OWASP - User contributions [en]

Saudi Arabia

2019-11-04T08:29:24Z

Alosefer:

{{Chapter Template|chaptername=Saudi Arabia|extra= The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}}

== '''Upcoming Meetings''' ==
===== '''OWASP upcoming 11: 14 Nov 2019 '''=====
OWASP Jeddah 🇸🇦
* Into to Cyber Security
* Install Kali
* Secure your network
''By Mohammed, Abdullah, Malaz, From 7:00 - 9:00 PM Saudi Arabia Time''

[https://twitter.com/OWASPKSA Location: Follwo -> https://twitter.com/OWASPKSA]

== '''OWASP Saudi Arabia Social Media''' ==
'''https://twitter.com/OWASPKSA'''

== '''Previous Meetings''' ==
'''OWASP upcoming 10: 16 July 2018'''
* IoT Security
* The History and Future of Web PenTest
* Linux for Cyber Security
''By Rakan, Naser and Dr Yaser Alosefer, From 7:00 - 9:00 PM Saudi Arabia Time''

[https://techcampus.com/aboutus Location: @TechCampus https://techcampus.com/aboutus]

'''OWASP 09: 1 April 2018 '''
* Introduction to footprinting and reconnaissance
* Personal Data security
* How to Footprinting
* Footprinting types ( Whois, Social media, Source codes, ….)
* Top 5 Tools of Footprinting
* Using email for footprinting
* Pen testing for footprinting
* Using Ping, Tracert, nslookup, and dig
''By Dr Yaser Alosefer, Haitham abdulaziz al, From 7:00 - 11:00 PM Saudi Arabia Time''

[https://techcampus.com/aboutus Location: @TechCampus https://techcampus.com/aboutus ]

'''OWASP 08: 18 March 2018 '''
* Introduction to Cloud Technology
* Type of Cloud
* Cloud Security
* Data Security in the Cloud
* Risk, Audit, and Assessment for the Cloud
* Infrastructure Security in the Cloud
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''

[https://www.hailedu.gov.sa/ Location: Hail Education Ministry - Hail, King Abdulaziz Road https://www.hailedu.gov.sa/]
===== '''OWASP 01: 23 - March 2017 '''=====
* What is OWASP KSA?
* Top 10 Standard
* OWASP 2018 Activities and initiatives
* Networking
''By Dr Yaser Alosefer, From 6:30 PM - 8:00 PM Saudi Arabia Time ''

===== '''OWASP 02: 29 - May 2017 '''=====
* Introduction to Operating system
* Linux OS
* Kernel Security
* Networking Security
* OWASP Top 10 ( 2017 ) Part2
''By Abdullah AlSabi, Dr Yaser Alosefer, From 9:00 PM - 11:00 PM Saudi Arabia Time ''

===== '''OWASP 03: 27 - June 2017 '''=====
* Introduction to Database Management
* SQL Injection
* Cyber Attack Analysis
* Security Misconfiguration
''By Abdulrahman Aldaej, Osama Alshaya, Dr Yaser Alosefer, From 9:00 PM - 12:00 AM Saudi Arabia Time''

===== '''OWASP 04: 25 August 2017 '''=====
* Introduction to Social Engineering
* Types of Social Engineering
* Top 10 ways of social Engineering
* Blackmailing
* SMS and Email Phishing Attack
''By Ahmad Hilal, Mohammed Almansour. From 7:00 PM - 10:00 AM Saudi Arabia Time''

===== '''OWASP 05: Girls 22 OCT 2017'''=====
* Introduction to Ethical Hacking
* Type of hackers
* Top Hacking stories of 2017
* Kali Linux and How to install it
* Kali linux list of main functions
* Kali Linux tools NMAP
''By Dalal Abdullah, Jamilah Abdulaziz. From 6:00 PM - 9:00 PM Saudi Arabia Time''

===== '''OWASP 06: 24 DEC 2017 '''=====
* Introduction to Networking Security
* Scanning and Sniffing
* NMAP and Wireshark
* Wireshark Analysis
* VPN & DNS
* The Dark Web
''By Yaser Faraj, From 7:00 PM to 9:00 PM Saudi Arabia Time''

===== '''OWASP 07: 22 FEB 2018 '''=====
* Introduction to Cloud Technology
* Type of Cloud
* Cloud Security
* Data Security in the Cloud
* Risk, Audit, and Assessment for the Cloud
* Infrastructure Security in the Cloud
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''
''

[[Category:OWASP_Chapter]]''

Saudi Arabia

2018-12-12T12:50:51Z

Alosefer:

{{Chapter Template|chaptername=Saudi Arabia|extra= The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}}

== '''Upcoming Meetings''' ==
===== '''OWASP upcoming 11: 30 Dec 2018 '''=====
Lectures will be announced soon 🤓

[https://techcampus.com/aboutus| '''Location: @TechCampus https://techcampus.com/aboutus ''']

== '''OWASP Saudi Arabia Social Media''' ==
'''https://twitter.com/OWASPKSA'''

== '''Previous Meetings''' ==
'''OWASP upcoming 10: 16 July 2018 '''
* IoT Security
* The History and Future of Web PenTest
* Linux for Cyber Security
''By Rakan, Naser and Dr Yaser Alosefer, From 7:00 - 9:00 PM Saudi Arabia Time''

[https://techcampus.com/aboutus| '''Location: @TechCampus https://techcampus.com/aboutus ''']

'''OWASP 09: 1 April 2018 '''
* Introduction to footprinting and reconnaissance
* Personal Data security
* How to Footprinting
* Footprinting types ( Whois, Social media, Source codes, ….)
* Top 5 Tools of Footprinting
* Using email for footprinting
* Pen testing for footprinting
* Using Ping, Tracert, nslookup, and dig
''By Dr Yaser Alosefer, Haitham abdulaziz al, From 7:00 - 11:00 PM Saudi Arabia Time''

[https://techcampus.com/aboutus| '''Location: @TechCampus https://techcampus.com/aboutus ''']

'''OWASP 08: 18 March 2018 '''
* Introduction to Cloud Technology
* Type of Cloud
* Cloud Security
* Data Security in the Cloud
* Risk, Audit, and Assessment for the Cloud
* Infrastructure Security in the Cloud
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''

[https://www.hailedu.gov.sa/| '''Location: Hail Education Ministry - Hail, King Abdulaziz Road https://www.hailedu.gov.sa/''']
===== '''OWASP 01: 23 - March 2017 '''=====
* What is OWASP KSA?
* Top 10 Standard
* OWASP 2018 Activities and initiatives
* Networking
''By Dr Yaser Alosefer, From 6:30 PM - 8:00 PM Saudi Arabia Time ''

===== '''OWASP 02: 29 - May 2017 '''=====
* Introduction to Operating system
* Linux OS
* Kernel Security
* Networking Security
* OWASP Top 10 ( 2017 ) Part2
''By Abdullah AlSabi, Dr Yaser Alosefer, From 9:00 PM - 11:00 PM Saudi Arabia Time ''

===== '''OWASP 03: 27 - June 2017 '''=====
* Introduction to Database Management
* SQL Injection
* Cyber Attack Analysis
* Security Misconfiguration
''By Abdulrahman Aldaej, Osama Alshaya, Dr Yaser Alosefer, From 9:00 PM - 12:00 AM Saudi Arabia Time''

===== '''OWASP 04: 25 August 2017 '''=====
* Introduction to Social Engineering
* Types of Social Engineering
* Top 10 ways of social Engineering
* Blackmailing
* SMS and Email Phishing Attack
''By Ahmad Hilal, Mohammed Almansour. From 7:00 PM - 10:00 AM Saudi Arabia Time''

===== '''OWASP 05: Girls 22 OCT 2017'''=====
* Introduction to Ethical Hacking
* Type of hackers
* Top Hacking stories of 2017
* Kali Linux and How to install it
* Kali linux list of main functions
* Kali Linux tools NMAP
''By Dalal Abdullah, Jamilah Abdulaziz. From 6:00 PM - 9:00 PM Saudi Arabia Time''

===== '''OWASP 06: 24 DEC 2017 '''=====
* Introduction to Networking Security
* Scanning and Sniffing
* NMAP and Wireshark
* Wireshark Analysis
* VPN & DNS
* The Dark Web
''By Yaser Faraj, From 7:00 PM to 9:00 PM Saudi Arabia Time''

===== '''OWASP 07: 22 FEB 2018 '''=====
* Introduction to Cloud Technology
* Type of Cloud
* Cloud Security
* Data Security in the Cloud
* Risk, Audit, and Assessment for the Cloud
* Infrastructure Security in the Cloud
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''
''

[[Category:OWASP_Chapter]]''

Saudi Arabia

2018-07-06T10:59:35Z

Alosefer: Upcoming Meeting 10

{{Chapter Template|chaptername=Saudi Arabia|extra= The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}}

== '''Upcoming Meetings''' ==
===== '''OWASP upcoming 10: 16 July 2018 '''=====
* IoT Security
* The History and Future of Web PenTest
* Linux for Cyber Security
''By Rakan, Naser and Dr Yaser Alosefer, From 7:00 - 9:00 PM Saudi Arabia Time''

[https://techcampus.com/aboutus| '''Location: @TechCampus https://techcampus.com/aboutus ''']

== '''OWASP Saudi Arabia Social Media''' ==
'''https://twitter.com/OWASPKSA'''

== '''Previous Meetings''' ==
'''OWASP 09: 1 April 2018 '''
* Introduction to footprinting and reconnaissance
* Personal Data security
* How to Footprinting
* Footprinting types ( Whois, Social media, Source codes, ….)
* Top 5 Tools of Footprinting
* Using email for footprinting
* Pen testing for footprinting
* Using Ping, Tracert, nslookup, and dig
''By Dr Yaser Alosefer, Haitham abdulaziz al, From 7:00 - 11:00 PM Saudi Arabia Time''

[https://techcampus.com/aboutus| '''Location: @TechCampus https://techcampus.com/aboutus ''']

'''OWASP 08: 18 March 2018 '''
* Introduction to Cloud Technology
* Type of Cloud
* Cloud Security
* Data Security in the Cloud
* Risk, Audit, and Assessment for the Cloud
* Infrastructure Security in the Cloud
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''

[https://www.hailedu.gov.sa/| '''Location: Hail Education Ministry - Hail, King Abdulaziz Road https://www.hailedu.gov.sa/''']
===== '''OWASP 01: 23 - March 2017 '''=====
* What is OWASP KSA?
* Top 10 Standard
* OWASP 2018 Activities and initiatives
* Networking
''By Dr Yaser Alosefer, From 6:30 PM - 8:00 PM Saudi Arabia Time ''

===== '''OWASP 02: 29 - May 2017 '''=====
* Introduction to Operating system
* Linux OS
* Kernel Security
* Networking Security
* OWASP Top 10 ( 2017 ) Part2
''By Abdullah AlSabi, Dr Yaser Alosefer, From 9:00 PM - 11:00 PM Saudi Arabia Time ''

===== '''OWASP 03: 27 - June 2017 '''=====
* Introduction to Database Management
* SQL Injection
* Cyber Attack Analysis
* Security Misconfiguration
''By Abdulrahman Aldaej, Osama Alshaya, Dr Yaser Alosefer, From 9:00 PM - 12:00 AM Saudi Arabia Time''

===== '''OWASP 04: 25 August 2017 '''=====
* Introduction to Social Engineering
* Types of Social Engineering
* Top 10 ways of social Engineering
* Blackmailing
* SMS and Email Phishing Attack
''By Ahmad Hilal, Mohammed Almansour. From 7:00 PM - 10:00 AM Saudi Arabia Time''

===== '''OWASP 05: Girls 22 OCT 2017'''=====
* Introduction to Ethical Hacking
* Type of hackers
* Top Hacking stories of 2017
* Kali Linux and How to install it
* Kali linux list of main functions
* Kali Linux tools NMAP
''By Dalal Abdullah, Jamilah Abdulaziz. From 6:00 PM - 9:00 PM Saudi Arabia Time''

===== '''OWASP 06: 24 DEC 2017 '''=====
* Introduction to Networking Security
* Scanning and Sniffing
* NMAP and Wireshark
* Wireshark Analysis
* VPN & DNS
* The Dark Web
''By Yaser Faraj, From 7:00 PM to 9:00 PM Saudi Arabia Time''

===== '''OWASP 07: 22 FEB 2018 '''=====
* Introduction to Cloud Technology
* Type of Cloud
* Cloud Security
* Data Security in the Cloud
* Risk, Audit, and Assessment for the Cloud
* Infrastructure Security in the Cloud
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''
''

[[Category:OWASP_Chapter]]''

Saudi Arabia

2018-03-11T18:50:49Z

Alosefer: new update

{{Chapter Template|chaptername=Saudi Arabia|extra= The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer] |mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}}

== '''Upcoming Meetings''' ==

===== '''OWASP upcoming 08: 18 March 2018 '''=====
* Introduction to Cloud Technology
* Type of Cloud
* Cloud Security
* Data Security in the Cloud
* Risk, Audit, and Assessment for the Cloud
* Infrastructure Security in the Cloud
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time''

[https://www.hailedu.gov.sa/|'''Location: Hail Education Ministry - Hail, King Abdulaziz Road https://www.hailedu.gov.sa/''']

===== '''OWASP upcoming 09: 1 April 2018 '''=====
* Introduction to footprinting and reconnaissance
* Personal Data security
* How to Footprinting
* Footprinting types ( Whois, Social media, Source codes, ….)
* Top 5 Tools of Footprinting
* Using email for footprinting
* Pen testing for footprinting
* Using Ping, Tracert, nslookup, and dig
''By Dr Yaser Alosefer, Haitham abdulaziz al, From 7:00 - 11:00 PM Saudi Arabia Time''

[https://techcampus.com/aboutus|'''Location: @TechCampus https://techcampus.com/aboutus ''']

== '''OWASP Saudi Arabia Social Media''' ==
'''https://twitter.com/OWASPKSA
'''
== '''Previous Meetings''' ==
===== '''OWASP 01: 23 - March 2017 '''=====
* What is OWASP KSA?
* Top 10 Standard
* OWASP 2018 Activities and initiatives
* Networking
''By Dr Yaser Alosefer, From 6:30 PM - 8:00 PM Saudi Arabia Time
''

===== '''OWASP 02: 29 - May 2017 '''=====
* Introduction to Operating system
* Linux OS
* Kernel Security
* Networking Security
* OWASP Top 10 ( 2017 ) Part2
''By Abdullah AlSabi, Dr Yaser Alosefer, From 9:00 PM - 11:00 PM Saudi Arabia Time
''

===== '''OWASP 03: 27 - June 2017 '''=====
* Introduction to Database Management
* SQL Injection
* Cyber Attack Analysis
* Security Misconfiguration
''By Abdulrahman Aldaej, Osama Alshaya, Dr Yaser Alosefer, From 9:00 PM - 12:00 AM Saudi Arabia Time
''

===== '''OWASP 04: 25 August 2017 '''=====
* Introduction to Social Engineering
* Types of Social Engineering
* Top 10 ways of social Engineering
* Blackmailing
* SMS and Email Phishing Attack
''By Ahmad Hilal, Mohammed Almansour. From 7:00 PM - 10:00 AM Saudi Arabia Time
''

===== '''OWASP 05: Girls 22 OCT 2017'''=====
* Introduction to Ethical Hacking
* Type of hackers
* Top Hacking stories of 2017
* Kali Linux and How to install it
* Kali linux list of main functions
* Kali Linux tools NMAP
''By Dalal Abdullah, Jamilah Abdulaziz. From 6:00 PM - 9:00 PM Saudi Arabia Time
''

===== '''OWASP 06: 24 DEC 2017 '''=====
* Introduction to Networking Security
* Scanning and Sniffing
* NMAP and Wireshark
* Wireshark Analysis
* VPN & DNS
* The Dark Web
''By Yaser Faraj, From 7:00 PM to 9:00 PM Saudi Arabia Time
''
===== '''OWASP 07: 22 FEB 2018 '''=====
* Introduction to Cloud Technology
* Type of Cloud
* Cloud Security
* Data Security in the Cloud
* Risk, Audit, and Assessment for the Cloud
* Infrastructure Security in the Cloud
''By Dr Yaser Alosefer, Abdulrahman Obaid, From 7:00 - 11:00 PM Saudi Arabia Time
''

[[Category:OWASP_Chapter]]

Saudi Arabia

2017-03-20T05:47:17Z

Alosefer:

{{Chapter Template|chaptername=Saudi Arabia|extra=The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer]
<paypal>Saudi Arabia</paypal>
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}}

 
== OWASP Saudi Arabia - Upcoming Events ==
*''''' First Meeting (Thursday 23/3/2017)
# What is OWASP Saudi Arabia
# Talk: OWASP Top 10
# OWASP 2017 activities and initiatives
# Networking

 
== OWASP Saudi Arabia - University Clubs ==
*''''' Majmaah University جامعة المجمعة''''' Club leader is [mailto:f.alduraibi@mu.edu.sa فهد الدريبي ]

 

== Previous activities ==

-----

The Saudi Chapter is pleased to announce the release of OWASP Top 10 2013 in Arabic. Please share:
https://www.owasp.org/images/6/6a/OWASP_TOP_10_2013_Arabic.pdf

-----

The Saudi Chapter is pleased to announce that we've successfully transalted The Zed Attack Proxy (ZAP) to Arabic - you can now download the ZAP 2.2.2 Language Pack 1 from the following link
https://code.google.com/p/zaproxy/downloads/detail?name=ZAP_2.2.2_language_pack.1.zaplang

-----

-------
December - 10th/2013 (Members gathering)

The agenda for this gathering would be as follows:

*OWASP introduction for new members
*OWASP Saudi Arabia, event planning for 2014
*OWASP Top 10 translation initiative and discuss the possibility of translating the new testing guide when released.

Date: 10th of December Time: 18:00 - 19:00
Venue: Costa Coffee, Olaya Street, Riyadh

Direction: https://maps.google.com.sa/maps?hl=en&sig=BZ4&ie=UTF-8&q=costa+coffee+in+riyadh&fb=1&gl=sacid=0,0,2944591365254196345&ei=OTUeUaOaN8rIswa2x4HYBw&ved=0CAEQ5xgwAA

-------
'''February - 25th/2013 (Members gathering)'''

''The agenda for this gathering would be as follows:''

- Catch up with new members

- OWASP Saudi Arabia and its involvement with other non-profit organizations

- Planning for our next conference/technical session

''Date: 25th of Feb
Time: 18:00 - 19:00
Venue: Costa Coffee, Olaya Street, Riyadh''

Direction: https://maps.google.com.sa/maps?hl=en&sig=BZ4&ie=UTF-8&q=costa+coffee+in+riyadh&fb=1&gl=sacid=0,0,2944591365254196345&ei=OTUeUaOaN8rIswa2x4HYBw&ved=0CAEQ5xgwAA

------

'''Date:''' 24th May 2012, starting at 8:30 PM to 9:30 PM

'''Agenda:'''

1- Welcoming to OWASP Sharqiyah ''Jalsah''#1

2- OWASP?

3- Discussion: How to Start in Web Application Security?

3- Closing

Detailed Agenda document [https://docs.google.com/open?id=0B4eUULYLYNDsLUFOVlJEVkFhRzQ]

'''Location:'''

Al-Liwan Coffee Shop in Khobar opposite to SAAD Hospital.

= '''Application Security and OWASP top 10 - Jeddah''' =

We'll have a technical session to talk about application security and OWASP top 10, as we'll demonstrate the top critical vulnerabilities against web applications.

'''The OWASP Top 10 Web Application Security Risks are:'''

A1: Injection

----

A2: Cross-Site Scripting (XSS)

----

A3: Broken Authentication and Session Management

----

A4: Insecure Direct Object References

----

A5: Cross-Site Request Forgery (CSRF)

----

A6: Security Misconfiguration

----

A7: Insecure Cryptographic Storage

----

A8: Failure to Restrict URL Access

----

A9: Insufficient Transport Layer Protection

----

A10: Unvalidated Redirects and Forwards

 

'''''Date: 21 Jun 2011'''''

'''''Location: Rosewood Corniche - Jeddah'''''

'''''Start: 19:00 End: 21:00'''''

'''''Speaker: Amro AlOlaqi'''''

 

If you're interested to attend the session please confirm by sending your information to amro at owasp.org. 

= '''Jeddah meeting''' =

'''The agenda of the inaugural meeting will be as follows:'''

1. Introduction to OWASP

2. Discuss local OWASP awareness and image programs for Jeddah members.

Date: Sunday, 3, 2010

Location: Costa Coffee, alHamrah, Jeddah.

Sponsored by: SAIS technology

Please do not hesitate to contact me at amro (at) owasp.org for any clarification or inquires

= '''Information Security and beyond - Event''' =

'''Location'''

Venue: Makarim Hall - Marriott Hotel

City : Riyadh - KSA

Date: 25 May 2009

Time: 08:30 - 15:00

 '''''Seminar Agenda'''''

08:00 – 08:30 Registration
08:30 – 09:00 Key note ( SAMA Speaker )
09:00 – 10:00 ISO 27001 ( BSI Speaker )
10:00 – 10:20 Refreshment
10:20 – 11:0 Application Security ( Verizon Business Speaker )
11:00 – 12:00 Penetration Testing using OWASP methodology ( OWASP )
12:00 – 12:30 Prayer time
12:30 - 01:20 Enterprise Security ( F5 Speaker )
01:20 – 01:40 Q & A
01:40 – 02:30 Lunch

 '''''Event Speaker'''''

 

''''Mr. Saqer Al-Orabi Al-Harthi.''' Information System and Control Manager Saudi Arabian Monetary Agency (SAMA)

Mr. Saqer Al-Orabi Al-Harthi is responsible for the Information System and Control at SAMA – Banking Technology Department. Mr. Al-Harthi has been the chairman of various committees at SAMA such as: SAMA and Banks Information Security Managers Committee, Information Security Awareness Committee and Security Training Committee. Mr. Al-Harthi has been instrumental in building Information Security for the Saudi financial industry by initiating and executing major projects such as SARIE Security, SPAN Security, PKI, and he has been the champion in PCI development within Saudi Arabia along with other security related projects. Furthermore, Mr. Al-Harthi has presented in many IT Security seminars and events. Mr. Al-Harthi holds a Masters degree in Computer and Information System from U.S.A. and he is a Certified Information Security Manager (CISM).

''''Amro AlOlaqi''' Information Security Consultant 

Amro has more than 7 years of experience in Information security. He started his professional career at early age, since then, he engaged the field of UNIX/Linux engineering and systems’ security. Throughout his extraordinary achievements and accomplishments, he became amongst the most recognized experts in the field of penetration testing, application security and vulnerability assessment within Saudi Arabia. He carried out penetration tests, application , vulnerability assessments and security audits for prestigious organizations. Moreover, his expertise extends across industry verticals, security technologies plus hacking tools and techniques. Amro is the OWASP chapter leader for Saudi Arabia and United Arab Emirates, also he is specialized at cyber crime investigations and digital forensics. Nevertheles, Amro hold well-recognized international certifications such as GCIH, GHTQ, ECSA/LPT, CEH, CHFI, Security+, RHCE, SCSA, Linux+, LPIC1, LPIC2 and SCSECA.

 ''''Theuns Kotze''' Regional Director BSI – Middle East and Africa

Mr. Kotze holds a B. Comm. Degree from the University of Pretoria. He is currently the Regional Director for BSI – Management Systems in Middle East and Africa. In BSI he was the Sales and Marketing Director for BSI- Management Systems in Europe based in London. He was an Executive Director of Nosa International responsible for Auditing and Certification Globally. During 2002 he developed an Aids management standard now known as AMS 16001. The AMS 16001 is now the South African Standard for Aids management and could become the ISO standard for aids management in future. He gained extensive knowledge and experience in Europe and Middle East in the last 2 years. He conducted more than 2000 assessments on various standards in the last 20 years. Theuns had a private pilot’s license for 20 years and has flown many types of airplanes. He is married to Maria and has a son John 8 and they now live in Dubai.

'''Ali Akl''' Principal Consultant Verizon Business Security Solutions

Ali has over 10 years experience in Information Security, Business Continuity and Disaster Recovery. He has a unique blend of technical expertise along with management consulting experience, which has made him a valuable consultant to many organizations in the public and private sectors. He has contributed to the OPM3 standard development project, he is also CISSP and CISM, and has earned the GIAC Fundamentals of Security Policy certificate and recently has earned the Member Status of the Business Continuity Institute as well Certified in Disaster Recovery and Planning and finally he has been invited into the Fellowship Program of the International Multilateral Partnership Against Cyber-Terrorism (‘IMPACT’).

 ''''Zakeer Zubair''' Field Systems Engineer

Zakeer Zubair is a senior technical team player in F5’s Middle East operation. Since obtaining his Bachelor degree in Mathematics, Zubair has spent the last 9 years working in networking and security for a variety of systems integrators including Schlumberger and Atos Origin. This role has involved integrating best of breed vendor networking and security devices and necessitated skills in routing, switching, security and application switching. Zubair has technical certifications from F5, Cisco, Juniper, Nortel Networks, Extreme Networks, Microsoft and CISSP.

----

= '''PCI compliance seminar''' =

----

'''Location'''

Venue: Makarim Hall - Marriott Hotel

City : Riyadh - KSA

Date: 2nd March 2009

Time: 08:30 - 15:00

'''Seminar Agenda'''

08:30 – 09:00 Registration Team
09:00 – 09:30 Introduction
09:30 – 10:20 PCI (Applications Firewalls/SSL VPN)
10:20 – 10:40 Refreshment
10:40 – 11:20 OWASP and PCI compliance
11:20 – 12:10 Application Delivery Controller
12:10 – 12:40 Prayer
12:40 – 01:00 Last Session + Questions +Closing Session
01:00 – 02:00 Lunch

'''''Speakers'''''

'''Peter Draper''', Security Specialist: has been providing guidance, design and implementation of Info Sec solutions for some 17+ years. The last ten years have been focused on Application delivery and security with the most recent focus following the main hacking attempts into the Web Application Security space. Peter has been instrumental in delivering Web Application Security into a wide and varied range of customers including finance, government, ecommerce and travel industry companies. Within the Middle East region Peter had delivered solutions to Government, Finance and Corporate customers ensuring the best possible protection is in place to secure customer sensitive data.

Peter’s presentation will focus on:

1) What is the “PCI Journey”?
2) What do I need to do and when?
3) Is PCI the only reason to deploy security solutions?
4) Where should I concentrate my $
5) What happens once I have it?

 '''Nigel Ashworth''', F5 MEA Technical Director: has been F5’s Technical Director for Middle East and Africa since September 2005. In that time he has driven the region’s increasing importance to F5’s global business, managing the pre sales engineering team, and investing technical resources in key verticals to drive double-digit sales growth. Nigel has been with F5 for nine years in a number of senior technical roles, including Technical Director responsible for driving EMEA Strategic Alliances with key partners including Microsoft, SAP and Oracle, and Technical Director responsible for pre-sales in Europe. Prior to joining F5, Nigel held technical leadership positions for companies including Reuters and UB Networks. He received his B.S in Electrical Engineering from Portsmouth University.

 

''''Amro AlOlaqi, ''' Information Security Consultant Amro has more than 7 years of experience in Information security. He started his professional career at early age, since then, he engaged the field of UNIX/Linux engineering and systems’ security. Throughout his extraordinary achievements and accomplishments, he became amongst the most recognized experts in the field of penetration testing, application security and vulnerability assessment within Saudi Arabia. He carried out penetration tests, application , vulnerability assessments and security audits for prestigious organizations. Moreover, his expertise extends across industry verticals, security technologies plus hacking tools and techniques. Amro is the OWASP chapter leader for Saudi Arabia and United Arab Emirates, also he is specialized at cyber crime investigations and digital forensics. Nevertheles, Amro hold well-recognized international certifications such as GCIH, GHTQ, ECSA/LPT, CEH, CHFI, Security+, RHCE, SCSA, Linux+, LPIC1, LPIC2 and SCSECA. ''' '''

Amro’s presentation will focus on:

1) Web application attacks and security trends.
2) OWASP "thinking out of the box".
2) OWASP and application security.
4) The relation between OWASP and PCI.

[[Category:OWASP_Chapter]]
[[Category:Saudi Arabia]]

Saudi Arabia

2017-03-16T17:31:35Z

Alosefer:

{{Chapter Template|chaptername=Saudi Arabia|extra=The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer]
<paypal>Saudi Arabia</paypal>
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}}

 
== OWASP Saudi Arabia - Upcoming Events ==
*''''' First Meeting (Monday 20/3/2017)
# What is OWASP Saudi Arabia
# Talk: OWASP Top 10
# OWASP 2017 activities and initiatives
# Networking

 
== OWASP Saudi Arabia - University Clubs ==
*''''' Majmaah University جامعة المجمعة''''' Club leader is [mailto:f.alduraibi@mu.edu.sa فهد الدريبي ]

 

== Previous activities ==

-----

The Saudi Chapter is pleased to announce the release of OWASP Top 10 2013 in Arabic. Please share:
https://www.owasp.org/images/6/6a/OWASP_TOP_10_2013_Arabic.pdf

-----

The Saudi Chapter is pleased to announce that we've successfully transalted The Zed Attack Proxy (ZAP) to Arabic - you can now download the ZAP 2.2.2 Language Pack 1 from the following link
https://code.google.com/p/zaproxy/downloads/detail?name=ZAP_2.2.2_language_pack.1.zaplang

-----

-------
December - 10th/2013 (Members gathering)

The agenda for this gathering would be as follows:

*OWASP introduction for new members
*OWASP Saudi Arabia, event planning for 2014
*OWASP Top 10 translation initiative and discuss the possibility of translating the new testing guide when released.

Date: 10th of December Time: 18:00 - 19:00
Venue: Costa Coffee, Olaya Street, Riyadh

Direction: https://maps.google.com.sa/maps?hl=en&sig=BZ4&ie=UTF-8&q=costa+coffee+in+riyadh&fb=1&gl=sacid=0,0,2944591365254196345&ei=OTUeUaOaN8rIswa2x4HYBw&ved=0CAEQ5xgwAA

-------
'''February - 25th/2013 (Members gathering)'''

''The agenda for this gathering would be as follows:''

- Catch up with new members

- OWASP Saudi Arabia and its involvement with other non-profit organizations

- Planning for our next conference/technical session

''Date: 25th of Feb
Time: 18:00 - 19:00
Venue: Costa Coffee, Olaya Street, Riyadh''

Direction: https://maps.google.com.sa/maps?hl=en&sig=BZ4&ie=UTF-8&q=costa+coffee+in+riyadh&fb=1&gl=sacid=0,0,2944591365254196345&ei=OTUeUaOaN8rIswa2x4HYBw&ved=0CAEQ5xgwAA

------

'''Date:''' 24th May 2012, starting at 8:30 PM to 9:30 PM

'''Agenda:'''

1- Welcoming to OWASP Sharqiyah ''Jalsah''#1

2- OWASP?

3- Discussion: How to Start in Web Application Security?

3- Closing

Detailed Agenda document [https://docs.google.com/open?id=0B4eUULYLYNDsLUFOVlJEVkFhRzQ]

'''Location:'''

Al-Liwan Coffee Shop in Khobar opposite to SAAD Hospital.

= '''Application Security and OWASP top 10 - Jeddah''' =

We'll have a technical session to talk about application security and OWASP top 10, as we'll demonstrate the top critical vulnerabilities against web applications.

'''The OWASP Top 10 Web Application Security Risks are:'''

A1: Injection

----

A2: Cross-Site Scripting (XSS)

----

A3: Broken Authentication and Session Management

----

A4: Insecure Direct Object References

----

A5: Cross-Site Request Forgery (CSRF)

----

A6: Security Misconfiguration

----

A7: Insecure Cryptographic Storage

----

A8: Failure to Restrict URL Access

----

A9: Insufficient Transport Layer Protection

----

A10: Unvalidated Redirects and Forwards

 

'''''Date: 21 Jun 2011'''''

'''''Location: Rosewood Corniche - Jeddah'''''

'''''Start: 19:00 End: 21:00'''''

'''''Speaker: Amro AlOlaqi'''''

 

If you're interested to attend the session please confirm by sending your information to amro at owasp.org. 

= '''Jeddah meeting''' =

'''The agenda of the inaugural meeting will be as follows:'''

1. Introduction to OWASP

2. Discuss local OWASP awareness and image programs for Jeddah members.

Date: Sunday, 3, 2010

Location: Costa Coffee, alHamrah, Jeddah.

Sponsored by: SAIS technology

Please do not hesitate to contact me at amro (at) owasp.org for any clarification or inquires

= '''Information Security and beyond - Event''' =

'''Location'''

Venue: Makarim Hall - Marriott Hotel

City : Riyadh - KSA

Date: 25 May 2009

Time: 08:30 - 15:00

 '''''Seminar Agenda'''''

08:00 – 08:30 Registration
08:30 – 09:00 Key note ( SAMA Speaker )
09:00 – 10:00 ISO 27001 ( BSI Speaker )
10:00 – 10:20 Refreshment
10:20 – 11:0 Application Security ( Verizon Business Speaker )
11:00 – 12:00 Penetration Testing using OWASP methodology ( OWASP )
12:00 – 12:30 Prayer time
12:30 - 01:20 Enterprise Security ( F5 Speaker )
01:20 – 01:40 Q & A
01:40 – 02:30 Lunch

 '''''Event Speaker'''''

 

''''Mr. Saqer Al-Orabi Al-Harthi.''' Information System and Control Manager Saudi Arabian Monetary Agency (SAMA)

Mr. Saqer Al-Orabi Al-Harthi is responsible for the Information System and Control at SAMA – Banking Technology Department. Mr. Al-Harthi has been the chairman of various committees at SAMA such as: SAMA and Banks Information Security Managers Committee, Information Security Awareness Committee and Security Training Committee. Mr. Al-Harthi has been instrumental in building Information Security for the Saudi financial industry by initiating and executing major projects such as SARIE Security, SPAN Security, PKI, and he has been the champion in PCI development within Saudi Arabia along with other security related projects. Furthermore, Mr. Al-Harthi has presented in many IT Security seminars and events. Mr. Al-Harthi holds a Masters degree in Computer and Information System from U.S.A. and he is a Certified Information Security Manager (CISM).

''''Amro AlOlaqi''' Information Security Consultant 

Amro has more than 7 years of experience in Information security. He started his professional career at early age, since then, he engaged the field of UNIX/Linux engineering and systems’ security. Throughout his extraordinary achievements and accomplishments, he became amongst the most recognized experts in the field of penetration testing, application security and vulnerability assessment within Saudi Arabia. He carried out penetration tests, application , vulnerability assessments and security audits for prestigious organizations. Moreover, his expertise extends across industry verticals, security technologies plus hacking tools and techniques. Amro is the OWASP chapter leader for Saudi Arabia and United Arab Emirates, also he is specialized at cyber crime investigations and digital forensics. Nevertheles, Amro hold well-recognized international certifications such as GCIH, GHTQ, ECSA/LPT, CEH, CHFI, Security+, RHCE, SCSA, Linux+, LPIC1, LPIC2 and SCSECA.

 ''''Theuns Kotze''' Regional Director BSI – Middle East and Africa

Mr. Kotze holds a B. Comm. Degree from the University of Pretoria. He is currently the Regional Director for BSI – Management Systems in Middle East and Africa. In BSI he was the Sales and Marketing Director for BSI- Management Systems in Europe based in London. He was an Executive Director of Nosa International responsible for Auditing and Certification Globally. During 2002 he developed an Aids management standard now known as AMS 16001. The AMS 16001 is now the South African Standard for Aids management and could become the ISO standard for aids management in future. He gained extensive knowledge and experience in Europe and Middle East in the last 2 years. He conducted more than 2000 assessments on various standards in the last 20 years. Theuns had a private pilot’s license for 20 years and has flown many types of airplanes. He is married to Maria and has a son John 8 and they now live in Dubai.

'''Ali Akl''' Principal Consultant Verizon Business Security Solutions

Ali has over 10 years experience in Information Security, Business Continuity and Disaster Recovery. He has a unique blend of technical expertise along with management consulting experience, which has made him a valuable consultant to many organizations in the public and private sectors. He has contributed to the OPM3 standard development project, he is also CISSP and CISM, and has earned the GIAC Fundamentals of Security Policy certificate and recently has earned the Member Status of the Business Continuity Institute as well Certified in Disaster Recovery and Planning and finally he has been invited into the Fellowship Program of the International Multilateral Partnership Against Cyber-Terrorism (‘IMPACT’).

 ''''Zakeer Zubair''' Field Systems Engineer

Zakeer Zubair is a senior technical team player in F5’s Middle East operation. Since obtaining his Bachelor degree in Mathematics, Zubair has spent the last 9 years working in networking and security for a variety of systems integrators including Schlumberger and Atos Origin. This role has involved integrating best of breed vendor networking and security devices and necessitated skills in routing, switching, security and application switching. Zubair has technical certifications from F5, Cisco, Juniper, Nortel Networks, Extreme Networks, Microsoft and CISSP.

----

= '''PCI compliance seminar''' =

----

'''Location'''

Venue: Makarim Hall - Marriott Hotel

City : Riyadh - KSA

Date: 2nd March 2009

Time: 08:30 - 15:00

'''Seminar Agenda'''

08:30 – 09:00 Registration Team
09:00 – 09:30 Introduction
09:30 – 10:20 PCI (Applications Firewalls/SSL VPN)
10:20 – 10:40 Refreshment
10:40 – 11:20 OWASP and PCI compliance
11:20 – 12:10 Application Delivery Controller
12:10 – 12:40 Prayer
12:40 – 01:00 Last Session + Questions +Closing Session
01:00 – 02:00 Lunch

'''''Speakers'''''

'''Peter Draper''', Security Specialist: has been providing guidance, design and implementation of Info Sec solutions for some 17+ years. The last ten years have been focused on Application delivery and security with the most recent focus following the main hacking attempts into the Web Application Security space. Peter has been instrumental in delivering Web Application Security into a wide and varied range of customers including finance, government, ecommerce and travel industry companies. Within the Middle East region Peter had delivered solutions to Government, Finance and Corporate customers ensuring the best possible protection is in place to secure customer sensitive data.

Peter’s presentation will focus on:

1) What is the “PCI Journey”?
2) What do I need to do and when?
3) Is PCI the only reason to deploy security solutions?
4) Where should I concentrate my $
5) What happens once I have it?

 '''Nigel Ashworth''', F5 MEA Technical Director: has been F5’s Technical Director for Middle East and Africa since September 2005. In that time he has driven the region’s increasing importance to F5’s global business, managing the pre sales engineering team, and investing technical resources in key verticals to drive double-digit sales growth. Nigel has been with F5 for nine years in a number of senior technical roles, including Technical Director responsible for driving EMEA Strategic Alliances with key partners including Microsoft, SAP and Oracle, and Technical Director responsible for pre-sales in Europe. Prior to joining F5, Nigel held technical leadership positions for companies including Reuters and UB Networks. He received his B.S in Electrical Engineering from Portsmouth University.

 

''''Amro AlOlaqi, ''' Information Security Consultant Amro has more than 7 years of experience in Information security. He started his professional career at early age, since then, he engaged the field of UNIX/Linux engineering and systems’ security. Throughout his extraordinary achievements and accomplishments, he became amongst the most recognized experts in the field of penetration testing, application security and vulnerability assessment within Saudi Arabia. He carried out penetration tests, application , vulnerability assessments and security audits for prestigious organizations. Moreover, his expertise extends across industry verticals, security technologies plus hacking tools and techniques. Amro is the OWASP chapter leader for Saudi Arabia and United Arab Emirates, also he is specialized at cyber crime investigations and digital forensics. Nevertheles, Amro hold well-recognized international certifications such as GCIH, GHTQ, ECSA/LPT, CEH, CHFI, Security+, RHCE, SCSA, Linux+, LPIC1, LPIC2 and SCSECA. ''' '''

Amro’s presentation will focus on:

1) Web application attacks and security trends.
2) OWASP "thinking out of the box".
2) OWASP and application security.
4) The relation between OWASP and PCI.

[[Category:OWASP_Chapter]]
[[Category:Saudi Arabia]]

Saudi Arabia

2017-01-08T16:32:50Z

Alosefer:

{{Chapter Template|chaptername=Saudi Arabia|extra=The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer]
<paypal>Saudi Arabia</paypal>
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}}

 
== OWASP Saudi Arabia - University Clubs ==
*''''' Majmaah University جامعة المجمعة''''' Club leader is [mailto:f.alduraibi@mu.edu.sa فهد الدريبي ]

 

== Local News ==

-----

The Saudi Chapter is pleased to announce the release of OWASP Top 10 2013 in Arabic. Please share:
https://www.owasp.org/images/6/6a/OWASP_TOP_10_2013_Arabic.pdf

-----

The Saudi Chapter is pleased to announce that we've successfully transalted The Zed Attack Proxy (ZAP) to Arabic - you can now download the ZAP 2.2.2 Language Pack 1 from the following link

https://code.google.com/p/zaproxy/downloads/detail?name=ZAP_2.2.2_language_pack.1.zaplang

-----

-------
December - 10th/2013 (Members gathering)

The agenda for this gathering would be as follows:

*OWASP introduction for new members
*OWASP Saudi Arabia, event planning for 2014
*OWASP Top 10 translation initiative and discuss the possibility of translating the new testing guide when released.

Date: 10th of December Time: 18:00 - 19:00
Venue: Costa Coffee, Olaya Street, Riyadh

Direction: https://maps.google.com.sa/maps?hl=en&sig=BZ4&ie=UTF-8&q=costa+coffee+in+riyadh&fb=1&gl=sacid=0,0,2944591365254196345&ei=OTUeUaOaN8rIswa2x4HYBw&ved=0CAEQ5xgwAA

-------
'''February - 25th/2013 (Members gathering)'''

''The agenda for this gathering would be as follows:''

- Catch up with new members

- OWASP Saudi Arabia and its involvement with other non-profit organizations

- Planning for our next conference/technical session

''Date: 25th of Feb
Time: 18:00 - 19:00
Venue: Costa Coffee, Olaya Street, Riyadh''

Direction: https://maps.google.com.sa/maps?hl=en&sig=BZ4&ie=UTF-8&q=costa+coffee+in+riyadh&fb=1&gl=sacid=0,0,2944591365254196345&ei=OTUeUaOaN8rIswa2x4HYBw&ved=0CAEQ5xgwAA

------

'''Date:''' 24th May 2012, starting at 8:30 PM to 9:30 PM

'''Agenda:'''

1- Welcoming to OWASP Sharqiyah ''Jalsah''#1

2- OWASP?

3- Discussion: How to Start in Web Application Security?

3- Closing

Detailed Agenda document [https://docs.google.com/open?id=0B4eUULYLYNDsLUFOVlJEVkFhRzQ]

'''Location:'''

Al-Liwan Coffee Shop in Khobar opposite to SAAD Hospital.

= '''Application Security and OWASP top 10 - Jeddah''' =

We'll have a technical session to talk about application security and OWASP top 10, as we'll demonstrate the top critical vulnerabilities against web applications.

'''The OWASP Top 10 Web Application Security Risks are:'''

A1: Injection

----

A2: Cross-Site Scripting (XSS)

----

A3: Broken Authentication and Session Management

----

A4: Insecure Direct Object References

----

A5: Cross-Site Request Forgery (CSRF)

----

A6: Security Misconfiguration

----

A7: Insecure Cryptographic Storage

----

A8: Failure to Restrict URL Access

----

A9: Insufficient Transport Layer Protection

----

A10: Unvalidated Redirects and Forwards

 

'''''Date: 21 Jun 2011'''''

'''''Location: Rosewood Corniche - Jeddah'''''

'''''Start: 19:00 End: 21:00'''''

'''''Speaker: Amro AlOlaqi'''''

 

If you're interested to attend the session please confirm by sending your information to amro at owasp.org. 

= '''Jeddah meeting''' =

'''The agenda of the inaugural meeting will be as follows:'''

1. Introduction to OWASP

2. Discuss local OWASP awareness and image programs for Jeddah members.

Date: Sunday, 3, 2010

Location: Costa Coffee, alHamrah, Jeddah.

Sponsored by: SAIS technology

Please do not hesitate to contact me at amro (at) owasp.org for any clarification or inquires

= '''Information Security and beyond - Event''' =

'''Location'''

Venue: Makarim Hall - Marriott Hotel

City : Riyadh - KSA

Date: 25 May 2009

Time: 08:30 - 15:00

 '''''Seminar Agenda'''''

08:00 – 08:30 Registration
08:30 – 09:00 Key note ( SAMA Speaker )
09:00 – 10:00 ISO 27001 ( BSI Speaker )
10:00 – 10:20 Refreshment
10:20 – 11:0 Application Security ( Verizon Business Speaker )
11:00 – 12:00 Penetration Testing using OWASP methodology ( OWASP )
12:00 – 12:30 Prayer time
12:30 - 01:20 Enterprise Security ( F5 Speaker )
01:20 – 01:40 Q & A
01:40 – 02:30 Lunch

 '''''Event Speaker'''''

 

''''Mr. Saqer Al-Orabi Al-Harthi.''' Information System and Control Manager Saudi Arabian Monetary Agency (SAMA)

Mr. Saqer Al-Orabi Al-Harthi is responsible for the Information System and Control at SAMA – Banking Technology Department. Mr. Al-Harthi has been the chairman of various committees at SAMA such as: SAMA and Banks Information Security Managers Committee, Information Security Awareness Committee and Security Training Committee. Mr. Al-Harthi has been instrumental in building Information Security for the Saudi financial industry by initiating and executing major projects such as SARIE Security, SPAN Security, PKI, and he has been the champion in PCI development within Saudi Arabia along with other security related projects. Furthermore, Mr. Al-Harthi has presented in many IT Security seminars and events. Mr. Al-Harthi holds a Masters degree in Computer and Information System from U.S.A. and he is a Certified Information Security Manager (CISM).

''''Amro AlOlaqi''' Information Security Consultant 

Amro has more than 7 years of experience in Information security. He started his professional career at early age, since then, he engaged the field of UNIX/Linux engineering and systems’ security. Throughout his extraordinary achievements and accomplishments, he became amongst the most recognized experts in the field of penetration testing, application security and vulnerability assessment within Saudi Arabia. He carried out penetration tests, application , vulnerability assessments and security audits for prestigious organizations. Moreover, his expertise extends across industry verticals, security technologies plus hacking tools and techniques. Amro is the OWASP chapter leader for Saudi Arabia and United Arab Emirates, also he is specialized at cyber crime investigations and digital forensics. Nevertheles, Amro hold well-recognized international certifications such as GCIH, GHTQ, ECSA/LPT, CEH, CHFI, Security+, RHCE, SCSA, Linux+, LPIC1, LPIC2 and SCSECA.

 ''''Theuns Kotze''' Regional Director BSI – Middle East and Africa

Mr. Kotze holds a B. Comm. Degree from the University of Pretoria. He is currently the Regional Director for BSI – Management Systems in Middle East and Africa. In BSI he was the Sales and Marketing Director for BSI- Management Systems in Europe based in London. He was an Executive Director of Nosa International responsible for Auditing and Certification Globally. During 2002 he developed an Aids management standard now known as AMS 16001. The AMS 16001 is now the South African Standard for Aids management and could become the ISO standard for aids management in future. He gained extensive knowledge and experience in Europe and Middle East in the last 2 years. He conducted more than 2000 assessments on various standards in the last 20 years. Theuns had a private pilot’s license for 20 years and has flown many types of airplanes. He is married to Maria and has a son John 8 and they now live in Dubai.

'''Ali Akl''' Principal Consultant Verizon Business Security Solutions

Ali has over 10 years experience in Information Security, Business Continuity and Disaster Recovery. He has a unique blend of technical expertise along with management consulting experience, which has made him a valuable consultant to many organizations in the public and private sectors. He has contributed to the OPM3 standard development project, he is also CISSP and CISM, and has earned the GIAC Fundamentals of Security Policy certificate and recently has earned the Member Status of the Business Continuity Institute as well Certified in Disaster Recovery and Planning and finally he has been invited into the Fellowship Program of the International Multilateral Partnership Against Cyber-Terrorism (‘IMPACT’).

 ''''Zakeer Zubair''' Field Systems Engineer

Zakeer Zubair is a senior technical team player in F5’s Middle East operation. Since obtaining his Bachelor degree in Mathematics, Zubair has spent the last 9 years working in networking and security for a variety of systems integrators including Schlumberger and Atos Origin. This role has involved integrating best of breed vendor networking and security devices and necessitated skills in routing, switching, security and application switching. Zubair has technical certifications from F5, Cisco, Juniper, Nortel Networks, Extreme Networks, Microsoft and CISSP.

----

= '''PCI compliance seminar''' =

----

'''Location'''

Venue: Makarim Hall - Marriott Hotel

City : Riyadh - KSA

Date: 2nd March 2009

Time: 08:30 - 15:00

'''Seminar Agenda'''

08:30 – 09:00 Registration Team
09:00 – 09:30 Introduction
09:30 – 10:20 PCI (Applications Firewalls/SSL VPN)
10:20 – 10:40 Refreshment
10:40 – 11:20 OWASP and PCI compliance
11:20 – 12:10 Application Delivery Controller
12:10 – 12:40 Prayer
12:40 – 01:00 Last Session + Questions +Closing Session
01:00 – 02:00 Lunch

'''''Speakers'''''

'''Peter Draper''', Security Specialist: has been providing guidance, design and implementation of Info Sec solutions for some 17+ years. The last ten years have been focused on Application delivery and security with the most recent focus following the main hacking attempts into the Web Application Security space. Peter has been instrumental in delivering Web Application Security into a wide and varied range of customers including finance, government, ecommerce and travel industry companies. Within the Middle East region Peter had delivered solutions to Government, Finance and Corporate customers ensuring the best possible protection is in place to secure customer sensitive data.

Peter’s presentation will focus on:

1) What is the “PCI Journey”?
2) What do I need to do and when?
3) Is PCI the only reason to deploy security solutions?
4) Where should I concentrate my $
5) What happens once I have it?

 '''Nigel Ashworth''', F5 MEA Technical Director: has been F5’s Technical Director for Middle East and Africa since September 2005. In that time he has driven the region’s increasing importance to F5’s global business, managing the pre sales engineering team, and investing technical resources in key verticals to drive double-digit sales growth. Nigel has been with F5 for nine years in a number of senior technical roles, including Technical Director responsible for driving EMEA Strategic Alliances with key partners including Microsoft, SAP and Oracle, and Technical Director responsible for pre-sales in Europe. Prior to joining F5, Nigel held technical leadership positions for companies including Reuters and UB Networks. He received his B.S in Electrical Engineering from Portsmouth University.

 

''''Amro AlOlaqi, ''' Information Security Consultant Amro has more than 7 years of experience in Information security. He started his professional career at early age, since then, he engaged the field of UNIX/Linux engineering and systems’ security. Throughout his extraordinary achievements and accomplishments, he became amongst the most recognized experts in the field of penetration testing, application security and vulnerability assessment within Saudi Arabia. He carried out penetration tests, application , vulnerability assessments and security audits for prestigious organizations. Moreover, his expertise extends across industry verticals, security technologies plus hacking tools and techniques. Amro is the OWASP chapter leader for Saudi Arabia and United Arab Emirates, also he is specialized at cyber crime investigations and digital forensics. Nevertheles, Amro hold well-recognized international certifications such as GCIH, GHTQ, ECSA/LPT, CEH, CHFI, Security+, RHCE, SCSA, Linux+, LPIC1, LPIC2 and SCSECA. ''' '''

Amro’s presentation will focus on:

1) Web application attacks and security trends.
2) OWASP "thinking out of the box".
2) OWASP and application security.
4) The relation between OWASP and PCI.

[[Category:OWASP_Chapter]]
[[Category:Saudi Arabia]]

Saudi Arabia

2017-01-08T16:21:52Z

Alosefer:

{{Chapter Template|chaptername=Saudi Arabia|extra=The chapter leader is [mailto:yaser.alosefer@owasp.org Yaser Alosefer]
<paypal>Saudi Arabia</paypal>
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-SA|emailarchives=http://lists.owasp.org/pipermail/owasp-SA}}

 
== OWASP Saudi Arabia - University Clubs ==

 

== Local News ==

-----

The Saudi Chapter is pleased to announce the release of OWASP Top 10 2013 in Arabic. Please share:
https://www.owasp.org/images/6/6a/OWASP_TOP_10_2013_Arabic.pdf

-----

The Saudi Chapter is pleased to announce that we've successfully transalted The Zed Attack Proxy (ZAP) to Arabic - you can now download the ZAP 2.2.2 Language Pack 1 from the following link

https://code.google.com/p/zaproxy/downloads/detail?name=ZAP_2.2.2_language_pack.1.zaplang

-----

-------
December - 10th/2013 (Members gathering)

The agenda for this gathering would be as follows:

*OWASP introduction for new members
*OWASP Saudi Arabia, event planning for 2014
*OWASP Top 10 translation initiative and discuss the possibility of translating the new testing guide when released.

Date: 10th of December Time: 18:00 - 19:00
Venue: Costa Coffee, Olaya Street, Riyadh

Direction: https://maps.google.com.sa/maps?hl=en&sig=BZ4&ie=UTF-8&q=costa+coffee+in+riyadh&fb=1&gl=sacid=0,0,2944591365254196345&ei=OTUeUaOaN8rIswa2x4HYBw&ved=0CAEQ5xgwAA

-------
'''February - 25th/2013 (Members gathering)'''

''The agenda for this gathering would be as follows:''

- Catch up with new members

- OWASP Saudi Arabia and its involvement with other non-profit organizations

- Planning for our next conference/technical session

''Date: 25th of Feb
Time: 18:00 - 19:00
Venue: Costa Coffee, Olaya Street, Riyadh''

Direction: https://maps.google.com.sa/maps?hl=en&sig=BZ4&ie=UTF-8&q=costa+coffee+in+riyadh&fb=1&gl=sacid=0,0,2944591365254196345&ei=OTUeUaOaN8rIswa2x4HYBw&ved=0CAEQ5xgwAA

------

'''Date:''' 24th May 2012, starting at 8:30 PM to 9:30 PM

'''Agenda:'''

1- Welcoming to OWASP Sharqiyah ''Jalsah''#1

2- OWASP?

3- Discussion: How to Start in Web Application Security?

3- Closing

Detailed Agenda document [https://docs.google.com/open?id=0B4eUULYLYNDsLUFOVlJEVkFhRzQ]

'''Location:'''

Al-Liwan Coffee Shop in Khobar opposite to SAAD Hospital.

= '''Application Security and OWASP top 10 - Jeddah''' =

We'll have a technical session to talk about application security and OWASP top 10, as we'll demonstrate the top critical vulnerabilities against web applications.

'''The OWASP Top 10 Web Application Security Risks are:'''

A1: Injection

----

A2: Cross-Site Scripting (XSS)

----

A3: Broken Authentication and Session Management

----

A4: Insecure Direct Object References

----

A5: Cross-Site Request Forgery (CSRF)

----

A6: Security Misconfiguration

----

A7: Insecure Cryptographic Storage

----

A8: Failure to Restrict URL Access

----

A9: Insufficient Transport Layer Protection

----

A10: Unvalidated Redirects and Forwards

 

'''''Date: 21 Jun 2011'''''

'''''Location: Rosewood Corniche - Jeddah'''''

'''''Start: 19:00 End: 21:00'''''

'''''Speaker: Amro AlOlaqi'''''

 

If you're interested to attend the session please confirm by sending your information to amro at owasp.org. 

= '''Jeddah meeting''' =

'''The agenda of the inaugural meeting will be as follows:'''

1. Introduction to OWASP

2. Discuss local OWASP awareness and image programs for Jeddah members.

Date: Sunday, 3, 2010

Location: Costa Coffee, alHamrah, Jeddah.

Sponsored by: SAIS technology

Please do not hesitate to contact me at amro (at) owasp.org for any clarification or inquires

= '''Information Security and beyond - Event''' =

'''Location'''

Venue: Makarim Hall - Marriott Hotel

City : Riyadh - KSA

Date: 25 May 2009

Time: 08:30 - 15:00

 '''''Seminar Agenda'''''

08:00 – 08:30 Registration
08:30 – 09:00 Key note ( SAMA Speaker )
09:00 – 10:00 ISO 27001 ( BSI Speaker )
10:00 – 10:20 Refreshment
10:20 – 11:0 Application Security ( Verizon Business Speaker )
11:00 – 12:00 Penetration Testing using OWASP methodology ( OWASP )
12:00 – 12:30 Prayer time
12:30 - 01:20 Enterprise Security ( F5 Speaker )
01:20 – 01:40 Q & A
01:40 – 02:30 Lunch

 '''''Event Speaker'''''

 

''''Mr. Saqer Al-Orabi Al-Harthi.''' Information System and Control Manager Saudi Arabian Monetary Agency (SAMA)

Mr. Saqer Al-Orabi Al-Harthi is responsible for the Information System and Control at SAMA – Banking Technology Department. Mr. Al-Harthi has been the chairman of various committees at SAMA such as: SAMA and Banks Information Security Managers Committee, Information Security Awareness Committee and Security Training Committee. Mr. Al-Harthi has been instrumental in building Information Security for the Saudi financial industry by initiating and executing major projects such as SARIE Security, SPAN Security, PKI, and he has been the champion in PCI development within Saudi Arabia along with other security related projects. Furthermore, Mr. Al-Harthi has presented in many IT Security seminars and events. Mr. Al-Harthi holds a Masters degree in Computer and Information System from U.S.A. and he is a Certified Information Security Manager (CISM).

''''Amro AlOlaqi''' Information Security Consultant 

Amro has more than 7 years of experience in Information security. He started his professional career at early age, since then, he engaged the field of UNIX/Linux engineering and systems’ security. Throughout his extraordinary achievements and accomplishments, he became amongst the most recognized experts in the field of penetration testing, application security and vulnerability assessment within Saudi Arabia. He carried out penetration tests, application , vulnerability assessments and security audits for prestigious organizations. Moreover, his expertise extends across industry verticals, security technologies plus hacking tools and techniques. Amro is the OWASP chapter leader for Saudi Arabia and United Arab Emirates, also he is specialized at cyber crime investigations and digital forensics. Nevertheles, Amro hold well-recognized international certifications such as GCIH, GHTQ, ECSA/LPT, CEH, CHFI, Security+, RHCE, SCSA, Linux+, LPIC1, LPIC2 and SCSECA.

 ''''Theuns Kotze''' Regional Director BSI – Middle East and Africa

Mr. Kotze holds a B. Comm. Degree from the University of Pretoria. He is currently the Regional Director for BSI – Management Systems in Middle East and Africa. In BSI he was the Sales and Marketing Director for BSI- Management Systems in Europe based in London. He was an Executive Director of Nosa International responsible for Auditing and Certification Globally. During 2002 he developed an Aids management standard now known as AMS 16001. The AMS 16001 is now the South African Standard for Aids management and could become the ISO standard for aids management in future. He gained extensive knowledge and experience in Europe and Middle East in the last 2 years. He conducted more than 2000 assessments on various standards in the last 20 years. Theuns had a private pilot’s license for 20 years and has flown many types of airplanes. He is married to Maria and has a son John 8 and they now live in Dubai.

'''Ali Akl''' Principal Consultant Verizon Business Security Solutions

Ali has over 10 years experience in Information Security, Business Continuity and Disaster Recovery. He has a unique blend of technical expertise along with management consulting experience, which has made him a valuable consultant to many organizations in the public and private sectors. He has contributed to the OPM3 standard development project, he is also CISSP and CISM, and has earned the GIAC Fundamentals of Security Policy certificate and recently has earned the Member Status of the Business Continuity Institute as well Certified in Disaster Recovery and Planning and finally he has been invited into the Fellowship Program of the International Multilateral Partnership Against Cyber-Terrorism (‘IMPACT’).

 ''''Zakeer Zubair''' Field Systems Engineer

Zakeer Zubair is a senior technical team player in F5’s Middle East operation. Since obtaining his Bachelor degree in Mathematics, Zubair has spent the last 9 years working in networking and security for a variety of systems integrators including Schlumberger and Atos Origin. This role has involved integrating best of breed vendor networking and security devices and necessitated skills in routing, switching, security and application switching. Zubair has technical certifications from F5, Cisco, Juniper, Nortel Networks, Extreme Networks, Microsoft and CISSP.

----

= '''PCI compliance seminar''' =

----

'''Location'''

Venue: Makarim Hall - Marriott Hotel

City : Riyadh - KSA

Date: 2nd March 2009

Time: 08:30 - 15:00

'''Seminar Agenda'''

08:30 – 09:00 Registration Team
09:00 – 09:30 Introduction
09:30 – 10:20 PCI (Applications Firewalls/SSL VPN)
10:20 – 10:40 Refreshment
10:40 – 11:20 OWASP and PCI compliance
11:20 – 12:10 Application Delivery Controller
12:10 – 12:40 Prayer
12:40 – 01:00 Last Session + Questions +Closing Session
01:00 – 02:00 Lunch

'''''Speakers'''''

'''Peter Draper''', Security Specialist: has been providing guidance, design and implementation of Info Sec solutions for some 17+ years. The last ten years have been focused on Application delivery and security with the most recent focus following the main hacking attempts into the Web Application Security space. Peter has been instrumental in delivering Web Application Security into a wide and varied range of customers including finance, government, ecommerce and travel industry companies. Within the Middle East region Peter had delivered solutions to Government, Finance and Corporate customers ensuring the best possible protection is in place to secure customer sensitive data.

Peter’s presentation will focus on:

1) What is the “PCI Journey”?
2) What do I need to do and when?
3) Is PCI the only reason to deploy security solutions?
4) Where should I concentrate my $
5) What happens once I have it?

 '''Nigel Ashworth''', F5 MEA Technical Director: has been F5’s Technical Director for Middle East and Africa since September 2005. In that time he has driven the region’s increasing importance to F5’s global business, managing the pre sales engineering team, and investing technical resources in key verticals to drive double-digit sales growth. Nigel has been with F5 for nine years in a number of senior technical roles, including Technical Director responsible for driving EMEA Strategic Alliances with key partners including Microsoft, SAP and Oracle, and Technical Director responsible for pre-sales in Europe. Prior to joining F5, Nigel held technical leadership positions for companies including Reuters and UB Networks. He received his B.S in Electrical Engineering from Portsmouth University.

 

''''Amro AlOlaqi, ''' Information Security Consultant Amro has more than 7 years of experience in Information security. He started his professional career at early age, since then, he engaged the field of UNIX/Linux engineering and systems’ security. Throughout his extraordinary achievements and accomplishments, he became amongst the most recognized experts in the field of penetration testing, application security and vulnerability assessment within Saudi Arabia. He carried out penetration tests, application , vulnerability assessments and security audits for prestigious organizations. Moreover, his expertise extends across industry verticals, security technologies plus hacking tools and techniques. Amro is the OWASP chapter leader for Saudi Arabia and United Arab Emirates, also he is specialized at cyber crime investigations and digital forensics. Nevertheles, Amro hold well-recognized international certifications such as GCIH, GHTQ, ECSA/LPT, CEH, CHFI, Security+, RHCE, SCSA, Linux+, LPIC1, LPIC2 and SCSECA. ''' '''

Amro’s presentation will focus on:

1) Web application attacks and security trends.
2) OWASP "thinking out of the box".
2) OWASP and application security.
4) The relation between OWASP and PCI.

[[Category:OWASP_Chapter]]
[[Category:Saudi Arabia]]