Jump to: navigation, search


Welcome to the Dubai chapter homepage. The chapter leaders are Amro AlOlaqi and Tarek Naja


OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.


Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG }

OWASP Middle East Partners with MISTI Europe


Returning to the Habtoor Grand Resort, 27-29 March 2017, the 9th annual CISO Middle East Conference & Roundtable has new topics, revised sessions and world-class speakers that will leave you on the edge of your seat. With the agenda focusing on burning issues such as phishing attacks, how digital transformation is changing the threat landscape and security/privacy challenges of IoT, we are certain there is something for everyone. If you haven't secured your spot yet, now is the time!

You can get a 20% off by using the follow code: OWASP17

Book now, attend the conference, and you'll automatically be entered into the prize drawer to win one of three Amazon Echo Dots! (Please note, delegates can only win once, and you must be present on the day to win).
Now while we know you don't have the voice service that powers Echo, Alexa, to assist you quite yet in planning your time at the event, you can still download a copy of the event brochure here.
If you have any inquiries regarding the event or would like to register, please get in touch with Chris Clarke directly.

Local News

OWASP Moves to MediaWiki Portal - 11:15, 20 May 2006 (EDT)

Past Events

7th of Feb 2017 at 12:30pm

  Abu Dhabi Cyber Resilience & InfoSeC 


Cracking Passwords for Security's Sake
Speaker: Tarek Naja
Bio: Tarek is the OWASP UAE chapter leader. He currently the head of information security at a major middle east organization.

27th of August 2014 at 6:30pm

  Nakheel Sales Office MAP
  Al Sufouh Road,
  Jumeirah - Dubai
  United Arab Emirates


OWASP Top 10 A2 - Broken Authentication and session management
Speaker: Tarek Naja
Bio: Tarek is the OWASP UAE chapter leader. He is a seasoned security consultant who focuses on penetration testing.
OWASP Top 10 A3 - Cross site scripting (XSS)
Speaker: Michael Hendrickx
Bio: Michael is an experienced IT security professional with strong, deep technical knowledge on wide variety of applications.

28th of May, 2014. 6:30pm

  Nakheel Sales Office MAP
  Al Sufouh Road,
  Jumeirah - Dubai
  United Arab Emirates

We're honored to have our guest speak Ammar Almarzooqi - Chief Information Security Officer at Abu Dhabi Department of Economic Development.

Ammar will be talking about seamless implementation of security controls. If you're dealing with some elements that are inherently secure, such as an application that cannot be modified, how would you be able to secure your environment? Ammar will be addressing this question and discussing a real case scenario from his organization.

Our other presenter is Tarek Naja - Senior Security Consultant. Tarek will be answering questions about the vulnerability you all heard about recently: Heart Bleed. Tarek specializes in penetration testing, mainly web application and mobile application penetration testing.

19th of Feb 2014 at 8pm

  Cafe Rider MAP
  Close to Mall of the Emirates
  Al Quoz Industrial - Dubai
  United Arab Emirates


Managing Web & Application Security with OWASP – bringing it all together
Setting up, managing and improving your global information security organisation using mature OWASP projects and tools. Achieving cost-effective application security and bringing it all together on the management level. A journey through different organisational stages and how OWASP tools help organisations moving forward improving their web and application security. This talk will discuss a number of quick wins and how to effectively manage global security initiatives and use OWASP tools inside your organisation
Application Security for managers
OWASP CISO Guide and CISO Survey
The OWASP CISO guide and CISO report 2013. This talk will present two new OWASP projects, the CISO guide and the newly released results of the OWASP CISO Survey report 2013. Their main goal is to provide guidance on application and web security for senior managers and to introduce Chief Information Security Officers (CISO) to the OWASP Application Security Guide and the results of the CISO Survey. Over the last years, we noticed that application security risks and threats have been on the rise and OWASP has started the CISO survey project to gather intelligence and provide it to CISOs and senior managers in order to improve their security strategies, assess their priorities and learn from their peers about what works best protecting web and application security in organizations across various industries.

Speaker: Tobias Gondrom

Tobias Gondrom is a global board member of OWASP (Open Web Application Security Project) and CEO at Thames Stanley, a boutique Global CISO and Information Security & Risk Management Advisory based in Hong Kong, United Kingdom and Germany.

14th of Dec 2013 at 6-8pm.

  MAKE Business Hub MAP
  Al Fattan Tower - Dubai
  United Arab Emirates
  +971 4 392 9216
  Speaker: Peter Dowley 
  Topic: Security Architecture for Applications, titled "What's the difference between a security bug and a security flaw?"

Speaker bio : Peter has been working in computer security for over 10 years, after another decade in other areas of IT - System & infrastructure architecture, Windows desktop & server design & management, database modelling & design, programming. He has strong expertise in security architecture (especially for banking systems) and how this relates to risk and fraud management. He is a senior security consultant with Hewlett-Packard (HP) in Dubai and has been based in the Gulf region for 5 years.

Download the presentation: "What's the difference between a security bug and a security flaw"

Casual OWASP meetup This will be our first meeting in a while. It will be an opportunity to get introduced to the other members of the OWASP UAE Chapter and discuss the type of events you'd like to see in the future.

This will be a casual meeting at a Caribou Coffee at DIFC

Gathering agenda will be:

   Meeting on Saturday the 9th of November 2013 at 6pm.
   Intro to OWASP
   Open discussion about Dubai chapter
   Conclude at 8pm

IDC's IT Security Roadshow 2013 - Dubai

   Date and Time : Wednesday, April 3, 2013
   Venue: Mina A' Salam Hotel (Madinat Jumeirah)
   Web Application Security "Think like a hacker"
   Speaker: Amro Alolaqi


Cyber Security Summit 2012- DUBAI

  Date and Time : 2nd & 3rd of October 2012  - 9:00 AM to 4:00 PM
  Venue: Grand Hayat - Dubai 
  Web Application Critical Vulnerabilities (OWASP top ten)
  Speaker: Amro AlOlaqi

ISACA UAE - ISAFE conference 2011 - Dubai

  Date and Time : 18th - 9:00 AM to 4:00 PM
  Venue: The Address Hotel - Dubai Mall
  Web Application Critical Vulnerabilities and Threat Modeling 
  Speaker: Amro AlOlaqi

IT For Government 2011- DUBAI

Location: Dusit Thani Hotel - 133, Sheikh Zayed Road

Date: 4/Oct/2011

Registration 8:00 AM

NAUGURAL KEYNOTE PRESENTATION BY His Excellency Salem Khamis Al Shair Al Suwaidi Emirates e-Government Director General

   OWASP's session: 11:20 PM  
   Speaker: Amro AlOlaqi 
   Subject: The Ten Web Application Critical Risks 

For more information about the event, please visit