This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP Indonesia Day 2017"

From OWASP
Jump to: navigation, search
(Created page with "__NOTOC__ <center> [[File:|https://www.owasp.org/index.php?title=OWASP_Indonesia_Day_2017]]<br><br> '''and 09th September 2017 - Yogyakarta, Central Java''' </center> ---- =...")
 
 
(144 intermediate revisions by the same user not shown)
Line 1: Line 1:
__NOTOC__
 
<center>
 
[[File:|https://www.owasp.org/index.php?title=OWASP_Indonesia_Day_2017]]<br><br>
 
'''and 09th September 2017 - Yogyakarta, Central Java'''
 
</center>
 
----
 
  
= Introduction =
+
__NOTOC__
==Introduction==
 
We are proud to announce the eighth OWASP Indonesia Day conference, to be held at the Jogja Digital Valley on Saturday September 09th, 2017. OWASP New Zealand Day is a one-day conference dedicated to application security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.
 
  
 +
{|
 +
|-
 +
! width="700" align="center" | <br>
 +
! width="500" align="center" | <br>
 +
|-
 +
| align="center" | [[Image:bro.jpg|800px]]
 +
| align="center" |
  
Who is it for?
+
|}
 
 
* Web Developers: There will be a choice of two streams in the morning. First stream covering introductory talks to application security, second stream covering deeper technical topics. Afternoon sessions will cover various defensive topics, with a DevSecOps cluster of talks in stream two after afternoon tea break.
 
* Security Professionals and Enthusiasts: Technical sessions later in the day will showcase new and interesting attack and defence topics.
 
  
==Conference structure==
 
  
Date: Thurs 09 September 2017<br>
 
Time: 9:30am - 6:00pm<br>
 
Cost: <br>
 
  
The main conference is on Thursday 09th of September, and will have two streams in both the morning and the afternoon:
 
  
<!--
+
= Welcome  =
<table style="border:1px solid black;">
 
  <tr>
 
      <td width="10%" style="text-align:center; border:1px solid black">Morning</td>
 
      <td width="45%" style="border:1px solid black; padding: 0px 0px 0px 12px;">Introductory application security topics</td>
 
      <td width="45%" style="border:1px solid black; padding: 0px 0px 0px 12px;">Informational / Defensive</td>
 
  </tr>
 
  <tr>
 
      <td width="10%" style="text-align:center; border:1px solid black;">Afternoon</td>
 
      <td width="45%" style="border:1px solid black; padding: 0px 0px 0px 12px;">Offensive Security</td>
 
      <td width="45%" style="border:1px solid black; padding: 0px 0px 0px 12px;">Informational / Defensive</td> 
 
  </tr>
 
</table>
 
-->
 
  
Registration for the main conference day is now open: [https://www.eventbrite.com/e/owasp-nz-day-conference-tickets-31872881647 Conference Registration Here]
 
  
 +
We are proud to announce the first OWASP Indonesia Day conference, to be held at STMIK AKAKOM Yogyakarta on Saturday September 09th, 2017. Workshop on September 10 th, 2017. OWASP Indonesia Day is a one-day conference dedicated to application security, with an emphasis on secure architecture and development techniques to help  developers build more secure applications.<br>
  
==Training==
 
  
As well as the main conference on Thursday, we are pleased to be able to provide training on Wednesday at the same venue. All details including registration are as follows:
 
  
'''LittleHackMe - Morning'''
+
'''[https://docs.google.com/a/owasp.org/forms/d/e/1FAIpQLSeQJh_0e8_eD03iDZl9zMM3VFQtGLh-8jBu7_w4SjkzdmKFSQ/viewform Call for Speakers is Closed]''' <br>
Date: Wed 19 April 2017<br>
 
Afternoon session: 9:00am - 12:00pm or part thereof<br>
 
[https://www.eventbrite.com/e/owasp-nz-day-training-littlehackme-v-morning-session-tickets-33233099094 Morning Training Registration Page]
 
  
'''LittleHackMe - Afternoon'''
+
Who is it for?
Date: Wed 19 April 2017<br>
 
Afternoon session: 1:00pm - 5:00pm or part thereof<br>
 
[https://www.eventbrite.com/e/owasp-nz-day-training-littlehackme-v-tickets-32870738263 Afternoon Training Registration Page] '''Register Open'''
 
  
'''Advanced Web Hacking and Secure Coding'''
+
* Web Developers: There will be a choice of two streams in the morning. First stream covering introductory talks to application security, second stream covering deeper technical topics. Afternoon sessions will cover various defensive topics, with a DevSecOps cluster of talks in stream two after afternoon tea break.
Date: Wed 19 April 2017<br>
+
* Security Professionals and Enthusiasts: Technical sessions later in the day will showcase new and interesting attack and defence topics.
Time: 9:00am - 5:00pm or part thereof<br>
+
<br> '''Who Should Attend OWASP Indonesia Day conference 2017:'''  
[https://www.eventbrite.com/e/owasp-nz-day-training-advanced-web-hacking-and-secure-coding-tickets-32871439360 Training Registration Page] '''SOLD OUT'''
 
  
([https://www.eventbrite.com/e/advanced-web-hacking-and-secure-coding-tickets-33518127622 Additional training sessions] are being provided privately by Vikram)
+
*Application Developers
 +
*Application Testers and Quality Assurance
 +
*Application Project Management and Staff
 +
*Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
 +
*Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
 +
*Security Managers and Staff
 +
*Executives, Managers, and Staff Responsible for IT Security Governance
 +
*IT Professionals Interested in Improving IT Security<br>
  
 +
=Registration=
 +
Registration for the main conference day is now open: [https://www.eventbrite.com/e/owasp-indonesia-day-2017-tickets-35954547018 Conference Registration Here]<br>
 +
<br>Follow us on twitter [https://twitter.com/OwaspJakarta OWASPJAKARTA]<br>
 +
If you dont have paypal you can still register via [https://docs.google.com/forms/d/e/1FAIpQLScbmGeXCL25IrNcemdNj4adkUw1dQhWuTwNrduOG8M9mg4__A/viewform transfer ATM (just click this link)]
  
'''Security Testing for Software Testers'''
+
OWASP Member Is Free For join Conference please register [https://www.owasp.org/index.php/Membership OWASP Membership Today].
Date: Wed 19 April 2017<br>
 
Time: 9:00am - 5:00pm or part thereof<br>
 
[https://www.eventbrite.com/e/owasp-nz-day-training-security-testing-for-software-testers-tickets-32871328027 Training Registration Page] '''SOLD OUT'''
 
  
 +
{| border="1" align="left" width="550" style="border-left-color: #89017D; border-bottom-color: #89017D; border-right-color: #89017D; border-top-color: #89017D; background-color: #EF7900; color: #000;"
 +
|-
 +
! bgcolor="#EF7900" width="249" scope="col" | Event
 +
! bgcolor="#EF7900" width="138" scope="col" | Yogyakarta Student
 +
! bgcolor="#EF4800" width="138" scope="col" | Public
 +
  
Spaces going fast, so get in quick
+
|-
 +
| bgcolor="#FFFFFF" |
  
==General==
+
1. Seminar
  
The eighth OWASP New Zealand Day will be happening thanks to the support provided by the University of Auckland, which will kindly offer the same location as last year for stream one, with the addition of another room near by for the stream two room. Entry to the event will, as in the past, be free.
+
a. Seminar
  
 +
| bgcolor="#0084B0" style="text-align: center" | &nbsp;
 +
IDR30.000
  
For any comments, feedback or observations, please don't hesitate to contact [mailto:[email protected][email protected]&[email protected] us].<br>
+
| bgcolor="#0064B0" style="text-align: center" | &nbsp;
 +
IDR150.000
  
==Registration==
+
|-
 +
| bgcolor="#FFFFFF" |
 +
2. Workshop
  
'''Sold out!'''
+
a. Statefull tracking with ids/ips <br> b. Introduction digital forensics  <br> c. Mastering burpsuite pro  <br>
  
'''Please add yourself to the [https://www.eventbrite.com/e/owasp-nz-day-conference-tickets-31872881647#tickets waitlist] if you'd like to be notified when tickets become available.'''
+
| bgcolor="#0084B0" style="text-align: center" |
 +
&nbsp;
  
<!--
+
IDR30.000<br>IDR30.000<br> IDR30.000<br>
Registration is not yet open. Please join our low volume [https://lists.owasp.org/mailman/listinfo/owasp-newzealand mailing list] to be notified when registration opens and/or follow us on twitter [https://twitter.com/owaspnz @owaspnz]
 
-->
 
  
Registration for the main conference day is now open: [https://www.eventbrite.com/e/owasp-nz-day-conference-tickets-31872881647 Conference Registration Here]
+
| bgcolor="#0064B0" style="text-align: center" |
Follow us on twitter [https://twitter.com/owaspnz @owaspnz]
+
&nbsp;
  
 +
IDR150.000<br> IDR150.000<br> IDR150.000<br>
  
There is no cost for the main conference day. Unfortunately due to increased conference running costs, lunch, morning and afternoon tea's will not be provided as it has been for the past OWASP NZ Days. We do ask that if at any point you realise you cannot make it please cancel your registration to make room for others as spaces are limited.
+
|-
 +
| bgcolor="#FFFFFF" |
  
<!--
+
|}
Training Registration is now open: [http://www.regonline.com/owaspnzday2017trainingandsponsorship Training Registration]
 
-->
 
  
<!--
+
&nbsp;
Registration is now closed.
+
.<br>
-->
 
  
==Important dates==
+
&nbsp;
 +
<br><br><br><br><br><br><br><br><br><br><br><br><br>
 +
= Call For Presentations =
 +
-->==Important dates==
  
* CFP submission deadline: 18th March 2017
+
* CFP submission deadline: 15 th august 2017
* CFT submission deadline: 28th February 2017
+
* Conference Registration deadline: 5th september 2017
* Conference Registration deadline: 15th April 2017
+
* Conference Day date:          09th september 2017
* Training Registration deadline:  15th April 2017
 
* Training Day date:          19th April 2017
 
* Conference Day date:          20th April 2017
 
  
  
Line 116: Line 103:
  
  
==Conference Venue==
 
 
<table width="100%">
 
<tr>
 
  <td>
 
The University of Auckland School of Business<br>
 
Owen Glen Building<br>
 
Address: 12 Grafton Road<br>
 
<br>
 
Stream one room: Level 1<br>
 
Room: 115 (Fisher & Paykel Auditorium)<br>
 
<br>
 
Stream two room: Level 0<br>
 
Room: 092<br>
 
<br>
 
Auckland<br>
 
New Zealand<br>
 
[https://www.google.com/maps/place/Owen+G+Glenn+Building+12+Grafton+Road/@-36.8528203,174.770224,17z/data=!4m6!1m3!3m2!1s0x0000000000000000:0x0205ad91287ba364!2sUniversity+of+Auckland+Graduate+School+of+Enterprise!3m1!1s0x0000000000000000:0xc9d224e5921a6690 Map]
 
  </td>
 
  <td>
 
[[Image:073_AUBiz_10Apr08small.jpg]] [[Image:OWASPNZDayLectureTheatre.jpg]]
 
  </td>
 
</tr>
 
</table>
 
 
==Conference Sponsors==
 
<table width="100%" border="0" cellspacing="1" cellpadding="1">
 
  <tr>
 
    <td valign="bottom" width="100%"><center>[[File:AuckUni800-110.png|http://www.auckland.ac.nz]]</center></td>
 
  </tr>
 
</table>
 
----
 
 
'''Gold Sponsors:'''
 
<table width="100%" border="0" cellspacing="7" cellpadding="0">
 
  <tr>
 
    <td><center>[[File:SA_Logo_w_DD.gif|link=http://www.security-assessment.com]]</center></td>
 
    <td>&nbsp;</td>
 
    <td>&nbsp;</td>
 
    <td><center>[[File:INSOMNIA.PNG|link=http://www.insomniasec.com]]</center></td>
 
    <td>&nbsp;</td>
 
    <td>&nbsp;</td>
 
    <td><center>[[File:Aura_PBK_Colour.jpg|link=http://www.aurainfosec.com]]</center></td>
 
  </tr>
 
  <tr>
 
    <td><center>[[File:Redshield.png|link=https://www.redshield.co]]</center></td>
 
    <td>&nbsp;</td>
 
    <td>&nbsp;</td>
 
    <td><center>[[File:Zx.png|link=http://www.zxsecurity.co.nz]]</center></td>
 
    <td>&nbsp;</td>
 
    <td>&nbsp;</td>
 
    <td><center>[[File:Quantumblack3.png|link=http://www.quantumsecurity.co.nz]]</center></td>
 
  </tr>
 
</table>
 
----
 
 
'''Support Sponsor:'''
 
<table width="100%" border="0" cellspacing="0" cellpadding="0">
 
  <tr>
 
    <td><center>[[File:BinaryMistLimited.png|center|150px|link=http://binarymist.io]]</center></td>
 
    <td>&nbsp;</td>
 
    <td>&nbsp;</td>
 
    <td><center>[[File:Atlassian.png|center|183px|link=https://www.atlassian.com/]]</center></td>
 
  </tr>
 
</table>
 
 
==Conference Committee==
 
 
* Denis Andzakovic - OWASP New Zealand Leader (Auckland)
 
* Kirk Jackson -  OWASP New Zealand Leader (Wellington)
 
* Kim Carter -  OWASP New Zealand Leader (Christchurch)
 
* Lech Janczewski - Associate Professor - University of Auckland School of Business
 
 
Please direct all enquiries to [email protected] | [email protected] | [email protected]
 
 
= Training =
 
 
==Training==
 
 
As well as the main conference on Thursday, we are pleased to be able to provide training on Wednesday at the same venue. All details including registration are as follows:
 
 
 
'''LittleHackMe - Morning'''
 
Date: Wed 19 April 2017<br>
 
Time: 9:00am - 12:00pm or part thereof<br>
 
[https://www.eventbrite.com/e/owasp-nz-day-training-littlehackme-v-morning-session-tickets-33233099094 Training Registration Page]
 
 
'''LittleHackMe'''
 
Date: Wed 19 April 2017<br>
 
Time: 1:00pm - 5:00pm or part thereof<br>
 
[https://www.eventbrite.com/e/owasp-nz-day-training-littlehackme-v-tickets-32870738263 Training Registration Page] '''SOLD OUT'''
 
 
'''Advanced Web Hacking and Secure Coding'''
 
Date: Wed 19 April 2017<br>
 
Time: 9:00am - 5:00pm or part thereof<br>
 
[https://www.eventbrite.com/e/owasp-nz-day-training-advanced-web-hacking-and-secure-coding-tickets-32871439360 Training Registration Page] '''SOLD OUT'''
 
  
([https://www.eventbrite.com/e/advanced-web-hacking-and-secure-coding-tickets-33518127622 Additional training sessions] are being provided privately by Vikram)
+
OWASP Indonesia Day conferences attract a high quality of speakers from a variety of security disciplines including
 
 
'''Security Testing for Software Testers'''
 
Date: Wed 19 April 2017<br>
 
Time: 9:00am - 5:00pm or part thereof<br>
 
[https://www.eventbrite.com/e/owasp-nz-day-training-security-testing-for-software-testers-tickets-32871328027 Training Registration Page] '''SOLD OUT'''
 
 
 
 
 
Spaces going fast, so get in quick
 
 
 
= Call For Presentations =
 
==Call For Presentations==
 
 
 
'''Thank you to all those who have submitted talks. The call for presentations has now closed.'''
 
 
 
OWASP New Zealand Day conferences attract a high quality of speakers from a variety of security disciplines including
 
 
architects, web developers and engineers, system administrators, penetration testers, policy specialists and more.
 
architects, web developers and engineers, system administrators, penetration testers, policy specialists and more.
  
Line 267: Line 143:
  
 
<!--
 
<!--
The email subject must be "OWASP New Zealand 2017: CFP" and the email body must contain the following information/sections:
+
The email subject must be "OWASP ID Day CFP" and the email body must contain the following information/sections:  
 
 
  
 
* Name and Surname
 
* Name and Surname
Line 280: Line 155:
 
* Short abstract (up to 500 words)
 
* Short abstract (up to 500 words)
 
* List of the author's previous papers/articles/speeches on the same/similar topic (if any)
 
* List of the author's previous papers/articles/speeches on the same/similar topic (if any)
* If you are not from New Zealand, will your company support your travel/accommodation costs? - Yes/No
+
* If you are not from Indonesia will your company support your travel/accommodation costs? - Yes/No
 
-->
 
-->
  
The submission will be reviewed by the OWASP New Zealand Day conference committee and the highest voted talks will be selected and invited for presentation.
+
The submission will be reviewed by the OWASP Indonesia Day conference committee and the highest voted talks will be selected and invited for presentation.
  
  
Line 292: Line 167:
  
  
'''Thank you to all those who have submitted talks. The call for presentations has now closed.'''
+
'''Thank you to all those who have submitted talks. The call for presentations is opening now.'''
  
Please submit your presentation [https://www.papercall.io/owaspnz2017 here].
+
= Call For Sponsorships =
 +
==Call For Sponsorships==
  
<!--
+
OWASP Indonesia Day 2017 will be held in Yogyakarta  on the 9 th of september, 2017 and is a security conference entirely dedicated to application security.
Please submit the above information to all of the following: Denis Andzakovic ([email protected]), Kirk Jackson ([email protected]) and Kim Carter ([email protected]).
 
-->
 
  
<b>Submissions deadline: 18th March 2017</b>
+
OWASP Indonesia Day 2017 is a free event, but requires sponsor support to help be an instructive and quality event for the Yogyakarta community.
 +
OWASP is strictly not for profit. The sponsorship money will be used to help make OWASP Indonesia Day 2017  a free, compelling, and valuable experience for all attendees.
  
Applicants will be notified in the following week after the deadline, whether they were successful or not.
 
<!--
 
= Call For Trainers =
 
== Call For Trainers ==
 
  
We are happy to announce that training will run on Wednesday April 19 2017, the day before the OWASP NZ Day conference.
+
The sponsorship funds collected are to be used for things such as:
The training venue will be Level 0, Rooms: case rooms 1(005), 2(057) and 3(055), kindly provided by the University of Auckland School of Business, in the same building as the OWASP NZ Day conference itself.
 
Classes can contain up to 69 students, with power for laptop usage and Wi-Fi. A wide range of half-day or full-day training proposals will be considered,
 
see the Call for Papers for a list of example topics.
 
  
If you are interested in running one of the training sessions, please contact Denis Andzakovic, Kirk Jackson and Kim Carter with the following information:
+
* Name tags - we feel that getting to know people within the Yogyakarta community is important, and name tags make that possible.
 +
* Promotion - up to now our events are propagating by word of mouth. We would like to get to a wider audience by advertising our events.
 +
* Printed Materials - printed materials will include brochures, tags and lanyards.
  
 +
= Conference Sponsors =
 +
==Sponsorships==
  
* Trainer name
+
There are three different levels of sponsorships for the OWASP Day event:
* Trainer organisation
 
* Telephone + email contact
 
* Short Trainer bio
 
* Training title
 
* Trainer requirements (e.g. a projector, whiteboard, etc)
 
* Trainee requirements (e.g. laptop, VMware/VirtualBox, etc)
 
* Training summary (less than 500 words)
 
* Target audience (e.g. testers, project managers, security managers, web developers, architects)
 
* Skill level required (Basic / Intermediate / Advanced)
 
* What attendees can expect to learn (key objectives)
 
* Short course outline
 
  
  
The fixed price per head for training will be $250 for a half-day session and $500 for a whole-day session. As this training is part of an OWASP event, part of the proceeds go back to OWASP. The split is as follows:
+
<b>Support Sponsorship</b>: (Covering international speaker travel expenses, media coverage/article/promotion of the event)
 +
 
 +
Includes:
  
* 25% to OWASP Global - used for OWASP projects around the world
+
* Publication of the sponsor logo on the event web site -<nowiki>https://www.owasp.org/index.php/OWASP_Indonesia_Day_2017</nowiki>
* 25% to OWASP NZ Day - used for NZ Day expenses
 
* 50% to the training provider.
 
  
  
 +
<b>Silver Sponsorship</b>: 7.000.000 IDR
  
Please submit the above information to all of the following:
+
Includes:  
* Denis Andzakovic ([email protected])
 
* Kirk Jackson ([email protected])
 
* Kim Carter ([email protected]).
 
  
 +
* Publication of the sponsor logo on the event web site - <nowiki>https://www.owasp.org/index.php/OWASP_Indonesia_Day_2017</nowiki>
 +
* The publication of the sponsor logo in the event site, in the agenda, on the handouts and in all the official communications with the attendees at the conference.
 +
* The possibility to distribute the company brochures, CDs or other materials to the participants during the event.
 +
  
<b>Submissions deadline: 28th February 2017</b>
+
<b>Gold Sponsorship</b>: 10.000.000 IDR
  
Applicants will be notified in the following week after the deadline, whether they were successful or not.
+
Includes:
-->
 
  
= Call For Sponsorships =
+
* The possibility to have a promotional banner or sign side stage in the main auditorium (to be provided by the sponsor, size subject to approval by the OWASP ID Day Committee).
==Call For Sponsorships==
+
* The publication of the sponsor logo in the event site, in the agenda, on the handouts and in all the official communications with the attendees at the conference.
 +
* The possibility to distribute the company brochures, CDs or other materials to the participants during the event.
 +
* Publication of the sponsor logo on the OWASP Jakarta Chapter page - Sponsor logo on the OWASP Jakarta site prior and during the OWASP Day event - <nowiki>https://www.owasp.org/index.php/Jakarta</nowiki>
 +
* Publication of the sponsor logo on the event web site - <nowiki>https://www.owasp.org/index.php/OWASP_Indonesia_Day_2017</nowiki>
 +
* Logo on banner and X event banner (Medium Size)
  
'''Thank you to all our sponsors. Sponsorship has now been fully subscribed, we are no longer accepting new sponsors.'''
 
  
OWASP New Zealand Day 2017 will be held in Auckland on the 20th of April, 2017 and is a security conference entirely dedicated to application security.
+
<b>Platinum Sponsorship</b>: 15.000.000 IDR
The conference is once again being hosted by the University of Auckland with their support and assistance.
+
<br>Includes:
OWASP New Zealand Day 2017 is a free event, but requires sponsor support to help be an instructive and quality event for the New Zealand community.
 
OWASP is strictly not for profit. The sponsorship money will be used to help make OWASP New Zealand Day 2017 a free, compelling, and valuable experience for all attendees.
 
  
 +
* The gold sponsorship
 +
* Individual article to social media OWASP (twitter, facebook, telegram)
 +
* Special 1 Article on OWASP Indonesia website
 +
* Logo on banner and X event banner (Large Size)
 +
* Exhibition space
 +
* 30 minutes presentation during the kick off session + ppt presentation during coffee breaks
  
The sponsorship funds collected are to be used for things such as:
+
The following organizations are sponsors for this conference. If you are interested in sponsoring an OWASP conference, please contact OWASP at: ade.putra 'at' owasp.org
 +
or
 +
contact
 +
* Laura Grau
 +
* Kelly Santalucia
  
* Name tags - we feel that getting to know people within the New Zealand community is important, and name tags make that possible.
+
=Conference Venue=
* Promotion - up to now our events are propagating by word of mouth. We would like to get to a wider audience by advertising our events.
+
[[File:Akakom.png]] <br>
* Printed Materials - printed materials will include brochures, tags and lanyards.
 
  
== Facts ==
 
  
Last year, the event was supported by nine sponsors and attracted more than 500 participants. Plenty of constructive (and positive!) feedback from the audience was received and we are using this to make the conference more appealing to more people. For more information on the last New Zealand Day event, please visit: https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2016
+
maps : https://goo.gl/23hjtP <br>
  
The OWASP New Zealand community is strong, there are more than 490 people currently subscribed to the mailing-list. OWASP New Zealand Day is expected to attract between 500 and 600 attendees this year.
+
= Team  =
 +
<font size=2pt>
  
OWASP regular attendees are IT project managers, IT security managers, IT security consultants, web application architects and developers, QA managers, QA testers and system administrators.
+
==Conference Committee==
  
== Sponsorships ==
+
* Ade Yoseman - Conference Chair
 +
* Ali Kaharu
  
There are three different levels of sponsorships for the OWASP Day event:
+
==Volunteer==
 +
* Hilman Aditya
 +
* Fuad Zein
  
  
<b>Support Sponsorship</b>: (Covering international speaker travel expenses, media coverage/article/promotion of the event)
+
==OWASP Staff Support==
 
+
* Laura Grau
Includes:
+
* Kelly Santalucia
  
* Publication of the sponsor logo on the event web site - https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2017
+
=Conference structure=
  
 +
Date: Saturday 09 September 2017<br>
 +
Time: 9:30am - 5:00pm<br>
 +
Cost: <br>
  
<b>Silver Sponsorship</b>: 750 NZD
+
The main conference is on Saturday 09th of September, and will have two streams in both the morning and the afternoon:
 +
{{:OWASP_Indonesia_Day_Conference_2017_Agenda_Talks}}
 +
<!--
 +
<table style="border:1px solid black;">
 +
  <tr>
 +
      <td width="10%" style="text-align:center; border:1px solid black">Morning</td>
 +
      <td width="45%" style="border:1px solid black; padding: 0px 0px 0px 12px;">Introductory application security topics</td>
 +
      <td width="45%" style="border:1px solid black; padding: 0px 0px 0px 12px;">Informational / Defensive</td>
 +
  </tr>
 +
  <tr>
 +
      <td width="10%" style="text-align:center; border:1px solid black;">Afternoon</td>
 +
      <td width="45%" style="border:1px solid black; padding: 0px 0px 0px 12px;">Offensive Security</td>
 +
      <td width="45%" style="border:1px solid black; padding: 0px 0px 0px 12px;">Informational / Defensive</td> 
 +
  </tr>
 +
</table>
 +
-->
  
Includes:
 
  
* Publication of the sponsor logo on the event web site - https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2017
 
* The publication of the sponsor logo in the event site, in the agenda, on the handouts and in all the official communications with the attendees at the conference.
 
* The possibility to distribute the company brochures, CDs or other materials to the participants during the event.
 
 
 
<b>Gold Sponsorship</b>: 1500 NZD
 
 
Includes:
 
  
* The possibility to have a promotional banner or sign side stage in the main auditorium (to be provided by the sponsor, size subject to approval by the OWASP NZ Day Committee).
 
* The publication of the sponsor logo in the event site, in the agenda, on the handouts and in all the official communications with the attendees at the conference.
 
* The possibility to distribute the company brochures, CDs or other materials to the participants during the event.
 
* Publication of the sponsor logo on the OWASP New Zealand Chapter page - Sponsor logo on the OWASP NZ site prior and during the OWASP Day event - https://www.owasp.org/index.php/New_Zealand
 
* Publication of the sponsor logo on the event web site - https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2017
 
  
  
Those who are interested in sponsoring OWASP New Zealand 2017 Conference can contact the [mailto:[email protected],[email protected],[email protected] OWASP New Zealand Board].<br>
 
  
'''Thank you to all our sponsors. Sponsorship has now been fully subscribed, we are no longer accepting new sponsors.'''
 
  
 +
Contact us at [mailto:[email protected] [email protected]]
 +
</font>
 +
=Training=
 +
Date: Sunday 10 September 2017<br>
 +
{{:OWASP Indonesia Day 2017 Workshop}}
  
= Presentation Schedule =
+
=Speaker=
==Presentations==
 
  
<center>
 
20th April 2017
 
<table width="100%">
 
<tr>
 
<td width="5%" valign="top" align="right">08:30</td>
 
<td colspan="3" style="background-color: #8595C2; text-align: center">Registration Opens</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">09:30</td>
 
<td colspan="3" style="background-color: #B9C2DC; text-align: center">
 
<b>Welcome to OWASP New Zealand Day 2017</b><br />
 
<i>Lech Janczewski (Associate Professor), Kirk Jackson, Denis Andzakovic and [https://binarymist.io Kim Carter] (OWASP Leaders)</i>
 
  
 +
[[File:Suman.jpg|200px]]<br>'''Suman Sourav'''(Keynote Speaker)<br>
 +
<br> Application Security in DevOps Era ([[Media:OWASP_Indonesia_Day2017_Suman.pdf|PDF]])<br><br>
  
</tr>
+
SOFTWARE SECURITY ASSURANCE & DEVSECOPS PROFESSIONAL - VANTAGE POINT SECURITY PTE. LTD SINGAPORE<br>
<tr>
 
<td width="7%" valign="top" align="right">09:45</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>OWASP Top 10 Review & Preview</b><br />
 
<i>Kevin Alcock - Katipo Information Security</i><br />
 
[[Media:2017-04-20-OWASPNZ-KevinAlcock.pdf|Slides (PDF, 2.5mb)]]
 
</td>
 
<td width="7%" valign="top" align="right">09:45</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>Gaslighting with Honeypits and Mirages</b><br />
 
<i>Kate Pearce - Cisco</i>
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">10:20</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>Developer's guide to preventing XSS</b><br />
 
<i>Felix Shi - Xero</i><br />
 
[[Media:2017-04-20-OWASPNZ-DevsGuideToXSS.pdf | Slides (PDF 400kb)]]
 
</td>
 
<td width="7%" valign="top" align="right">10:20</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>The Magical World of Cloud Security</b><br />
 
<i>Erica Anderson</i><br />
 
[https://github.com/sputina/magical-world-cloud-security/blob/master/magical-world-of-cloud-security.pdf Slides (PDF 0.6mb)]
 
</td>
 
  
</tr>
+
Suman has more than a decade experience in designing secure-SDLC programs and is passionate about integrating security into the development lifecycle. He is skilled beyond existing static analysis tools and code review techniques and shaping the way the industry secures code in a Continuous Deployment world. He has worked with various financial and non-financial institutions to implement software security life-cycle and has strong experience of creating an organizational framework to break silos security culture in the organization and builds an unified approach to deal with the root cause of software security problems. <br>
<tr>
 
<td width="7%" valign="top" align="right">10:55</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>The dangerous, exquisite art of safely handling user-uploaded files</b><br />
 
<i>Tom Eastman</i><br />
 
[http://s3.eastman.net.nz/fus/ Slides]
 
</td>
 
<td width="7%" valign="top" align="right">10:55</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>How to spot and stop a wolf in sheep's clothing (a.k.a Account Takeover)</b><br />
 
<i>Nick Malcolm - SafeStack</i><br />
 
[https://www.slideshare.net/NickMalcolm/how-to-spot-a-wolf-in-sheeps-clothing-aka-account-takeover Slides]
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">11:30</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>Building the ultimate login and signup</b><br />
 
<i>Matt Cotterell - Fairfax Media</i><br />
 
[[Media:2017-04-20-PerfectLoginPage.pdf|Slides (PDF, 5mb)]]
 
</td>
 
<td width="7%" valign="top" align="right">11:30</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>Security on a shoestring - running a security critical service as a volunteer</b><br />
 
<i>Daniel Compton</i><br />
 
[https://www.slideshare.net/danielcompton/security-on-a-shoestring-running-a-security-critical-service-as-a-volunteer Slideshare]
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">12:05</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>XML: Still Considered Dangerous</b><br />
 
<i>Adam Bell - Lateral Security</i><br />
 
[[Media:2017-04-20-OWASPNZ-XMLDangerous.pdf| Slides (PDF, 1.8mb)]]
 
</td>
 
<td width="7%" valign="top" align="right">12:05</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>Confession of a lactose intolerant vulnerability hunter</b><br />
 
<i>Trev H - RedShield</i><br />
 
[[Media:2017-04-20-TrevH.pdf| Slides (300kb)]]
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">12:35</td>
 
<td colspan="3" style="background-color: #D98B66; text-align: center">
 
<b>Break for Lunch</b><br />
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">14:00</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>Sensible defaults for client-side security</b><br />
 
<i>Jen Zajac - Catalyst</i><br />
 
[https://github.com/jenofdoom/sensible-defaults-for-client-side-security/blob/master/sensible-defaults-for-client-side-security.pdf Slides (PDF 5mb)]
 
</td>
 
<td width="7%" valign="top" align="right">14:00</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>Huzzer, the tree-based generational mutating HTTP fuzzer</b><br />
 
<i>Matthew Daley - Aura Information Security</i><br />
 
[https://bugfuzz.com/talks/huzzer_owasp-nz-day-2017.pdf Slides (PDF 16mb)]
 
</td>
 
      </tr>
 
<tr>
 
<td width="7%" valign="top" align="right">14:30</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>Changing Perspectives</b><br />
 
<i>Shahn Harris - Equifax</i>
 
</td>
 
<td width="7%" valign="top" align="right">14:30</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>Root Cause is the Best Cause</b><br />
 
<i>Adrian Hayes</i>
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">15:15</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>30 Days (ish) of Security</b><br />
 
<i>Grace Nolan and Catherine McIlvride</i><br />
 
[[Media:2017-04-20-30DaysOfSecurity.pdf|Slides (PDF, 3.1mb)]]
 
</td>
 
<td width="7%" valign="top" align="right">15:15</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>From JSONP to XSS persistence</b><br />
 
<i>Claudio Contin - Aura Information Security</i><br />
 
[[Media:2017-04-20-JSONPXSS.pdf| Slides (800kb)]]
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">15:30</td>
 
<td colspan="3" style="background-color: #D98B66; text-align: center">
 
<b>Break for Afternoon Tea</b><br />
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">16:00</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>So we broke all CSPs... You won't guess what happened next!</b><br />
 
<i>Lukas Weichselbaum & Michele Spagnuolo - Google Switzerland</i><br />
 
[[Media:2017-04-20-OWASPNZ-SpagnuoloWeichselbaum.pdf|Slides (PDF, 1.8mb)]]
 
</td>
 
<td width="7%" valign="top" align="right">16:00</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>AppSec in a DevOps World</b><br />
 
<i>Peter Chestna - Veracode</i><br />
 
[[Media:2017-04-20-AppSecDevops.pdf| Slides (PDF, 4.5mb)]]
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">16:45</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>Hacking the Talent Pipeline</b><br />
 
<i>Ruth McDavitt - Summer of Tech</i><br />
 
[[Media:2017-04-20-OWASPNZ-HackingTheTalentPipeline.pdf| Slides (PDF, 1mb)]]
 
</td>
 
<td width="7%" valign="top" align="right">16:30</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>Trust me, I'm a cloud</b><br />
 
<i>Sam Macleod - SafeStack</i><br />
 
[[Media:2017-04-20-TrustMeImACloud.pdf| Slides (PDF, 200kb)]]
 
</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">17:00</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>Conscious Incompetence: Started from the bottom, now we're here</b><br />
 
<i>Charlie Gavey - Snapper Services</i>
 
</td>
 
<td colspan="2">&nbsp;</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">17:15</td>
 
<td style="background-color: #B9C2DC; text-align: center">
 
<b>Graphing when your Facebook friends are awake</b><br />
 
<i>Alex Hogue - Atlassian</i><br>
 
[https://docs.google.com/presentation/d/1MPT9C2FyEz1HIFoW4fHJGvAYRNWgkFArbLYohwa9HhI/edit?usp=sharing Google Slides]
 
</td>
 
<td colspan="2">&nbsp;</td>
 
</tr>
 
<tr>
 
<td width="7%" valign="top" align="right">17:45</td>
 
<td style="background-color: #EEE; text-align: center">
 
<b>Wrap Up</b><br />
 
<i>Time for the pub, for those interested</i>
 
</td>
 
<td colspan="2">&nbsp;</td>
 
</tr>
 
</table>
 
</center>
 
  
= Speakers List =
 
==Speakers List==
 
  
 +
[[File:Sven.jpg|200px]]<br>'''Sven Schleier'''<br>
 +
Fixing Mobile AppSec: The OWASP Mobile ([[Media:OWASP_Day_Indonesia_2017_-_Fixing_Mobile_AppSec.pdf|PDF]])<br><br>
 +
Project
 +
{{:User:Sven_Schleier}}
 +
<br>
 +
[[File:Girin.jpg|200px]] <br>'''Girindro Pringgo Digdo'''<br>
 +
<br>Threat Modeling Using STRIDE([[Media:Threat_Modeling_Using_STRIDE_v1.1.pdf|PDF]])<br><br>
 +
CYBERQUOTE PTE LTD<br>
  
= Diversity fund =
+
Girindro Pringgo Digdo Is a person interested in security information. He did some research
==Diversity and Financial Aid fund==
+
And help Institution /  private company and government In conducting the assessment,
 +
Write, and give Recommendations on findings-Information security findings.<br><br>
  
[We have unashamedly followed the model adopted by the nz.js(con) team with their fund. Many thanks to Jen and the team!]
+
Current activity as Security Consultant at a Company in Singapore.
 +
In The weekend he took the time to teach the Student College in Information Security. In addition he is also active writing
 +
As well as being a resource person at a seminar entitled security information.<br><br>
  
Due to the support of our lovely sponsors, we have some additional funding available to help people from around New Zealand attend the OWASP NZ Day that would find it hard to otherwise attend. In particular, we welcome applications from women, people of colour, LGBTIQ and all others. You all deserve to be able to learn more about security, and we’ll do our darndest to help make that happen!
+
[[File:Damara Putra Pratama.jpg|200px]] <br>''' Damara Putra Pratama , OSCP - CyberMantra '''<br>
  
Our funds are limited, and we’ll be reviewing applications every two weeks. Submit your applications soon, so we can approve them early and you’ll be in several review cycles!
+
IT Security Researcher in CyberMANTRA and currently help the ministry and Telecom Provider in Indonesia. I was certified as OSCP
 +
<br><br>
  
Process:
 
  
* Fill out our [https://docs.google.com/forms/d/e/1FAIpQLSfgj4k8PzOiZpA5KunjhaEpHPQUP31mqwcESfDlEMP2odTZFg/viewform?usp=sf_link application form]
+
[[File:Bagus_Prasetyo_Budiono.jpg|200px]]<br>'''Bagus Prasetyo Budiono, OSCP - CyberMantra'''<br>
* We will review and approve applications each two weeks. The next review date is 12 April 2017.
+
SECURITY RESEARCHER - CYBERMANTRA<br>
* We will contact all applicants and let them know the result of the review.
 
* Successful applicants will be contacted to help sort things out.
 
  
We use the following criteria to help us decide who gets approved:
+
IT Security Researcher in CyberMANTRA and currently help the ministry and Telecom Provider in Indonesia. I was certified as OSCP
 +
<br><br>
  
* We are biased towards (but not exclusively for) diverse applicants.
+
[[File:Dyan_Galih.jpg|200px]]<br>'''Dyan Galih'''<br>
* We do attempt to maximise cost efficiency and will aim to get as many people to OWASP with our limited funds.
+
Head Of Technology Kulina & CTO PT Asanka<br> [https://slides.com/dyangalih/owasp/live#/ PPT ] <br>
 +
<br>
 +
[[File:Yenisetiawan.jpg|200px]]<br>'''Yeni Setiawan'''<br>
 +
<br>Cloud with a chance of security breach([[Media:OWASP_slide_Rumahwbe.pdf|PDF]])<br>
 +
RUMAHWEB INDONESIA<br>
 +
Web developer with years of experience in web technology, formerly system administrator and technical support representative. Interested in software automation, software-defined radio, and involved in localization of two major web browsers.<br>
  
Each successful recipient can choose whether to be kept anonymous (in which case only the OWASP NZ committee will know the details of your funding), or to be put in touch with the supporting company whose sponsorship is going towards your attendance. We think some of our sponsors may enjoy the opportunity to chat with you on the day talk about your experiences and plans for the future, but that’s totally optional and up to you.
+
[[File:Dedi.jpg|200px]]<br>''' Dedy Hariyadi''<br>
 +
Researchers who are members of the Indonesia Digital Forensics Community aka FORKID. Obtained a master’s degree in Digital Forensics from the Universitas Islam Indonesia. Currently focusing more on the field of Mobile Forensics Research, one community shared work is a BBM forensic application called BBMPork.<br>
 +
[http://milisdad.github.io/Presentasi/owasp2017/index.html#/step-1 PPT]
 +
<br><br>
 +
=Trainer=
 +
Mastering burp suite pro<br>
 +
[[File:Rheno Sulistyo, A.Md., OSCP.jpg|200px]] <br>'''Rheno Sulistyo, OSCP'''<br>
 +
<br>
 +
SECURITY RESEARCHER - CYBERMANTRA<br><br>
  
If you have any questions, feel free to drop us an email: ade.putra@owasp.org
+
Introduction Digital Forensics<br>
 +
[[File:Aat.jpg|200px]] <br>'''Achmad Syafaat'''<br>
 +
Achmad Syafaat, working in Id-SIRTII/CC as a cyber security researcher in data mining, digital forensics and also managing cyber security training. As well as a lecturer at the Faculty of Computer Science University of Subang. He holds a master of computer science from Langlangbuana University. Experienced as cyber security analyst, security assessment, digital forensics, cyber defense, cyber security incident response, and cyber security trainer.
 +
<br>Introduction Digital Forensics([[Media:Introduction_to_Digital_Forensics--en-id--OWASP-ID-DAY-2017.pdf|PDF]])<br>
 +
<br>
  
= Code of Conduct =
 
==Code of Conduct==
 
  
We want to make the OWASP NZ Day a welcoming environment for all attendees. To that end, we would like to remind you of OWASP's anti-harassment policy: [https://www.owasp.org/index.php/Governance/Conference_Policies].
 
  
Speakers, trainers and sponsors have all been reminded of these policies, and are expected to abide by them like all attendees.
+
=About Yogyakarta=
 +
Yogyakarta is a part of java island, yogyakarta is the main tour destination of the island of java in Indonesia. Yogyakarta ( sone people call it Yogya, jogja, Jogjakarta) is a city have many temples ( Prambanan temple, Borobudur temple, Boko Temple), Palace( Sultan's Palace), Beach( Parangtritis, Baron, Krakal, Kukup,Samas).
 +
Yogyakarta was centreof Mataram Dynasty (1575- 1640) and until now The Kraton ( Sultan's Palage) exist it's real function.
 +
Yogyakarta Torism detination such as, Prambanan temple, Borobudur temple like as picture on the top,Sultan Palace, Baron Beach, Parangtritis beach, Malioboro Street, Merapi Volcano Mountain, and Yogyakarta has Beautiful natural panorama, natural beaohes can be easily found to the south of Yogyakarta
 +
[http://www.indonesia.travel/en/destination/area/yogyakarta more detail]
 +
<br><br>
  
If you have any concerns during the day, please seek out Kirk, Denis or Kim. We will make ourselves visible at the start of the day so you know what we look like.
 
  
<headertabs></headertabs>
+
<headertabs />
 +
{{:OWASP_id_day_2017_sponsor}}
  
[[Category:OWASP AppSec Conference]]
+
[[Category:OWASP_AppSec_Conference]]

Latest revision as of 08:56, 29 January 2018
Bro.jpg



We are proud to announce the first OWASP Indonesia Day conference, to be held at STMIK AKAKOM Yogyakarta on Saturday September 09th, 2017. Workshop on September 10 th, 2017. OWASP Indonesia Day is a one-day conference dedicated to application security, with an emphasis on secure architecture and development techniques to help developers build more secure applications.


Call for Speakers is Closed

Who is it for?

  • Web Developers: There will be a choice of two streams in the morning. First stream covering introductory talks to application security, second stream covering deeper technical topics. Afternoon sessions will cover various defensive topics, with a DevSecOps cluster of talks in stream two after afternoon tea break.
  • Security Professionals and Enthusiasts: Technical sessions later in the day will showcase new and interesting attack and defence topics.


Who Should Attend OWASP Indonesia Day conference 2017:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interested in Improving IT Security

Registration for the main conference day is now open: Conference Registration Here

Follow us on twitter OWASPJAKARTA
If you dont have paypal you can still register via transfer ATM (just click this link)

OWASP Member Is Free For join Conference please register OWASP Membership Today.

Event Yogyakarta Student Public


1. Seminar

a. Seminar

 

IDR30.000

 

IDR150.000

2. Workshop

a. Statefull tracking with ids/ips
b. Introduction digital forensics
c. Mastering burpsuite pro

 

IDR30.000
IDR30.000
IDR30.000

 

IDR150.000
IDR150.000
IDR150.000

  .

 












-->==Important dates==

  • CFP submission deadline: 15 th august 2017
  • Conference Registration deadline: 5th september 2017
  • Conference Day date: 09th september 2017


For those of you booking flights, ensure you can be at the venue at 9:00am, the conference will end by 6:00pm however we will have post conference drinks at a local drinking establishment for those interested.


OWASP Indonesia Day conferences attract a high quality of speakers from a variety of security disciplines including architects, web developers and engineers, system administrators, penetration testers, policy specialists and more.


We would like a variety of technical levels in the presentations submitted, corresponding to the three sections of the conference:

  • Introductions to various Web Application Security topics, and the OWASP projects
  • Technical topics
  • Policy, Compliance and Risk Management


The introductory talks should appeal to an intermediate to experienced web developer, without a solid grounding in web application security or knowledge of the OWASP projects. These talks should be engaging, encourage developers to learn more about web application security, and give them techniques that they can immediately return to work and apply to their jobs.

Technical topics are running all day and should appeal to two audiences - experienced web application security testers or researchers, and web developers who have a “OWASP Top Ten” level of understanding of web attacks and defenses. You could present a lightning, short or long talk on something you have researched, developed yourself, or learnt in your travels. Ideally the topics will have technical depth or novelty so that the majority of attendees learn something new.

We would also like to invite talks that will appeal to those interested in the various non-technical topics that are important in our industry. These talks could focus on the development of policies, dealing with compliance obligations, managing risks within an enterprise, or other issues that could appeal to those in management roles.


We encourage presentations to have a strong component on fixing and prevention of security issues. We are looking for presentations on a wide variety of security topics, including but not limited to:


  • Web application security
  • Mobile security
  • Secure development
  • Vulnerability analysis
  • Threat modelling
  • Application exploitation
  • Exploitation techniques
  • Threat and vulnerability countermeasures
  • Platform or language security (JavaScript, NodeJS, .NET, Java, RoR, etc)
  • Penetration Testing
  • Browser and client security
  • Application and solution architecture security
  • PCI DSS
  • Risk management
  • Security concepts for C*Os, project managers and other non-technical attendees
  • Privacy controls


The submission will be reviewed by the OWASP Indonesia Day conference committee and the highest voted talks will be selected and invited for presentation.


PLEASE NOTE:

  • Due to limited budget available, expenses for international speakers cannot be covered.
  • If your company is willing to cover travel and accommodation costs, the company will become "Support Sponsor" of the event.


Thank you to all those who have submitted talks. The call for presentations is opening now.

Call For Sponsorships

OWASP Indonesia Day 2017 will be held in Yogyakarta on the 9 th of september, 2017 and is a security conference entirely dedicated to application security.

OWASP Indonesia Day 2017 is a free event, but requires sponsor support to help be an instructive and quality event for the Yogyakarta community. OWASP is strictly not for profit. The sponsorship money will be used to help make OWASP Indonesia Day 2017 a free, compelling, and valuable experience for all attendees.


The sponsorship funds collected are to be used for things such as:

  • Name tags - we feel that getting to know people within the Yogyakarta community is important, and name tags make that possible.
  • Promotion - up to now our events are propagating by word of mouth. We would like to get to a wider audience by advertising our events.
  • Printed Materials - printed materials will include brochures, tags and lanyards.

Sponsorships

There are three different levels of sponsorships for the OWASP Day event:


Support Sponsorship: (Covering international speaker travel expenses, media coverage/article/promotion of the event)

Includes:

  • Publication of the sponsor logo on the event web site -https://www.owasp.org/index.php/OWASP_Indonesia_Day_2017


Silver Sponsorship: 7.000.000 IDR

Includes:

  • Publication of the sponsor logo on the event web site - https://www.owasp.org/index.php/OWASP_Indonesia_Day_2017
  • The publication of the sponsor logo in the event site, in the agenda, on the handouts and in all the official communications with the attendees at the conference.
  • The possibility to distribute the company brochures, CDs or other materials to the participants during the event.


Gold Sponsorship: 10.000.000 IDR

Includes:

  • The possibility to have a promotional banner or sign side stage in the main auditorium (to be provided by the sponsor, size subject to approval by the OWASP ID Day Committee).
  • The publication of the sponsor logo in the event site, in the agenda, on the handouts and in all the official communications with the attendees at the conference.
  • The possibility to distribute the company brochures, CDs or other materials to the participants during the event.
  • Publication of the sponsor logo on the OWASP Jakarta Chapter page - Sponsor logo on the OWASP Jakarta site prior and during the OWASP Day event - https://www.owasp.org/index.php/Jakarta
  • Publication of the sponsor logo on the event web site - https://www.owasp.org/index.php/OWASP_Indonesia_Day_2017
  • Logo on banner and X event banner (Medium Size)


Platinum Sponsorship: 15.000.000 IDR
Includes:

  • The gold sponsorship
  • Individual article to social media OWASP (twitter, facebook, telegram)
  • Special 1 Article on OWASP Indonesia website
  • Logo on banner and X event banner (Large Size)
  • Exhibition space
  • 30 minutes presentation during the kick off session + ppt presentation during coffee breaks

The following organizations are sponsors for this conference. If you are interested in sponsoring an OWASP conference, please contact OWASP at: ade.putra 'at' owasp.org or contact

  • Laura Grau
  • Kelly Santalucia

Conference Committee

  • Ade Yoseman - Conference Chair
  • Ali Kaharu

Volunteer

  • Hilman Aditya
  • Fuad Zein


OWASP Staff Support

  • Laura Grau
  • Kelly Santalucia

Date: Saturday 09 September 2017
Time: 9:30am - 5:00pm
Cost:

The main conference is on Saturday 09th of September, and will have two streams in both the morning and the afternoon:

Conference agenda

Time Title Speaker Description
8:30 - 9:00
(30 mins) 		Registration
9:00 - 9:15
(15 mins) 		Opening Speech by Conference Chair Ade Yoseman Putra Introduction to the OWASP Indonesia Day, Schedule for the Day
9:15 - 09:30
(15 mins) 		Appointment of STMIK Akakom as OWASP ACADEMIC SUPPORTER Sri Redjeki, S.Si,M.Kom


9:30 - 10:00

(30 mins)

Technical Support Manager of Rumahweb.com Mr Yeni Setiawan Cloud with a chance of security breach
10:00 - 10:45
(45 mins) 		Software Security Assurance & DevSecOps Professional - Vantage Point Security Pte. Ltd Singapore Suman Sourav (Keynote Speaker) Application Security in DevOps Era
10:45 - 11:15

(30 mins)

CYBERQUOTE PTE LTD Girindro Pringgo Digdo Threat Modeling Using STRIDE
11:15 - 12:00

(45 mins)

PROJECT LEADER FOR THE OWASP MOBILE SECURITY Sven Schleier Fixing Mobile AppSec: The OWASP Mobile

Project

12:15 - 12:45

(30 mins)

Q & A
12:45 - 13:45

(60 mins)

Lunch
13:45 - 14:15

(30 mins)

SECURITY RESEARCHER - CYBERMANTRA Damara Putra Pratama , OSCP Modern Lab Framework for Education Cyber Security
14:15 - 14:45

(30 mins)

SECURITY RESEARCHER - CYBERMANTRA Bagus Prasetyo Budiono, OSCP IOT Hacking
14:45 - 15:15

(30 mins)

Coffee break
15:15 - 15:45

(30 mins)

Technical Session Dedy Hariyadi Mobile Forensic using XRY
15:45 - 16:15

(30 mins)

Head Of Technology Kulina & CTO PT Asanka Dyan Galih Finding a unsecure end point API's using reverse engineering android technique
16:15 - 16:45

(30 mins)

Q & A
16:45 - 17:00
(15 mins) 		Closing ceremony Mc Schedule for the Workshop 10 th




Contact us at [email protected]

Date: Sunday 10 September 2017

Workshop

Time Title Trainers Description
9:00 - 17:00

 Mastering burp suite pro
 Rheno Sulistyo, OSCP Description: Burp Suite Pro is the leading tool for auditing web applications. This training will learn how to penetrate web app automated crawl and scan, manual testers etc

Outcome:

Intended Audience:Professional & Student

Skill Level:Beginner and middle
Requirements:burpsuite,

Seats available: 30 (first-come, first served)
[Registration link: REGISTER HERE

9:00 - 17:00

 Introduction Digital Forensics
 Achmad Syafaat Description:discover computer forensic tools and techniques for e-Discovery, investigation and incident response

Outcome: Intended Audience:Professional & Student
Skill Level:Beginner
Requirements:

Seats available: 30 (first-come, first served)

[Registration link: REGISTER HERE

Suman.jpg
Suman Sourav(Keynote Speaker)

Application Security in DevOps Era (PDF)

SOFTWARE SECURITY ASSURANCE & DEVSECOPS PROFESSIONAL - VANTAGE POINT SECURITY PTE. LTD SINGAPORE

Suman has more than a decade experience in designing secure-SDLC programs and is passionate about integrating security into the development lifecycle. He is skilled beyond existing static analysis tools and code review techniques and shaping the way the industry secures code in a Continuous Deployment world. He has worked with various financial and non-financial institutions to implement software security life-cycle and has strong experience of creating an organizational framework to break silos security culture in the organization and builds an unified approach to deal with the root cause of software security problems.


Sven.jpg
Sven Schleier
Fixing Mobile AppSec: The OWASP Mobile (PDF)

Project Sven is a Senior Security Consultant with Vantage Point Security and has over 6 years of hands-on experience in web and mobile application penetration testing, network penetration testing and source code review. He has published an article on HTML5 security, several security advisories and a white paper about the HTTP Strict Transport Security Header.

At the moment Sven is focusing on the OWASP Mobile Testing Guide (https://github.com/OWASP/owasp-mstg), by being one of the project leaders and top contributors and is the project leader of the OWASP Mobile Hacking Playground (https://github.com/OWASP/OMTG-Hacking-Playground). He is also part of the OWASP Mobile Application Security Verification Standard (https://github.com/OWASP/owasp-masvs).
Girin.jpg
Girindro Pringgo Digdo

Threat Modeling Using STRIDE(PDF)

CYBERQUOTE PTE LTD

Girindro Pringgo Digdo Is a person interested in security information. He did some research And help Institution / private company and government In conducting the assessment, Write, and give Recommendations on findings-Information security findings.

Current activity as Security Consultant at a Company in Singapore. In The weekend he took the time to teach the Student College in Information Security. In addition he is also active writing As well as being a resource person at a seminar entitled security information.

Damara Putra Pratama.jpg
Damara Putra Pratama , OSCP - CyberMantra

IT Security Researcher in CyberMANTRA and currently help the ministry and Telecom Provider in Indonesia. I was certified as OSCP


Bagus Prasetyo Budiono.jpg
Bagus Prasetyo Budiono, OSCP - CyberMantra
SECURITY RESEARCHER - CYBERMANTRA

IT Security Researcher in CyberMANTRA and currently help the ministry and Telecom Provider in Indonesia. I was certified as OSCP

Dyan Galih.jpg
Dyan Galih
Head Of Technology Kulina & CTO PT Asanka
PPT

Yenisetiawan.jpg
Yeni Setiawan

Cloud with a chance of security breach(PDF)
RUMAHWEB INDONESIA
Web developer with years of experience in web technology, formerly system administrator and technical support representative. Interested in software automation, software-defined radio, and involved in localization of two major web browsers.

Dedi.jpg
' Dedy Hariyadi
Researchers who are members of the Indonesia Digital Forensics Community aka FORKID. Obtained a master’s degree in Digital Forensics from the Universitas Islam Indonesia. Currently focusing more on the field of Mobile Forensics Research, one community shared work is a BBM forensic application called BBMPork.
PPT

Mastering burp suite pro
Rheno Sulistyo, A.Md., OSCP.jpg
Rheno Sulistyo, OSCP

SECURITY RESEARCHER - CYBERMANTRA

Introduction Digital Forensics
Aat.jpg
Achmad Syafaat
Achmad Syafaat, working in Id-SIRTII/CC as a cyber security researcher in data mining, digital forensics and also managing cyber security training. As well as a lecturer at the Faculty of Computer Science University of Subang. He holds a master of computer science from Langlangbuana University. Experienced as cyber security analyst, security assessment, digital forensics, cyber defense, cyber security incident response, and cyber security trainer.
Introduction Digital Forensics(PDF)


Yogyakarta is a part of java island, yogyakarta is the main tour destination of the island of java in Indonesia. Yogyakarta ( sone people call it Yogya, jogja, Jogjakarta) is a city have many temples ( Prambanan temple, Borobudur temple, Boko Temple), Palace( Sultan's Palace), Beach( Parangtritis, Baron, Krakal, Kukup,Samas). Yogyakarta was centreof Mataram Dynasty (1575- 1640) and until now The Kraton ( Sultan's Palage) exist it's real function. Yogyakarta Torism detination such as, Prambanan temple, Borobudur temple like as picture on the top,Sultan Palace, Baron Beach, Parangtritis beach, Malioboro Street, Merapi Volcano Mountain, and Yogyakarta has Beautiful natural panorama, natural beaohes can be easily found to the south of Yogyakarta more detail



             
     

Platinum Sponsors

      
   
Vantage.png
     
Rumahweb.png
 
     

Gold Sponsor

      
      []      
     

Silver Sponsor

      
      &nbsp    
     

Support

      
   
 
Cybermantra new.jpg
 
Logo-atmik-akakom-768x768.png
 
      &nbsp    
     


Media Partner

      
   
     
Fodkom.jpg
Left
Logo-ecn-medium.png
 
   
Retrieved from "https://wiki.owasp.org/index.php?title=OWASP_Indonesia_Day_2017&oldid=237110"