Difference between revisions of "OWASP Day KL 2011"

From OWASP
Jump to: navigation, search
Line 315: Line 315:
 
[[Image:mycert.jpg]]
 
[[Image:mycert.jpg]]
 
<br>'''Malaysia Computer Emergency Respond Team'''<br />
 
<br>'''Malaysia Computer Emergency Respond Team'''<br />
 +
 +
[[Image:eccouncilmy.jpg]]
 +
<br>'''EC-Council APAC'''<br />
 +
  
 
[[Image:unikl.jpg]]
 
[[Image:unikl.jpg]]
 
<br>'''University Kuala Lumpur'''
 
<br>'''University Kuala Lumpur'''
 +
 
'''Computer Security System Club by Student UniKL-MIIT'''<br />
 
'''Computer Security System Club by Student UniKL-MIIT'''<br />
  

Revision as of 02:27, 9 September 2011



Owaspday2011.png


Welcome

OWASP DAY KL 2011 - Malaysia

OWASP Malaysia will host OWASP Day KL 2011 in Kuala Lumpur, Malaysia from Sep. 20 to Sep. 21, 2011 and colloborate with UniKL-MIIT & OSDCMY. The events will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Malaysia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Malaysia and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 200 people are expected to attend the events. exhibition and lunch will be held at the summit, providing sufficient networking opportunities.


Registration

Registration Now Open!!!

For more detail on the fee and workshop

Who Should Attend OWASP Day KL 2011:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interesting in Improving IT Security
  • Lecturer & Student it IT field

All the attendee will be provided Attendee Certificate by UniKL & OWASP Malaysia

Keynotes

Adli.jpg

Adli Wahid

Adli Wahid of Cybersecurity Malaysia VP CyberSecurity Responsive Services on a day to day basis. Our team provide incident handling service for anything related to .MY, watch and warn activities, and co-ordination with other security teams (FIRST, APCERT), research groups (i.e. The Honeynet Project) and interest groups (i.e. APWG, ShadowServer).

He specializes in malware, phishing and visualization and has designed and co-ordinated cyber drill exercise at the national and regional level.

CFP and CFT

OWASP DAY KL 2011

CALL FOR Presentation

OWASP Day KL 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP Day KL 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to expected participants.

The topics we are seeking include, but are not limited to:

  1. Web Application Security
  2. Mobile Application Security
  3. Cloud Application Security
  4. Software and Architecture Patterns for Application Security
  5. Metrics for Application Security
  6. OWASP Tools and Projects
  7. Secure Coding Practices (J2EE/.NET)
  8. Application Security Testing
  9. New Attacks and Defense
  10. Other subjects related to OWASP and Application Security

To make a submission:

Call For Presentation


Each talk should be limited to 40 minutes, followed by a 5 minute question session.

  • Submission deadline: August 20, 2011.
  • Notification of acceptance: August 22, 2011.
  • Presentation slides due: September 20, 2011.

CALL FOR Training

In-conjunction with OWASP Day KL 2011 also provided workshop. It will separate day with the seminar and will conduct 1 full day. It will 3 major topic on the workshop.

  • SQL Injection (Secure & Prevent)
  • Penetration Tester
  • IT Audit

Call For Training

  • All the speaker & trainers will be given Speaker Honor Cert from UniKL & OWASP Malaysia

Speaker

Suhasdesai.jpg
Suhas Desai

A distinguished Senior Consultant of Aujas Networks, At Aujas, he is handling Mobile Security Services. He is responsible for growth of Mobile Security Services. His extensive experience in Mobile Technology spreads across iApps Security, Mobile PKI, Mobile Apps (Android, J2ME), USSD/DSTK Apps, Mobile VAS, SIM card and Mobile Payment’s Security services. Prior to joining Aujas Networks, he has worked with Tech Mahindra. A frequent speaker at prominent industry and customer forums, Desai has been on technical advisory committees for prestigious National and International conferences. He has delivered over 350 conference talks on software & mobile security across the globe including OSSPAC’09, Singapore; INTEROP 2009, Mumbai; STeP-IN 2010 Bangalore; MOSC 2010, Kuala Lumpur; OSBizConference 2010, Malaysia; ‘Mobile VAS in Growth Markets summit’, 2010, Dubai ; ClubHack 2009, Pune; c0c0n 2010, Cochin and ‘4th Mobile Commerce Summit ASIA’, 2011, Kuala Lumpur. He is a proud author of several research papers for reputed journals and magazines in Security, RFID and Image Processing domain. He also contributes features for Linux for You, Linux+ and Linux Journal magazines.

Azizan2.jpg
Ahmad Azizan Idris

Ahmad Azizan graduated from International Islamic University Malaysia with Bachelor's Degree in Computer Science and is currently working as an Intrusion Analyst in Malaysia Computer Emergency Response Team (MyCERT) at CyberSecurity Malaysia. His works mainly concentrated in incident handling, malware analysis, security tools development and other security-related stuff. Currently he involves heavily in mitigating client-side attack specifically on Malicious PDF analysis.

Azrilazam.jpg
Azam Abdul Rahim

Azril azam is currently works as the Global Response Center Development Team Leader with the International Multilateral Partnership Against Cyber Threats (IMPACT), an International Telecommunication Union (ITU) cybersecurity agenda agency. Previously, azril works as the senior researcher with MIMOS Berhad specialized in x86 system virtualization, trusted computing, and computer forensics. He is currently a GIAC certified forensics analyst and also the EC COUNCIL certified security instructor. He has wrote several papers pertain to system security, computer forensics and system virtualization. He also a firm believer in OSS where till this date has wrote several security software under the GNU license. His computer forensics software project called FIRST has won several international and demostic awards including gold award for invention at ITEX 2006 and best Malaysian open source software 2006. Currently at his sparetime, he is in the final stage in completing the next OSS project

Erazuddin.png
Errazudin Ishak

Errazudin holds a Master`s degree in Computer Science (Software Engineering) and works as Solution Architect at Mimos Berhad, A Malaysia government research agency, in ICT and frontier technology. His job focuses on web application developement, deployment, performance and stability. He has spoken at several meetups and conferene and has worked with various back-end and web technologies. In his free time he loves to emulate Richard Gasquet`s backhand on court.

Walterwong.jpg
Walter Wong

Walter is a technical lead for Gain Secure based in Malaysia. The company specialized for providing secure application development and user experience (UX) consultation services to customers. Walter is a Microsoft MVP for developer security. Research on application development security is Walter's personal interest. He also successfully discovered many websites vulnerabilities including some high traffic websites over the past few years. Walter often speaks at technical conferences such as Visual Studio 2010 Launch, TechEd SEA, Security Symposium, TechNet/MSDN, Tech Insights and more.

Haris.jpg
Harisfazillah Jamel

200px
Mohd Hafiz Tabrani

Adnan1.jpg
Adnan Mohd Shukor

Adnan Mohd Shukor is an Intrusion Analyst at Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia. His Education background comprises of Degree in Information Technology, majoring in Security Technology from Multimedia University. He is also a GIAC Certified Penetration Tester (GPEN), GIAC Certified Incident Handler (GCIH) and member of the SANS Advisory Board since 2009.

In the IT security line of work, he has plenty of experience in aspects of network security, penetration testing, web security, client side security, honeypot technology, system development and automation. He has contributed a lot in open source projects especially related to security and he is also the founder of DontPhishMe and MyPHPIPS

Alip.jpg
Alip Aswalid Asri

Alip Aswalid bin Asri is an Intrusion Analyst at Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia. His works mainly concentrated in Incident Handling, Website Security, Penetration Testing and Security Tools Development. He is also familiar in web development using Ruby on Rails and PHP.

Syedzai.jpg
Syed Zainudeen Mohd Shaid

Syed Zainudeen Mohd Shaid is a member of Information Assurance and Security Research Group (IASRG) in Universiti Teknologi Malaysia (UTM). With a Software Reverse Engineering background, he is now active in Malware Research and Penetration Testing. He also does training on Ethical Hacking and give talks on Computer & Internet Security. He is currently the Web Security Advisor for UTM.


Agenda

Final Program

Day 1 - 20 September 2011

Time
Web Security: Analysis and Incident Handling on web Attack/Incident by Adnan Mohd Shukor & Alip Aswalid Asri

IT Audit by Harisfazellah Jamel

Introduction to Ethical Web Application Hacking "Pentest" by Syed Zainudeen Mohd Shaid

8.00a.m
Registration (Level 7)
8.30a.m
Lab 706
Lab 707
Lab 708
10.00a.m
Morning break (Level 7)
10.20a.m
Lab 706
Lab 707
Lab 708
1.00p.m
Lunch (Level 7)
2.00p.m
Lab 706
Lab 707
Lab 708
3.45p.m
Lab 706
Lab 707
Lab 708
4.00p.m
Lab 706
Lab 707
Lab 708
5.30p.m
Training Ended

Day 2 - 21 September

Time Activity Location
8.00a.m Registration Bestari Lecture Hall, Lvl 2
8.30a.m

Opening Ceremony

Opening Speech by Mohd Fazli Azran

Signing Ceremony OWASP & UNIKL-MIIT

Montage & UNIKL-MIIT

Keynote Speech by Adli Wahid

Bestari Lecture Hall, Lvl 2
9.45a.m Morning Break (Corridor Bestari Lecture Hall Lvl 2, VVIP at Lvl 29, Banquet Room)
10.00a.m

Suhas Desai

"Mitigating Security Risk in Mobile Payment Application"

Bestari Lecture Hall, Lvl 2
10.45a.m

Ahmad Azizan

"Gallus: Analyzing Malicious PDF"

Bestari Lecture Hall, Lvl 2
11.30a.m

Azril Azam Abdul Rahim

"Identify, Mitigate & Prevent DDOS Attack via libNetFilters Que"

Bestari Lecture Hall, Lvl 2
12.15p.m

Mohd Hafiz Tabrani

"pKaji: Suspicious PHP Script Analyzer"

Bestari Lecture Hall, Lvl 2

1.00

Lunch Corridor Bestari Lecture Hall Lvl 2, VVIP at Lvl 29, Banquet Room

2.00p.m

Errazudin Ishak

"Rise of the Planet of Anonymous"

Bestari Lecture Hall, Lvl 2
2.45p.m

Walter Wong

"Tips and Tricks To Secure .Net Web Application"

Bestari Lecture Hall, Lvl 2
3.40p.m

Tea Break Corridor Bestari Lecture Hall Lvl 2, VVIP at Lvl 29, Banquet Room

3.45p.m Reserve to UniKL-MIIT Bestari Lecture Hall, Lvl 2
4.30p.m Reserve to GCERT, MAMPU (JPM) Bestari Lecture Hall, Lvl 2
5.30p.m End of Events

Preliminary Program

  • Day1.png
  • Day2.png

The final program will be available before September 2011.


Sponsors

Csm.jpg
CyberSecurity Malaysia

Mycert.jpg
Malaysia Computer Emergency Respond Team

Eccouncilmy.jpg
EC-Council APAC


Unikl.jpg
University Kuala Lumpur

Computer Security System Club by Student UniKL-MIIT

Osdcmy.jpg
Open Source Developer Community Malaysia


New in 2011, we are offering exclusive OWASP Day KL 2011 Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.

Please contact us directly if you have any related question.


Intented Sponsors:


Team

Members (in alphabetical order)

OWASP Malaysia representative:

UniKL representative:

OSDCMY representative :



Expenses

Registration Fee

If you are neither an OWASP member nor an OWASP Malaysia chapter member, please feel free to join us!

It is free for all OWASP Paid members and all OWASP Malaysia Paid chapter members.

Event

Early Bird

(Before 10 Sept 2011)

Normal

(From 10 Sept 2011)

1. Seminar

a. Member
b. Non-Member

 

Free
MYR 58

 

Free
MYR 68

2. Workshop

a. SQL Injection
b. Penetration Testing
c. IT Audit

 

MYR 198
MYR 198
MYR 198

 

MYR 228
MYR 228
MYR 228

3.Workshop and Seminar

MYR 239

MYR 279

 















Please ensure that the information given are correct before submission.
Our staff will send confirmation email and payment MUST be made within 5 working days.
Method of payment:
A) cash deposit.
B) LO & PO for government only.
C) cheque deposit .
D) online money transfer.


ACCOUNT DETAIL:
INSTITUT INFOTECH MARA SDN BHD
14260000004107
CIMB BANK

For more inquiries on payment, please contact:
Mrs Dalilah bt Abdullah
No. Telephone : +603-21754363 / +60321754365 / +60321754370 / +60321754210
No. Fax : +603-21754441

Accommodation

Please check the local hotel website for detail information. For more details please check at logistic tab.

Logistics

Venue

Universiti Kuala Lumpur


website: http://www.unikl.edu.my

Hotel

For the Hotel suggested near at the venue area:

Travel

How to obtain a visa for the event

  • Invitation letter will be sent out for overseas attendees after registration.
  • For detailed information on obtaining a business visa for this event, please refer to Malaysia embassy