Difference between revisions of "Dubai"

From OWASP
Jump to: navigation, search
 
(18 intermediate revisions by 5 users not shown)
Line 1: Line 1:
{{Chapter Template|chaptername=Dubai|extra=The chapter leaders are [mailto:amro@owasp.org Amro AlOlaqi] and [mailto:tarek@owasp.org Tarek N]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-dubai|emailarchives=http://lists.owasp.org/pipermail/owasp-dubai}}  
+
{{Chapter Template|chaptername=Dubai|extra=The chapter leaders are [mailto:amro@owasp.org Amro AlOlaqi] and [mailto:tarek@owasp.org Tarek Naja]|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-dubai|emailarchives=http://lists.owasp.org/pipermail/owasp-dubai}}  
  
 
<br>  
 
<br>  
Line 7: Line 7:
 
  '''OWASP Moves to MediaWiki Portal - 11:15, 20 May 2006 (EDT)'''
 
  '''OWASP Moves to MediaWiki Portal - 11:15, 20 May 2006 (EDT)'''
  
OWASP is pleased to announce the arrival of OWASP 2.0!
 
  
OWASP 2.0 utilizes the MediaWiki portal to manage and provide the latest OWASP related information. Enjoy!
+
== Past Events  ==
 +
'''27th of August 2014 at 6:30pm'''
 +
  Nakheel Sales Office [https://maps.google.com/maps?q=Nakheel+Sales+Center+-+Al+Sufouh+-+Dubai+-+United+Arab+Emirates&hl=en&ll=25.104759,55.156517&spn=0.038589,0.066047&sll=31.128199,-72.773437&sspn=71.247495,135.263672&oq=Nakheel&dirflg=r&ttype=now&noexp=0&noal=0&sort=def&hq=Nakheel+Sales+Center+-&hnear=Al+Sufouh+-+Dubai+-+United+Arab+Emirates&t=m&z=15 MAP]
 +
  Al Sufouh Road,
 +
  Jumeirah - Dubai
 +
  United Arab Emirates
  
<br>
+
Topics:
 +
; OWASP Top 10 A2 - Broken Authentication and session management
 +
: Speaker: [http://ae.linkedin.com/in/tareknaja Tarek Naja]
 +
: Bio: Tarek is the OWASP UAE chapter leader.  He is a seasoned security consultant who focuses on penetration testing.
  
<br>
+
; OWASP Top 10 A3 - Cross site scripting (XSS)
 +
: Speaker: [http://ae.linkedin.com/in/mhendrickx Michael Hendrickx]
 +
: Bio: Michael is an experienced IT security professional with strong, deep technical knowledge on wide variety of applications.
  
= '''IT For Government 2011- DUBAI&nbsp;''' =
+
----
 +
'''28th of May, 2014. 6:30pm'''
 +
  Nakheel Sales Office [https://maps.google.com/maps?q=Nakheel+Sales+Center+-+Al+Sufouh+-+Dubai+-+United+Arab+Emirates&hl=en&ll=25.104759,55.156517&spn=0.038589,0.066047&sll=31.128199,-72.773437&sspn=71.247495,135.263672&oq=Nakheel&dirflg=r&ttype=now&noexp=0&noal=0&sort=def&hq=Nakheel+Sales+Center+-&hnear=Al+Sufouh+-+Dubai+-+United+Arab+Emirates&t=m&z=15 MAP]
 +
  Al Sufouh Road,
 +
  Jumeirah - Dubai
 +
  United Arab Emirates
  
''Our local considered as a supporter in the titled event, please find the below information which are related with the event.&nbsp;''  
+
We're honored to have our guest speak [http://ae.linkedin.com/pub/ammar-almarzooqi/30/b11/b86 Ammar Almarzooqi] - Chief Information Security Officer at Abu Dhabi Department of Economic Development.
 +
 
 +
Ammar will be talking about seamless implementation of security controls. If you're dealing with some elements that are inherently secure, such as an application that cannot be modified, how would you be able to secure your environment? Ammar will be addressing this question and discussing a real case scenario from his organization.
 +
 
 +
<br/>
 +
Our other presenter is [http://ae.linkedin.com/in/tareknaja Tarek Naja] - Senior Security Consultant.
 +
Tarek will be answering questions about the vulnerability you all heard about recently: Heart Bleed. Tarek specializes in penetration testing, mainly web application and mobile application penetration testing.
 +
 
 +
----
 +
'''19th of Feb 2014 at 8pm'''
 +
  Cafe Rider [http://cafe-rider.com/styled-4/index.html MAP]
 +
  Close to Mall of the Emirates
 +
  Al Quoz Industrial - Dubai
 +
  United Arab Emirates
 +
 
 +
Topics:
 +
; Managing Web & Application Security with OWASP – bringing it all together
 +
: Setting up, managing and improving your global information security organisation using mature OWASP projects and tools. Achieving cost-effective application security and bringing it all together on the management level. A journey through different organisational stages and how OWASP tools help organisations moving forward improving their web and application security. This talk will discuss a number of quick wins and how to effectively manage global security initiatives and use OWASP tools inside your organisation
 +
 
 +
; Application Security for managers: OWASP CISO Guide and CISO Survey
 +
: The OWASP CISO guide and CISO report 2013. This talk will present two new OWASP projects, the CISO guide and the newly released results of the OWASP CISO Survey report 2013. Their main goal is to provide guidance on application and web security for senior managers and to introduce Chief Information Security Officers (CISO) to the OWASP Application Security Guide and the results of the CISO Survey. Over the last years, we noticed that application security risks and threats have been on the rise and OWASP has started the CISO survey project to gather intelligence and provide it to CISOs and senior managers in order to improve their security strategies, assess their priorities and learn from their peers about what works best protecting web and application security in organizations across various industries.
 +
 
 +
Speaker: [http://hk.linkedin.com/in/gondrom Tobias Gondrom]
 +
 
 +
Tobias Gondrom is a global board member of OWASP (Open Web Application Security Project) and CEO at Thames Stanley, a boutique Global CISO and Information Security & Risk Management Advisory based in Hong Kong, United Kingdom and Germany.
 +
 
 +
----
 +
'''14th of Dec 2013 at 6-8pm.'''
 +
 
 +
  MAKE Business Hub [https://maps.google.com/maps?ie=UTF8&q=MAKE+Business+Hub+Cafe&fb=1&hq=make+business+hub&cid=1882949530944650280&hnear=&ll=25.079127,55.136797&spn=0.011816,0.021136&t=m&z=16&vpsrc=0&iwloc=A MAP ]
 +
  Al Fattan Tower - Dubai
 +
  United Arab Emirates
 +
  +971 4 392 9216
 +
  Speaker: Peter Dowley
 +
  Topic: Security Architecture for Applications, titled "What's the difference between a security bug and a security flaw?"
 +
 
 +
Speaker bio : Peter has been working in computer security for over 10 years, after
 +
another decade in other areas of IT - System & infrastructure architecture,
 +
Windows desktop & server design & management, database modelling & design,
 +
programming. He has strong expertise in security architecture (especially
 +
for banking systems) and how this relates to risk and fraud management. He
 +
is a senior security consultant with Hewlett-Packard (HP) in Dubai and has
 +
been based in the Gulf region for 5 years.
 +
 
 +
'''Download the presentation:''' [https://www.owasp.org/index.php/File:Security_Bugs_vs_Flaws.pptx "What's the difference between a security bug and a security flaw"]
 +
 
 +
----
 +
'''Casual OWASP meetup'''
 +
This will be our first meeting in a while. It will be an opportunity to get introduced to the other members of the OWASP UAE Chapter and discuss the type of events you'd like to see in the future.
 +
 
 +
This will be a casual meeting at a Caribou Coffee at DIFC
 +
 
 +
http://www.mealadvisors.com/uae/dubai/restaurant/map/branch_id/1294
 +
 
 +
Gathering agenda will be:
 +
 
 +
    Meeting on Saturday the 9th of November 2013 at 6pm.
 +
    Introductions
 +
    Intro to OWASP
 +
    Open discussion about Dubai chapter
 +
    Networking
 +
    Conclude at 8pm
 +
 
 +
----
 +
 
 +
'''IDC's IT Security Roadshow  2013 - Dubai '''
 +
 
 +
    Date and Time : Wednesday, April 3, 2013
 +
    Venue: Mina A' Salam Hotel (Madinat Jumeirah)
 +
    Web Application Security "Think like a hacker"
 +
    Speaker: Amro Alolaqi
 +
 
 +
Reference: http://idc-cema.com/eng/events/50679-idc-s-it-security-roadshow-2013/11-speakers
 +
 
 +
----
 +
 
 +
'''Cyber Security Summit 2012- DUBAI'''
 +
 
 +
  Date and Time : 2nd & 3rd of October 2012  - 9:00 AM to 4:00 PM
 +
  Venue: Grand Hayat - Dubai
 +
  Web Application Critical Vulnerabilities (OWASP top ten)
 +
  Speaker: Amro AlOlaqi
 +
 
 +
http://we-initiative.com/wp-content/uploads/2012/07/Cyber-Security-UAE-2012-EM12.pdf
 +
----
 +
 
 +
'''ISACA UAE - ISAFE conference  2011 - Dubai'''
 +
 
 +
  Date and Time : 18th - 9:00 AM to 4:00 PM
 +
  Venue: The Address Hotel - Dubai Mall
 +
  Web Application Critical Vulnerabilities and Threat Modeling
 +
  Speaker: Amro AlOlaqi
 +
 
 +
http://www.isacauae.org/isafe2011/doc/isafe2011brochure.pdf
 +
 
 +
https://plus.google.com/photos/117947441088827793360/albums/5712379217298867441?banner=pwa
 +
 
 +
 
 +
----
 +
 
 +
'''IT For Government 2011- DUBAI'''
  
 
''Location:&nbsp;Dusit Thani Hotel - 133, Sheikh Zayed Road <br>''  
 
''Location:&nbsp;Dusit Thani Hotel - 133, Sheikh Zayed Road <br>''  
Line 23: Line 137:
 
''Date: 4/Oct/2011''  
 
''Date: 4/Oct/2011''  
  
8:00 Registration and Coffee<br>8:45 Welcome Note&nbsp;<br>8:50 Opening Remarks from the Chairperson -&nbsp;Patrick J. Doliny&nbsp;Harris Atlas Systems. ICT Security Advisor<br>9:00 Inaugural Keynote by&nbsp;His Excellency Salem Khamis Al Shair Al Suwaidi -&nbsp;Emirates e-Government,&nbsp;Director General<br>9:20 Keynote presentation<br>Making IT Relevant for Middle East Challenges Leon V Shivamber -&nbsp;Harris Atlas Systems, Managing Director<br>9:40 Governments to the Cloud: A Seven Time CIO’s Perspective.&nbsp;Government’s may have different flags but the path, and obstacles, to adopting Cloud computing will often be the same. The Honorable Dale Meyerrose, former Chief Information Officer for the U.S. Intelligence Community, retired U.S. Air Force Major General and seven time CIO discusses observations from 37 years in IT and how government CIO’s can reach the Cloud.<br>Major General USAF (Ret.) Dale W. Meyerrose.&nbsp;Harris Corporation- USA.VP and GM of Cyber Integrated Solutions<br>10:20 Morning coffee and networking<br>10:50 Implementing Private Cloud Environments and Common Problems Encountered During Implementation,&nbsp;Matthew J. LaneJANUS Associates Inc., Chief Technology Officer<br>11:20 From Managed Services to the Cloud.&nbsp;Yasser Zeineldin, eHosting DataFort, CEO<br>11:50 Risk Management.&nbsp;Illyas Kooliyankal, Abu Dhabi Securities Exchange Chief Information Security Officer<br>'''<u>12:20 Threat Modelling and Ethical Hacking/Penetration Testing.&nbsp;Amro AlOlaqi aka Amro Ahmed &nbsp;.&nbsp;Open Web Application Security Project (OWASP) ( DUBAI CHAPTER)</u>'''<br>12:50 Prayer Break &amp; Luncheon<br>14:00 The Future of Security: Evolve or Die&nbsp;Tariq M. Ajmal, Deloitte.&nbsp;Partner - ME Leader - Information &amp; Technology Risk Services<br>14:30 Effectively Govern Your Processes and Meet the Standards.&nbsp;Jiten Sil, Software AG, Regional Sales Manager<br>15:00 Role of IT in Governance.&nbsp;Azhar Zia-ur-Rehman, Etisalat Group, Director of IT<br>15:30 Afternoon coffee and networking<br>16:00 Interactive Panel Discussion:<br>Networking, including intelligence gathering, attack vector, and organisational reputation issues<br>Major General USAF (Ret.) Dale W. Meyerrose<br>Harris Corporation- USA., V.P and General Manager of Cyber and Information Assurance<br>Dr. Fadi Aloul, American University of Sharjah, UAE Professor of Computer Science &amp; Engineering<br>Fadi Salem, Dubai School of Government Director and Fellow, Governance and Innovation Tomas Harper, Los Alamos National Laboratory Chief Information Officer<br>Trevor Moore, Abu Dhabi University, IT director<br>17:00 Keynote Address:<br>Cloud Computing Set to Unleash a Perfect Storm in Business<br>Shift happens. The unexpected matters. Right now, there‘s something in the air, something really big. It‘s so big that to many it‘s hidden in plain sight. We are witnessing a seismic shift in information technology, the kind that comes around every decade or so, and it will have a huge impact on business, especially in today‘s volatile economy and world of exponential change. It‘s called „the Cloud“ a 21st century business platform built on cloud computing technologies. In this keynote, Peter takes us on a fascinating journey to explore what the Cloud portends for business. In the past, IT was about productivity; now in the Cloud it‘s about collaboration, a shared information base, and collective intelligence. The „wow“ isn‘t about on-demand IT, it‘s about on-demand business innovation. Buckle up and get ready to win in this brave new world. You don‘t want to miss Peter‘s fast-paced and insightful talk. Peter Fingar, Meghan-Kiffer Research, Managing Principal<br>17:30 NETWORKING COCKTAIL RECEPTION<br><br>If you have any questions related with the above, please don't hesitate to contact me at amro(at)owasp.org, also our stand will be located outside for your registration. <br>
+
''Registration 8:00 AM'' 
 +
 
 +
''NAUGURAL KEYNOTE PRESENTATION BY His Excellency Salem Khamis Al Shair Al Suwaidi Emirates e-Government Director General''
 +
 
 +
    OWASP's session: 11:20 PM 
 +
    Speaker: Amro AlOlaqi  
 +
    Subject: The Ten Web Application Critical Risks
 +
 
 +
For more information about the event, please visit http://www.fleminggulf.com/cms/uploads/conference/downloads/Postshow_report_DBTC15.pdf
  
[[Category:Middle_East]]
+
[[Category:United Arab Emirates]]

Latest revision as of 00:15, 28 August 2014

OWASP Dubai

Welcome to the Dubai chapter homepage. The chapter leaders are Amro AlOlaqi and Tarek Naja
Click here to join the local chapter mailing list.

Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is and open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter.

Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG


Local News

OWASP Moves to MediaWiki Portal - 11:15, 20 May 2006 (EDT)


Past Events

27th of August 2014 at 6:30pm

  Nakheel Sales Office MAP
  Al Sufouh Road,
  Jumeirah - Dubai
  United Arab Emirates

Topics:

OWASP Top 10 A2 - Broken Authentication and session management
Speaker: Tarek Naja
Bio: Tarek is the OWASP UAE chapter leader. He is a seasoned security consultant who focuses on penetration testing.
OWASP Top 10 A3 - Cross site scripting (XSS)
Speaker: Michael Hendrickx
Bio: Michael is an experienced IT security professional with strong, deep technical knowledge on wide variety of applications.

28th of May, 2014. 6:30pm

  Nakheel Sales Office MAP
  Al Sufouh Road,
  Jumeirah - Dubai
  United Arab Emirates

We're honored to have our guest speak Ammar Almarzooqi - Chief Information Security Officer at Abu Dhabi Department of Economic Development.

Ammar will be talking about seamless implementation of security controls. If you're dealing with some elements that are inherently secure, such as an application that cannot be modified, how would you be able to secure your environment? Ammar will be addressing this question and discussing a real case scenario from his organization.


Our other presenter is Tarek Naja - Senior Security Consultant. Tarek will be answering questions about the vulnerability you all heard about recently: Heart Bleed. Tarek specializes in penetration testing, mainly web application and mobile application penetration testing.


19th of Feb 2014 at 8pm

  Cafe Rider MAP
  Close to Mall of the Emirates
  Al Quoz Industrial - Dubai
  United Arab Emirates

Topics:

Managing Web & Application Security with OWASP – bringing it all together
Setting up, managing and improving your global information security organisation using mature OWASP projects and tools. Achieving cost-effective application security and bringing it all together on the management level. A journey through different organisational stages and how OWASP tools help organisations moving forward improving their web and application security. This talk will discuss a number of quick wins and how to effectively manage global security initiatives and use OWASP tools inside your organisation
Application Security for managers
OWASP CISO Guide and CISO Survey
The OWASP CISO guide and CISO report 2013. This talk will present two new OWASP projects, the CISO guide and the newly released results of the OWASP CISO Survey report 2013. Their main goal is to provide guidance on application and web security for senior managers and to introduce Chief Information Security Officers (CISO) to the OWASP Application Security Guide and the results of the CISO Survey. Over the last years, we noticed that application security risks and threats have been on the rise and OWASP has started the CISO survey project to gather intelligence and provide it to CISOs and senior managers in order to improve their security strategies, assess their priorities and learn from their peers about what works best protecting web and application security in organizations across various industries.

Speaker: Tobias Gondrom

Tobias Gondrom is a global board member of OWASP (Open Web Application Security Project) and CEO at Thames Stanley, a boutique Global CISO and Information Security & Risk Management Advisory based in Hong Kong, United Kingdom and Germany.


14th of Dec 2013 at 6-8pm.

  MAKE Business Hub MAP 
  Al Fattan Tower - Dubai
  United Arab Emirates
  +971 4 392 9216
  Speaker: Peter Dowley 
  Topic: Security Architecture for Applications, titled "What's the difference between a security bug and a security flaw?"

Speaker bio : Peter has been working in computer security for over 10 years, after another decade in other areas of IT - System & infrastructure architecture, Windows desktop & server design & management, database modelling & design, programming. He has strong expertise in security architecture (especially for banking systems) and how this relates to risk and fraud management. He is a senior security consultant with Hewlett-Packard (HP) in Dubai and has been based in the Gulf region for 5 years.

Download the presentation: "What's the difference between a security bug and a security flaw"


Casual OWASP meetup This will be our first meeting in a while. It will be an opportunity to get introduced to the other members of the OWASP UAE Chapter and discuss the type of events you'd like to see in the future.

This will be a casual meeting at a Caribou Coffee at DIFC

http://www.mealadvisors.com/uae/dubai/restaurant/map/branch_id/1294

Gathering agenda will be:

   Meeting on Saturday the 9th of November 2013 at 6pm.
   Introductions
   Intro to OWASP
   Open discussion about Dubai chapter
   Networking
   Conclude at 8pm

IDC's IT Security Roadshow 2013 - Dubai

   Date and Time : Wednesday, April 3, 2013
   Venue: Mina A' Salam Hotel (Madinat Jumeirah)
   Web Application Security "Think like a hacker"
   Speaker: Amro Alolaqi

Reference: http://idc-cema.com/eng/events/50679-idc-s-it-security-roadshow-2013/11-speakers


Cyber Security Summit 2012- DUBAI

  Date and Time : 2nd & 3rd of October 2012  - 9:00 AM to 4:00 PM
  Venue: Grand Hayat - Dubai 
  Web Application Critical Vulnerabilities (OWASP top ten)
  Speaker: Amro AlOlaqi

http://we-initiative.com/wp-content/uploads/2012/07/Cyber-Security-UAE-2012-EM12.pdf


ISACA UAE - ISAFE conference 2011 - Dubai

  Date and Time : 18th - 9:00 AM to 4:00 PM
  Venue: The Address Hotel - Dubai Mall
  Web Application Critical Vulnerabilities and Threat Modeling 
  Speaker: Amro AlOlaqi

http://www.isacauae.org/isafe2011/doc/isafe2011brochure.pdf

https://plus.google.com/photos/117947441088827793360/albums/5712379217298867441?banner=pwa



IT For Government 2011- DUBAI

Location: Dusit Thani Hotel - 133, Sheikh Zayed Road

Date: 4/Oct/2011

Registration 8:00 AM

NAUGURAL KEYNOTE PRESENTATION BY His Excellency Salem Khamis Al Shair Al Suwaidi Emirates e-Government Director General

   OWASP's session: 11:20 PM  
   Speaker: Amro AlOlaqi 
   Subject: The Ten Web Application Critical Risks 

For more information about the event, please visit http://www.fleminggulf.com/cms/uploads/conference/downloads/Postshow_report_DBTC15.pdf