk is about bug hunter life and some real life web security bug.

Kaisar Y Reagan IT consultant, Programmer and security enthusiast

Title: Software security : Risk, demonstration and Preventative

Secure coding is the most important practice which in most of the case is the most ignored subject while coding, which may lead to a complete network takeover. Attacks like dll hijack which has been to steal from Military target, as example Beebus attack in 2015, even to compromise the Pentagon network shows the risk behind the attack, which can be mitigated by some good practice while writing code. In this session we will discuss about secure coding, demonstrate a dll hijack attack and how to counter and some good practice while coding to make software more secured.

Slide: http://www.slideshare.net/kaisaryousuf/secure-coding-impact-and-demo

securITy – Information Security Conference 2015
fb event : https://www.facebook.com/events/508692759270627



Sending A for Ahuh. Win32 Exploit development old school.

Slide: http://www.slideshare.net/nahidupa/sending-a-for-ahuh-win32-exploit-development-old-school

Bug Bounty 101

Slide: http://www.slideshare.net/shaheemirza/bug-bounty-101?qid=c57c47fc-d0c5-4290-9ca6-54e6b54496a2

'''"securITy" Information Security Conference at BASIS SoftExpo 2014


"Malware: ZeuS zombies are using in online banking theft."

Youtube: https://www.youtube.com/watch?v=VE-w-AsfcGk

Slide: http://www.slideshare.net/nahidupa/banking-malware-zeu-s-zombies-are-using-in-online-banking-theft

Nahidul kibria Co-Leader, OWASP Bangladesh Chapter, Principal Software Engineer, Orbitax Bangladesh Ltd.

"Payment Card Industry Data Security Standard (PCI DSS) in Banking" Mr. Omor Farooq Khandaker , CISA, CISSP, CISM ,PMP

'''"Introduction to the Web" Seminar 2012 - Let's all learn web development!
Web Security - Common security threats and hacking.

"GetRoot" Cyber-Security Challengee on 21 June, 2012.
Grooming Session slide(s)

Welcome to info sec world

Myths in Information Security

'''"securITy" Information Security Conference at BASIS SoftExpo 2012


“securITy” Information Security Conference will bring together security experts, executives, technical thought leaders, developers, scientists and researchers from all over Bangladesh for in-depth discussions of cutting-edge information security, risk and control issues. The conference will draw participations from major organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, Banks, Internet service providers, universities and research institutes. Panel discussions will provide sufficient networking opportunities.

OWASP and ISACA would jointly like to welcome you to participate in “securITy” Information Security Conference at BASIS SoftExpo 2012 which will be held on:

Date: Saturday 25 February 2012

Time: 2.30 pm to 7.00 pm

Venue: Green View, Bangabandhu International Conference Centre (BICC), Dhaka

Registration Cost: Nil

Topics & Speakers:

Session opening and Overview of ISACA-Ali Ashfaq, FCA

Overview of OWASP Moshiul Islam, CISA

Taking IT to the Boardroom Aniruddha Neogi, FCA, CISA, CGEIT, CRISC

Payment Card Industry Data Security Omor Farooq Khandaker, CISA, CISSP, CISM, PMP

IT & Cyber Security Law in Bangladesh Adnan ML Karim, Barrister-at-Law, BSc Computer Science

IT Risk and Control Framework Mohammed Iqbal Hossain, CISA, CGEIT

Everybody loves HTML5, hackers too Nahidul Kibria

Wireless Security AKM Nazrul Haider

Digital Forensics Motashim Al Razi, CEH

More details are in the attached leaflet.

Please visit www.softexpo.com.bd/day_plan.php for more information on this conference and other events at BASIS SoftExpo 2012. Your presence will enhance the quality of the conference. We look forward to meeting you at “securITy”.

For more information on ISACA please visit www.isaca.org and for more information on ISACA Dhaka Chapter please visit www.isaca.org/chapters1/Dhaka.

"Byte Knight" Cyber-Security Challengee on 23th February, 2012.
Grooming Session of "Byte Knight" will be held on 11th February, 2012 from 11 AM.

"Byte Knight" Is a cyber-security challenge competition. Participant needs to defense their own service/software as well as finding the security flaw of opponent team and exploit them. The basic Goal of this contest is motivated the student learn about infosec.

Registration http://www.bubt-cse.com/fiesta/index.php/scontestcontroller/reg More http://www.bubt-cse.com/fiesta/index.php/scontestcontroller/home

Who should join "Byte Knight"?

All we need is a knowledge seeker, quick learner and someone who has interest in Information Security. We will feed you what you need to know for the competition. We do not expect you to be genius in information security. With this event we will try to show you a path way to enter information security field where you can research farther. If you are interested in programming, how OS work, how packets are travels in network and how a single buffer overflow can give you the full control of a program then this event is for you.

= Past Chapter Meetings =

Kick off meeting 15th October 2011. Slide