This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Jakarta"

From OWASP
Jump to: navigation, search
 
(47 intermediate revisions by the same user not shown)
Line 1: Line 1:
  
 
[[image:OWASPidn1.jpg|center|500px]]
 
[[image:OWASPidn1.jpg|center|500px]]
 
+
{{Chapter Template|chaptername=Jakarta|extra=The chapter leader is [mailto:ade.putra@owasp.org Ade Yoseman Putra]
{{Chapter Template|chaptername=Jakarta|extra=The chapter leadership includes: Ade Yoseman Putra, Chapter Leader (see [https://www.owasp.org/index.php/Jakarta#tab=Our_Chapter_Leadership Chapter Leadership] for full listing of Indonesia Chapter leadership team).
 
<br>
 
 
 
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-jakarta|emailarchives=http://lists.owasp.org/pipermail/owasp-jakarta}}
 
|mailinglistsite=http://lists.owasp.org/mailman/listinfo/owasp-jakarta|emailarchives=http://lists.owasp.org/pipermail/owasp-jakarta}}
 
 
[[Category:OWASP Chapter]]
 
[[Category:OWASP Chapter]]
 
[[Category:Indonesia]]
 
[[Category:Indonesia]]
Line 18: Line 14:
 
Want to talk at Our Chapter please email us :[email protected] <br>
 
Want to talk at Our Chapter please email us :[email protected] <br>
 
<br> Please Donate Our Chapter<br>
 
<br> Please Donate Our Chapter<br>
[[Image:Btn_donate_SM.gif|120px|link=https://www.eventbrite.com/e/owasp-indonesia-day-2017-tickets-35954547018]]<br>
+
[[Image:Btn_donate_SM.gif|120px|link=https://www.regonline.com/builder/site/Default.aspx?EventID=1044369]]<br>
 
=='''Stay in contact:'''==
 
=='''Stay in contact:'''==
 
<center>
 
<center>
Line 25: Line 21:
 
| [[Image:Meetup-logo-2x.png|120px|link=https://www.meetup.com/meetup-group-XxqLdaeY]]  
 
| [[Image:Meetup-logo-2x.png|120px|link=https://www.meetup.com/meetup-group-XxqLdaeY]]  
 
| [[Image:Follow-us-on-twitter.png|175px|link=http://twitter.com/OwaspJakarta]]
 
| [[Image:Follow-us-on-twitter.png|175px|link=http://twitter.com/OwaspJakarta]]
| [[Image:Wa2.jpeg|175px|link=http://chat.whatsapp.com/AmpRJ6tkABzIMPoNPQJ7x6]]
+
| [[Image:Wa2.jpeg|175px|link=https://chat.whatsapp.com/invite/KVpddPbKCTj4ErVwljbUYg]]
 
| [[Image:Fb.png|175px|link=http://www.facebook.com/owaspid]]
 
| [[Image:Fb.png|175px|link=http://www.facebook.com/owaspid]]
| [[Image:Web.jpg|175px|link=http://OWASP.or.id]]
+
| [[Image:Web.jpg|175px|link=http://www.OWASP.or.id]]
 
+
| [[Image:Tele.jpg|175px|link=https://t.me/joinchat/KiPz5hOjsLPxWQ6bYVJusQ]]
 
|}
 
|}
 
</center>
 
</center>
 
 
 
== '''Stay Updated''' ==
 
== '''Stay Updated''' ==
  
Line 51: Line 45:
  
  
==Upcoming Events==
+
==Events==
 
<meetup group="meetup-group-XxqLdaeY"/>
 
<meetup group="meetup-group-XxqLdaeY"/>
  
=== 2018 ===
+
=== 2019 ===
 
+
Mentor for Google Summer Of Code 2019 [https://summerofcode.withgoogle.com/archive/2019/projects/5673600424607744/ Google Summer Of Code 2019]
SECURITY IN A SERIOUS WAY 2018, 2th December 2018, [https://seminar.errorcybernews.com/2018/ Tasikmalaya, Indonesia]
 
  
 
==Past Security Events==
 
==Past Security Events==
  
 
=== 2018 ===
 
=== 2018 ===
 
 
OWASP Booth -[https://gsec.hitb.org/sg2018/commsec-exhibition-track/ HITB Singapore CommSec Exhibition 2018]  30th August and 31st August 2018
 
  
 
OWASP Appsec Europe 2018 [https://appseceurope2018a.sched.com/ade.putra 2th-6th july 2018, UK] <br>
 
OWASP Appsec Europe 2018 [https://appseceurope2018a.sched.com/ade.putra 2th-6th july 2018, UK] <br>
Line 106: Line 96:
 
=== 2017 ===  
 
=== 2017 ===  
 
[[OWASP_SecureTea_Project|OWASP SecureTea Project]]  <br>     
 
[[OWASP_SecureTea_Project|OWASP SecureTea Project]]  <br>     
[[OWASP Risk Rating Management]]  <br>
+
 
 +
=== 2019 ===
 +
[[Risk Assessment Framework|Risk Assessment Framework]]  <br>  
 +
 
  
 
==Sponsoring==
 
==Sponsoring==
Line 125: Line 118:
 
[[Image:mozid.jpg‎|200px||link=http://www.mozilla.or.id/ |alt=Mozzilla Indonesia]]  
 
[[Image:mozid.jpg‎|200px||link=http://www.mozilla.or.id/ |alt=Mozzilla Indonesia]]  
 
==Corporate Sponsors==
 
==Corporate Sponsors==
[[Image:Vantage.png‎|200px||link=http://www.vantagepoint.sg|alt=Vantage Point Indonesia]]
+
 
 
[[Image:Rumahweb.png‎|200px||link=https://www.rumahweb.com/ |alt=Rumah Web]]  
 
[[Image:Rumahweb.png‎|200px||link=https://www.rumahweb.com/ |alt=Rumah Web]]  
 
[[Image:F5.png‎|200px||link=https://www.f5.com/ |alt=f5 Networks]]  
 
[[Image:F5.png‎|200px||link=https://www.f5.com/ |alt=f5 Networks]]  
Line 131: Line 124:
 
[[Image:FASPAY.png|200px||link=https://www.faspay.co.id/ |alt=Faspay PT. Media Indonusa]]  
 
[[Image:FASPAY.png|200px||link=https://www.faspay.co.id/ |alt=Faspay PT. Media Indonusa]]  
 
[[Image:Bankmandiri.png|200px||link=https://www.bankmandiri.co.id/ |alt=Bank Mandiri]]  
 
[[Image:Bankmandiri.png|200px||link=https://www.bankmandiri.co.id/ |alt=Bank Mandiri]]  
 
+
[[Image:Logo-Bukalapak.png|200px||link=https://www.bukalapak.com/|alt=BUKALAPAK]]
== Government Agency ==
+
[[Image:Logo-codemargonda (1).png|200px||link=https://www.codemargonda.com/|alt=Codemargonda]]
 
+
==Government Agency==
  
  
 
== Community ==
 
== Community ==
[[Image:Ihp.png|200px||link=http:/// |alt=IHP]]  
+
[[Image:Ncsd.PNG|200px||link=https://ncsd.or.id/|alt=National Cyber Security Defence ]]  
 
[[Image:Bsidesid.png‎|200px||link=http://www.securitybsides.com/w/page/118994457/BSidesIndonesia/ |alt=BSidesIndonesia]]
 
[[Image:Bsidesid.png‎|200px||link=http://www.securitybsides.com/w/page/118994457/BSidesIndonesia/ |alt=BSidesIndonesia]]
  
 
=Meetup=
 
=Meetup=
 +
see our Meetup <br>https://www.meetup.com/OWASP-Jakarta-Chapter/
 
==Next Meetup==
 
==Next Meetup==
  
 
We Are Currently seeking venue and sponsorship for owasp monthly meetup. if your company interested support us please email us : [email protected] <br>
 
We Are Currently seeking venue and sponsorship for owasp monthly meetup. if your company interested support us please email us : [email protected] <br>
 
Want to talk at Our Chapter please email us :[email protected] <br>
 
Want to talk at Our Chapter please email us :[email protected] <br>
 +
 +
'''OWASP Jakarta Night Q4 2018 @Bukalapak.com'''
 +
 +
When: 28th November 2018<br>
 +
 +
From 17:00 pm - 22:00 pm<br>
 +
 +
venue :<br>
 +
Bukalapak Engineering Office, Jalan Ampera Raya, RT.5/RW.10, Ragunan, South Jakarta City, Jakarta Indonesia
 +
<br>
 +
 +
Sesi ini akan mendiskusikan tentang :<br>
 +
1. Keynote speech by Badan Siber Sandi Negara / BSSN (Tbc)<br>
 +
2. Security Championing by Vandy Putrandika <br>
 +
3. Novice to expert in Deep Learning and why it's necessary? by rohit parab<br>
 +
4. An architectural approach for decentralized applications by Ayodya Dewangga S R<br>
 +
 +
'''Event Program:'''<br>
 +
17:00pm -18:00 pm - Arrival Participant & Registration<br>
 +
18.00p.m - 18.30p.m - Keynote speech - Badan Siber Sandi Negara / BSSN (Tbc)<br>
 +
18:30 pm – 19:15 p.m - Speech by Vandy Putrandika<br>
 +
19.15 p.m - 19.45 p.m - Speech including Q & A by Rohit Parab<br>
 +
20.45 p.m - 21.45 p.m - Speech including Q & A by Ayodya<br>
 +
21:45 p.m - 22.00 pm - Networking Session /Photo Together<br>
 +
 +
This Meetup provide free Snack & food<br>
 +
 +
Sponsored by Bukalapak.com <br>
 +
 +
'''Topic: Security Championing'''<br>
 +
Abstract:<br>
 +
 +
Resource, visibility and advocacy are always the main problems for the information security team in any company. Time and head count will always be scarce for the mandated scope of work. For a security bug, we might have to check all corners, rather than someone telling it to us. And no one actually thinks that infosec guys are the hero, right? <br>
 +
 +
Security championing model tries to be the silver bullet for all those, especially in companies who want to incorporate DevSecOps. Yet, the implementation is not without obstacle. It may even introduce new problems along the way. <br>
 +
 +
End of the talk one would be able to understand<br>
 +
 +
1. What is security championing? <br>
 +
2. Who should implement security champion model and when is the best time?<br>
 +
3. Where we can find and evangelize these security champions?
 +
<br>
 +
Bio:
 +
<br>
 +
'''Vandy Putrandika'''<br>
 +
Vandy is a security, governance and project management generalist who is passionate about digital strategy and transformation. Currently he works at Bukalapak as the Head of Information Security and managing the super-awesome security team inside while juggling with several security programs.
 +
<br>
 +
 +
Topic :<br>
 +
'''An architectural approach for decentralized applications'''
 +
 +
1. Understanding web 2.0 and web 3.0<br>
 +
2. The pros and cons of web 3.0<br>
 +
3. What are decentralized applications?<br>
 +
4. What are the benefits of decentralized application?<br>
 +
5. How to build a decentralized application?<br>
 +
6. How to secure decentralized application?<br>
 +
 +
'''Ayodya Dewangga S R'''
 +
 +
1. E-Channel Product Development Risk Officer at PT Bank Mandiri (Persero) Tbk<br>
 +
2. Chief Information Security Officer at PT Dekodr Solusi Digital Indonesia<br>
 +
3. Master of Electrical Engineering (ICT Security) at University of Mercu Buana<br>
 +
4. Founder Cyber Security Division at Computer Student Club of Jakarta State Polytechnic<br>
 +
 +
'''Rohit Parab <br>'''
 +
 +
'''Title  - Novice to expert in Deep Learning and why it's necessary?
 +
'''
 +
Bio - Co-Founder & CEO at Praemineo, Inc (The Artificial Intelligence Company).  Almost a decade of solid hands-on experience in full life-cycle software development. Built applications in as varied as Desktop, Web and now in AI. Experienced in building high performance teams for high output in quicktime. A UX person. Strongly believes that a complete code should not just work, but also be clean and maintainable. An Artificial Intelligence enthusiast.<br>
 +
 +
Abstract - In brief, I will be sharing how someone can <br>
 +
 +
1. Get started with Deep Learning. <br>
 +
2. What are the basic requirements. <br>
 +
3. Online free resources. <br>
 +
4. How much of math is required. <br>
 +
5. What is the current state of Deep Learning and its effects on future. <br>
 +
 +
 +
==Past Meetup==
 +
  
 
'''OWASP JAKARTA NIGHT Q4 2018<br>'''
 
'''OWASP JAKARTA NIGHT Q4 2018<br>'''
Line 194: Line 270:
  
 
Information Security/Cyber Security Practitioner, Consultant & Senior Technical Trainer<br>
 
Information Security/Cyber Security Practitioner, Consultant & Senior Technical Trainer<br>
 
Email: semi.yulianto2009 [at] gmail.com<br>
 
  
  
Line 230: Line 304:
 
20.30 p.m - 21.30 p.m - Speech including Q & A by Semi Yulianto<br>
 
20.30 p.m - 21.30 p.m - Speech including Q & A by Semi Yulianto<br>
 
21:30 p.m - 22.00 pm - photo together / networking Session<br>
 
21:30 p.m - 22.00 pm - photo together / networking Session<br>
 
 
==Past Meetup==
 
  
  
Line 244: Line 315:
  
  
Imran "secfigo" Mohammed is a seasoned security professional with 8 years of experience in helping organisations with their Information Security Programs. He has a diverse background in R&D, consulting and product based industries with a passion to solve complex security programs. Imran is the founder of Null Singapore, the l
+
Imran "secfigo" Mohammed is a seasoned security professional with 8 years of experience in helping organisations with their Information Security Programs. He has a diverse background in R&D, consulting and product based industries with a passion to solve complex security programs. Imran is the founder of Null Singapore, the largest information security community in Singapore where he has organised more than 60 events & workshops to spread security awareness. He is also the author of OWASP DevSecOps Studio, OWASP DevSlop and Awesome-Fuzzing projects.<br>
 +
 
 +
He was also nominated as community star for being the go-to person in the community whose contribution and knowledge sharing has helped many professionals in the security industry. He is usually seen speaking/training in conferences like Blackhat, OWASP AppSec, DevSecCon, PyCon, NullCon, All Day DevOps, Null and OWASP chapters.<br>
 +
 
 +
 
 +
'''OWASP JAKARTA NIGHT Q3 2018<br>'''
 +
Sesi ini akan mendiskusikan tentang :<br>
 +
'''
 +
Web Application by Design with OWASP'''<br>
 +
 
 +
Pembicara<br>
 +
1. First Step to Web Application ISO27001 vs PCIDSS VS OWASP TOP 10 by Elias (Head of System Development Faspay)  ([[Media:OWASPNightFaspay.pdf|PDF]])<br>
 +
2. Building a tailored AppSec Program using OpenSAMM by Suman Sourav & Tuyen Do<br>
 +
 
 +
'''Abstract: Building a tailored AppSec Program using OpenSAMM'''<br>
 +
<br>
 +
The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization. The resources provided by SAMM will aid in:
 +
 
 +
• Evaluating an organization’s existing software security practices<br>
 +
• Building a balanced software security program in well-defined iterations<br>
 +
• Demonstrating concrete improvements to a security assurance program<br>
 +
• Defining and measuring security-related activities within an organization<br>
 +
<br>
 +
This session is focused on the practical implementation of an AppSec Program based on your organization needs and business risk appetite. Most of the AppSec program fails because of lack of programmatic approach and strategic rollout. Participants will learn about an importance of a Security Program Management, how it solves people, process and technologies challenges in implementing an AppSec program, driving results and metrics relevant to the different stakeholders.<br>
 +
 
 +
Speaker Bio:
 +
<br>
 +
Suman is a Certified Secure Software Lifecycle Professional (CSSLP) having more than a decade experience in designing secure-SDLC programs and is passionate about integrating security into the development lifecycle. He is skilled beyond existing static analysis tools and code review techniques and shaping the way the industry secures code in a Continuous Deployment world. He has worked with various financial and non-financial institutions to implement software security life-cycle and has strong experience of creating an organizational framework to break silos security culture in the organization and builds a unified approach to deal with the root cause of software security problems. Currently he is working with Vantage Point Security as a Regional Program Director for Vantage Point Security and helping clients in SEA region to implement application security program.
 +
<br>
 +
Tuyen is an experienced Security Programme Manager, highly strategic, analytical and performance driven professional with 7+ years of blended experience in managing strategic programs /initiatives within banking & financial, and information technology sectors. Dynamic, versatile, hands-on Program Leader who leads teams to design & implement successful projects/programs that align business objectives and deliver rapid results, within timelines, budgets, and as per specifications.
 +
<br>
 +
 
 +
Catatan :
 +
<br>
 +
peserta tidak perlu membawa laptop acara ini free for everyone<br>
 +
 
 +
Acara ini akan diadakan pada: 27th September 2018<br>
 +
 
 +
From 18:00 pm - 22:00 pm<br>
 +
 
 +
[https://www.meetup.com/meetup-group-XxqLdaeY/events/254502146/?_xtd=gatlbWFpbF9jbGlja9oAJDM1ODIxOTk5LTZlNmYtNDA0Ny05ZDZlLThiYmYzNzQzNTgyZA&_af=event&_af_eid=254502146 REGISTER HERE]
 +
 
 +
venue :<br>
 +
Faspay Working Space<br>
 +
Jakarta Pusat<br>
 +
'''OWASP Jakarta Night #2'''
 +
 
 +
When <br>
 +
19:00 - 22:00<br>
 +
Tue, Aug 7, 2018<br>
 +
 
 +
Where <br>
 +
Venue: <br>
 +
Marque at Cyber 2 Tower, <br>
 +
Jl. H. R. Rasuna Said Blok X-5 Cyber 2 Tower 17th Floor, RT.7/RW.2, Kuningan Timur, Jakarta, Kota Jakarta Selatan, 12950, Indonesia <br>
 +
 
 +
[https://www.eventbrite.com/e/owasp-jakarta-night-2-tickets-48230657194 Registration in here]<br>
 +
 
 +
• Event Program:<br>
 +
18.00p.m - 19.00p.m - Arrival Participant & Registration<br>
 +
19:00 pm – 19:15 p.m - Speech by OWASP Indonesia Chapter Leader , Ade Yoseman Putra<br>
 +
19.15p.m - 19.30 p.m - Speech including Q & A OWASP Indonesia Co Chapter Leader by Suman Sourav<br>
 +
19.30 p.m - 20.30 p.m - Speech including Q & A by David Holmes  <br>
 +
20.30 p.m - 21.30 p.m - Speech including Q & A by Harley Davidson Karel ([[Media:Owasp_Jakarta_Night_-2.pdf|PDF]])<br>
 +
21:30 p.m - 22.00 pm - photo together/networking session <br>
 +
 
 +
Topic:
 +
 
 +
'''Hybrid Cloud Security'''
 +
 
 +
Hybrid Cloud Security continues to be relevant topic. David Holmes ( Global Security Evangelist for F5 Networks) will detail F5’s experience assisting a Fortune 10 company overcome some of their security challenges in moving to a multi-cloud architecture.  His presentation will also include a look at some new F5 technologies that secure and containerize application traffic.
 +
<br>
 +
Mr. Holmes is a 17-year veteran of F5 and has met with banking and finance, government, and private enterprise security teams all over the world so he usually has the measure of who is doing what and where. This is an excellent opportunity to pick his brain about architecture, industry trends, or any other security topic that is top of mind.<br>
 +
 
 +
More about David Holmes:<br>
 +
 
 +
Based in Asia Pacific, David Holmes is the Global Security Evangelist for F5 Networks.  In this role, Holmes is spokesman, researcher and evangelist for F5’s threat intelligence division, with an emphasis on cryptography, distributed denial of service attacks, and the Internet of Things. He speaks at conferences such as RSA, InfoSec and Gartner Data Center.
 +
 
 +
Holmes authors white papers on security topics such as global cryptography trends and modern DDoS threat spectrum. He has also written for industry magazines such as the SCMagazine and Network World. These days,he writes regularly about vulnerabilities, technical solutions and the security industry for SecurityWeek.com and F5 Labs.
 +
 
 +
He joined F5 Networks in 2001, and, as a Principal Software Engineer, where he designed many of the system and core security features. Holmes has 20 years of experience in security and product engineering.
 +
 
 +
Prior to F5, Holmes was a Vice President of Engineering at Dvorak Development (in Boulder, CO) and a Senior Software Engineer (Security) at CyberSafe, Inc.
 +
 
 +
Holmes majored in Computer Science and Engineering Physics at the University of Colorado at Boulder. For public speaking, Holmes has a Competent Communicator award from Toastmasters International and other public speaking awards.
 +
<br><br>
 +
 
 +
Many thanks to F5 for their sponsorship.
 +
<br><br>
 +
 
 +
Harley Davidson Karel<br>
 +
 
 +
'''Topic : Static Analysis Security Testing (SAST) using open source
 +
'''
 +
<br>
 +
Topic Extract :<br>
 +
 
 +
Find security issues on development stage using open source static analysis security testing (SAST), so that developer will be able to identify security issues on earlier stage of software development life cycle, rather than waiting for penetration testing stage.<br>
 +
 
 +
SAST demo will be conducted with command line interface usage, IDE integration, & Jenkins integration. The demo will scan and found security issues on several programming language such as Java, python, & ruby<br>
 +
 
 +
Bio:<br>
 +
 
 +
Harley Davidson Karel is working as Associate Application Security Consultant at Vantage Point Security Indonesia. He is EC-Council Certified and well trained in working in application security activities that help organisations to put security aspect in every stage of software development life cycle. He has been selected as a speaker for PyConMY 2018 Kuala Lumpur, PyConES 2018 Malaga Spain, GrillRB 2018 Wroclaw Poland.
 +
<br>
 +
 
 +
 
 +
 
 +
<br>
 +
 
 +
 
 +
 
 +
'''OWASP Indonesia Q1 Meetup 2018'''
 +
 
 +
 
 +
[[File:Owaspidq12018.jpeg|400px|center]]
 +
==== Talks  ====
 +
<br>'''Reduce the Risk of a Data Breach with Open Source INTelligence (OSINT)'''<br>
 +
by Ayodya (Security Engineer at Bukalapak)<br>
 +
<br> '''Building Appsec Pipeline''' <br> by Suman Sourav<br>
 +
<br>'''OWASP Top 10 Mobile Application Vulnerability'''<br>
 +
by Williams <br>
 +
 
 +
• Event Program:<br>
 +
18.00p.m - 19.00p.m  - Arrival Participant & Registration<br>
 +
19:00 pm – 19:15 p.m - Speech by OWASP Indonesia Chapter Leader<br>
 +
19.15p.m - 20.00 p.m  - Speech including Q & A by Suman Sourav<br>
 +
20.00 p.m - 20.45 p.m  - Speech including Q & A by Ayodya <br>
 +
20.45 p.m - 21.30 p.m  - Speech including Q & A by william <br>
 +
==== Speakers ====
 +
 
 +
'''Ayodya'''
 +
 
 +
[[File:Ayodya.jpg|200px]] <br>
 +
1. Security Engineer at Bukalapak<br>
 +
2. Master of Electrical Engineering (ICT Security) at University of Mercu Buana<br>
 +
3. Founder Cyber Security Division at Computer Student Club of Jakarta State Polytechnic<br>
 +
 
 +
'''Williams'''
 +
 
 +
 
 +
'''Suman Sourav'''
 +
<br> Building Appsec Pipeline <br><br>
 +
 
 +
SOFTWARE SECURITY ASSURANCE & DEVSECOPS PROFESSIONAL - VANTAGE POINT SECURITY PTE. LTD SINGAPORE<br>
 +
 
 +
Suman has more than a decade experience in designing secure-SDLC programs and is passionate about integrating security into the development lifecycle. He is skilled beyond existing static analysis tools and code review techniques and shaping the way the industry secures code in a Continuous Deployment world. He has worked with various financial and non-financial institutions to implement software security life-cycle and has strong experience of creating an organizational framework to break silos security culture in the organization and builds an unified approach to deal with the root cause of software security problems. <br>
 +
 
 +
 
 +
19:00 - 22:00<br>
 +
Thursday, March 29, 2018<br>
 +
Register :[closed]<br>
 +
venue : <br>
 +
[[File:Btpn.png|left]]<br>
 +
Bank BTPN. Menara BTPN, 27 th floor - CBD Mega Kuningan Jl. Dr. Ide Anak Agung Gde Agung Kav. 5.5 – 5.6 Jakarta 12950<br>
 +
 
 +
 
 +
OWASP Jakarta Q4 2017 Meetup<br>
 +
[[File:Owaspmeetupbtpn.jpg|400px|center]]<br>
 +
 
 +
19:00 - 22:00<br>
 +
Tue, Nov 21, 2017<br>
 +
 
 +
BANK BTPN<br>
 +
Menara BTPN - CBD Mega Kuningan <br>
 +
Jl. Dr. Ide Anak Agung Gde Agung Kav. 5.5 – 5.6  Jakarta 12950
 +
<br>
 +
OWASP Jakarta Q4 2017 Meetup<br>
 +
 
 +
Menara BTPN, 27 th floor - CBD Mega Kuningan <br>
 +
Jl. Dr. Ide Anak Agung Gde Agung Kav. 5.5 – 5.6 <br>
 +
Jakarta 12950<br>
 +
Theme : Application Security in Owasp top 10 2017<br>
 +
When :<br>
 +
at Q1 21th  november 2017<br>
 +
From 19:00 pm - 22:00 pm<br>
 +
 
 +
[https://www.eventbrite.com/e/owasp-jakarta-q4-2017-meetup-tickets-39109060252 CLOSED]<br>
 +
==== Talks  ====
 +
 
 +
* '''Secure coding practices with golang''' ([[Media:Owasp-171123063052.pdf|PDF]])<br> by sulhaedir (IT Security Spesialis at Tokopedia)<br>
 +
* '''OWASP Risk Rating Management Project'''([[Media:Riskratingmanagement-170615172835.pdf |PDF]])<br> by M febri <br>
 +
 
 +
==== Speakers ====
 +
 
 +
'''sulhaedir'''
 +
 
 +
[[File:Sulhaedir.jpg|200px]]
 +
 
 +
Sulhaedir have 6 years experience in information security. he work as security specialist at TOKOPEDIA. he also Security research in nemosecurity <br>
 +
<br><br>
 +
'''M.Febri'''<br>
 +
 
 +
 
 +
[[File:Febri.jpg|200px]] <br>
 +
 
 +
he work as Security Consultant at Visionet.<br><br>
 +
 
 +
Thanks for sponsor this meetup<br>
 +
{{MemberLinks|link=https://www.btpn.com/ |logo=Bank_btpn.jpg }}
 +
 
 +
<br>
 +
'''Workshop OWASP at "Sofware Freedom Day 2017"'''<br>
 +
[[File:Sofware freedom day 2017.jpg|200px]]<br><br><br>
 +
 
 +
<br>workshop with KSL UBL  "improving Security Attack and Defense with OWASP"<br>
 +
 
 +
when : Sat, September 16, 08:00 – 15:00 pm<br>
 +
Auditorium Universitas Budi Luhur, Jl. Ciledug Raya No.126, RT.1/RW.2, Petukangan Utara, Pesanggrahan, Kota Jakarta Selatan, Daerah Khusus Ibukota Jakarta 12260, Indonesia<br><br>
 +
'''OWASP Indonesia Day 2017'''
 +
[[File:Owaspdayid1.jpeg|center]]
 +
<br> when Developers, startups, hackers will meet..
 +
just visit us @ OWASP Indonesia Day 2017<br>
 +
Yogyakarta, 09 th september 2017 <br>
 +
<br>https://www.owasp.org/index.php/OWASP_Indonesia_Day_2017<br>
 +
 
 +
if you interested sponsor our events just contact [mailto:[email protected] Ade Yoseman Putra]<br>
 +
 
 +
 
 +
'''OWASP Jakarta Tech Day Meetup 2017'''
 +
[[File:Owaspmeetup2.jpg|left|frameless]]
 +
OWASP Jakarta succesfully host meetup on May 2017
 +
 
 +
with Theme: "How Secure Ecommerce"
 +
 
 +
Date: 14 May 2017 02 pm to 05 pm (GMT+7 Jakarta)
 +
 
 +
Venue: PTC Pulogadung Trade Centre Ballroom 2nd Floor
 +
 
 +
Jalan Raya Bekasi, RW.3, Rw. Terate, Cakung, Kota Jakarta Timur, DKI Jakarta 13920
 +
 
 +
Google Maps :
 +
 
 +
https://goo.gl/maps/gmZnSofLvEF2
 +
 
 +
==== Talks  ====
 +
* '''Turning Legal Website into DDoS Tool''' <br>by Kalpin Erlangga (Indonesia Honeynet Project) ([[Media:IHP-OWASP-Kalpin-Presentation_-_Template-OWASP-Final.pdf|PDF]]) .
 +
* '''The Art of phishing, and how to save yourself'''<br>by Oliver Valentino (Security analyst [http://www.bukalapak.com BUKALAPAK]) ([[Media:OWASP_presentation_-Oliver_Valentino_-.pdf|PDF]])<br>
 +
* '''Trend Defacement On Indonesia E-Commerce Website'''<br>by Achmad Syafaat (ID-SIRTII/CC)<br>
 +
* '''Client Side Security And Testing Tools'''<br>by David Cervigni ( [https://mindedsecurity.com/index.php/about-us/company Minded Security]) ([[Media:OWASP_presentation_jkt2017.pdf|PDF]])
 +
* ''' Hacking as a Livestyle'''<br>Matias Prasodjo(Dracos) ([[Media:Hacking_Live_Style_-_OWASP_Jakarta.pdf|PDF]])<br>
 +
 
 +
==== Speakers ====
 +
====  '''Kalpin Erlangga Silaen''' ====
 +
 
 +
[[File:Kelpin2.jpg]]
 +
 
 +
Kalpin Erlangga Silaen is a senior security consultant with experience more than 15 years in IT. He is a graduate of the Master of Computer in Faculty of Engineering and IT at Swiss German University. He was first winner as a team at Cyber Defense Competition, Ministry of Defense of Indonesia on 2013
 +
 
 +
(Jakarta) and 2014 (Surabaya). He has experience as security penetration tester for various industry such as telecommunication, banking, finance, and government for more than 7 years. His interests includes network and cloud security
 +
 
 +
 
 +
'''Oliver Valentino'''
 +
 
 +
Oliver Valentino is a tech evangelist and security enthusiast. Currently work as a security analyst at [http://www.bukalapak.com bukalapak]. Got his bachelor degree from Universitas Advent Indonesia Bandung
 +
 
 +
'''David Cervigni'''
 +
 +
[[File:Dvd.jpg]]
 +
 
 +
David Cervigni is a Senior Security Consultant of the [https://mindedsecurity.com/index.php/about-us/company Minded Security] consultants team. He has a strong experience in collaborating closely with developer teams to securing SDLC and DevOps systems. His specialties include secure coding training, vulnerability assessment, manual and automated code review solutions, critical software design and compliance. His experience maturated mostly in the financial sector and in the biggest institutions across Swiss and UK markets. He holds a master's degree in computer science from the University of Camerino.
 +
 
 +
'''Achmad Syafaat'''
 +
 
 +
'''Matias Prasodjo'''
 +
 
 +
Matias Prasodjo is Vice Leader [https://dracos-linux.org/ DracOs Linux Team]. he is Subject Matter Expert Security and System at PT Lintas Teknologi Indonesia.
 +
 
 +
==Past Meetup==
 +
OWASP Indonesia Meetup I 2017 on March 4 th, 2017 <br>
 +
See More [https://www.owasp.org/index.php/OWASP_Indonesia_Meetup_I_2017 OWASP Indonesia Meetup I 2017 on March 4 th, 2017]
 +
 
 +
=Bahasa=
 +
 
 +
OWASP Indonesia  adalah sebuah salah satu cabang dari Yayasan OWASP di belahan dunia. Yayasan OWASP adalah terbuka dan organisasi non profit.Kami membuka kesempatan kepada orang indonesia untuk bergabung serta berkontribusi pada OWASP Indonesia (Jakarta) Chapter.
 +
 
 +
Apa Yang Bisa anda kontribusi kan pada Yayasan OWASP
 +
===OWASP Indonesia Chapter===
 +
1. Anda bisa menyediakan Tempat untuk Agenda kami <br>
 +
2. Anda bisa menjadi Speaker & Trainer dalam setiap Event kami<br>
 +
3. Anda bisa menjadi University Supporter Kami<br>
 +
4. Anda bisa menjadi Donatur kami <br>
 +
5. Anda bisa menjadi Kontributor kami dengan submit projek (membuat tools, keamanan aplikasi, dsb) <br>
 +
 
 +
===OWASP Foundation===
 +
1. Anda bisa menjadi Speaker & Trainer dalam setiap Event Yayasan OWASP  di seluruh dunia <br>
 +
2. Anda bisa menjadi Kontributor kami dengan submit projek (membuat tools, keamanan aplikasi, dsb) pada Yayasan OWASP Global<br>
 +
 
 +
how to register OWASP membership, berikut saya sudah jelaskan step by stepnya di [http://www.owasp.or.id/2017/01/owasp-membership.html web owasp.or.id]
 +
 
 +
==Berita==
 +
 
 +
Kami mencari volunteer untuk penerjemahan OWASP 2013 Top Ten dari Bahasa Inggris ke dalam Bahasa. Saat Ini sedang dalam pengerjaan / On Progress.
 +
Silahkan bergabung dengan tim kami [https://www.owasp.org/index.php/OWASP_Top_10_2013_-_Bahasa_Indonesia tim penerjamah OWASP 2013 Top 10-Bahasa]
 +
 
 +
=Our Chapter Leadership=
 +
 
 +
{| class="wikitable"
 +
|-
 +
! scope="col" style="width: 20%; font: bold;" |''' Chapter Leadership Board Member Role'''
 +
! scope="col" |Responsibilities
 +
! scope="col" |Person(s)
 +
|-
 +
|Chapter Leader / Chairman
 +
|The central point of contact for the Chapter and responsible to the OWASP Board. Serves as Chapter Leader and Chapter board chair.
 +
|Ade Yoseman Putra
 +
 
 +
|-
 +
|Sponsor Coordinator
 +
|Serves as the primary liaison between the Chapter and all sponsors, and solicits sponsors for the Chapter meetings, happy hours, and other events.
 +
|Hilman Aditya
 +
 
 +
|-
 +
|Speaker and Special Event Coordinator
 +
|Seeks and schedules speakers for monthly Chapter meetings and other events.
 +
|Dewo Nur Satrio
 +
|-
 +
 
 +
|Conference/Event/Meetup Coordinator
 +
|Coordinates all of the efforts for the annual OWASP Indonesia Day, OWASP Jakarta Night & all OWASP Jakarta Events.
 +
|Eka Syahfitri
 +
|-
 +
|PR/Marketing Coordinator/Designer Grafis
 +
|Provides marketing of OWASP Indonesia Day and other Chapter events.
 +
|Muhamad Iqbal Dewanto
 +
 
 +
|-
 +
|Equipment Committee
 +
|Equipment Committee  for OWASP Meetup
 +
|Bima
 +
 
 +
|-
 +
|Volunteer
 +
|Volunteer Lists
 +
|Achmad Syafaat, Gumux Hijack, Ali Kaharu
 +
 
 +
|-
 +
|Finance
 +
|The Chapter Leader is designated as primary person responsible for Chapter budget and Chapter expense approvals. 
 +
The previous Chapter Leader is designated as secondary approver, who also will approve any expenses submitted by the Chapter Leader.
 +
|
 +
 
 +
 
 +
|-
 +
|Advisory Board Members
 +
|Made up of previous Chapter leaders who provide mentoring, coaching, and assistance to the board and contribute to the Chapter’s success.
 +
|
 +
 
 +
|}
 +
 
 +
 
 +
<headertabs></headertabs>

Latest revision as of 12:03, 23 December 2019

OWASPidn1.jpg

OWASP Jakarta

Welcome to the Jakarta chapter homepage. The chapter leader is Ade Yoseman Putra


Participation

OWASP Foundation (Overview Slides) is a professional association of global members and is open to anyone interested in learning more about software security. Local chapters are run independently and guided by the Chapter_Leader_Handbook. As a 501(c)(3) non-profit professional association your support and sponsorship of any meeting venue and/or refreshments is tax-deductible. Financial contributions should only be made online using the authorized online chapter donation button. To be a SPEAKER at ANY OWASP Chapter in the world simply review the speaker agreement and then contact the local chapter leader with details of what OWASP PROJECT, independent research or related software security topic you would like to present on.

Sponsorship/Membership

Btn donate SM.gif to this chapter or become a local chapter supporter. Or consider the value of Individual, Corporate, or Academic Supporter membership. Ready to become a member? Join Now BlueIcon.JPG

 Bhinneka Tunggal Ika
united we stand divided we fall
OWASP Indonesia

OWASP Indonesia now officially has meetup in jakarta and yogyakarta. Yogyakarta is very special for owasp indonesia. We are non-profit organization. We are pleasure and welcome to all Indonesian to join us and share the knowledge, skill, idea and related to make OWASP Jakarta Project are benefit to everybody. OWASP Jakarta Project as well are the pioneer project for Web Security Application. Any private sector want to contribute and sponsor are welcome. Want to talk at Our Chapter please email us :[email protected]

Please Donate Our Chapter
Btn donate SM.gif

Stay in contact:

Meetup-logo-2x.png Follow-us-on-twitter.png Wa2.jpeg Fb.png Web.jpg Tele.jpg

Stay Updated

Join our low traffic mailing list for event information

Mail-50%smaller.jpeg [ http://lists.owasp.org/mailman/listinfo/owasp-jakarta join our milis]

For all new members and existing member please free to contribute to OWASP Jakarta Chapter and if you are commitment to help OWASP Jakarta please subscribe OWASP Membership for individual. For Corporate sponsor OWASP Jakarta please to contact OWASP Admin. We still open Recruitment to join with us. if you interested feel free for contact me.
We are welcome to join our conversation. If any query don't hesitate to contact OWASP Admin. Everyone is welcome to join us at our chapter meetings.

NOTE: OWASP now promote for who want to become Official Members for Jakarta Chapter. You can get special rate and discount and get email @owasp.org with 25GB space. Please register at here as individual(Memberships) and to see the example how to (REGISTER) OWASP Memberships


NEWS

Events

Chapter Meetings

Visit our group on meetup.com

Upcoming events

No events are scheduled at the moment.

Past events

  • Dec 21, 2023 (19:00): Evaluasi Malware 2023 dan trend Malware 2024, · , Software yang tidak aman telah mengancam infrastruktur keuangan, kesehatan, pertahanan, energi, dan infrastruktur penting lainnya. Dengan semakin kompleks dan terhubungnya infrastruktur digital kita, kesulitan mencapai keamanan aplikasi meningkat secara eksponensial. Open Web Application Security Project (OWASP) yang merupakan komunitas terbuka yang didedikasikan untuk memungkinkan organisasi meng (read more)
  • Sep 15, 2023 (18:00): OWASP Jakarta Night x Fastly x A10 (Offline Meetup)Wework Parc 18, Tower E, SCBD Jl. Jend. Sudirman No.Kav. 52-53 Jakarta, DKI Jakarta 12190, · South Jakarta, Software yang tidak aman telah mengancam infrastruktur keuangan, kesehatan, pertahanan, energi, dan infrastruktur penting lainnya. Dengan semakin kompleks dan terhubungnya infrastruktur digital, kita akan kesulitan mencapai keamanan aplikasi dengan ancaman yang meningkat secara eksponensial. *Open Worldwide Application Security Project* (OWASP) merupakan komunitas terbuka yang didedikasikan untuk (read more)
  • Feb 16, 2023 (17:45): Building Defence in Depths for APIS acros Multiple PlatformUptown Event Space – Plaza Mutiara Lt. 8, Uptown Event Space – Plaza Mutiara Lt. 8 Jl. DR. Ide Anak Agung Gde Agung No.5, Kuningan- · Jakarta, Halo para IT Indonesia!🔥 Yuk join Meetup *OWASP Jakarta Meetup - Building Defence in Depths for APIS across Multiple Platform*, pada: 🗓 Kamis, 16 Februari 2023🕐 17.45 – 20.45 WIB📍 Uptown Event Space – Plaza Mutiara Lt. 8Jl. DR. Ide Anak Agung Gde Agung No.5, Kuningan-Jakarta Selatan Saatnya tambah wawasan kamu dan bangun networking dengan member OWASP Jakarta ! Daftar sekarang dan (read more)
  • Jan 30, 2023 (19:00): Flash memory dumping, · , Topic: Flash memory dumping Abstract: The test case objective is to dump the Flash Memory off the "JTAG" Protocol using "Attify badge" as the Attacking hardware against the DIVA (Damn Insecure and Vulnerable App). Short Bio: Ujval Patel (Hax04) i have 2 total experience in security consulting & auditing. I’m currently working in EY. I started my career as a researcher at (read more)
  • Nov 28, 2022 (19:00): Secure Coding Practice with PyGoat, · , Topic : Secure Coding Practice with PyGoatrepo here :https://github.com/adeyosemanputra/pygoat Bio :My name is Rupak Biswas, and I am an avid open-source contributor who is now heading a team of creative minds at the OWASP IIT Patna chapter. In addition, I am a core member of the Google Developer Student Club at IIT Patna, managing, contributing to, and leading a variety of open source projects in (read more)
See all past events on meetup.com

2019

Mentor for Google Summer Of Code 2019 Google Summer Of Code 2019

Past Security Events

2018

OWASP Appsec Europe 2018 2th-6th july 2018, UK

Taiwan International Information Security Organization Summit 2018 OWASP TAIWAN SUMMIT 2018 Taipei, Taiwan

Open Security Summit 2018 @Remotely, Open Security Summit 2018 London, UK.

OWASP Sendai Chapter Meeting 2018, Sendai Japan 27 th april 2018

Blackhat Asia Singapore 2018 Bussiness Hall "TRENDS AND STRATEGIES FOR SECURING THE INTERNET OF THINGS" 23 th March 2018

Blackhat Asia Singapore 2018 Arsenal @Arsenal, Blackhat Asia Singapore 2018

2017

Codebali International Cyber Security Conference and Exhibitions 2017, FIRST-TC, 26-29 th September 2017

National Seminar of Research & Development Id-SIRTII/CC 2017, Hotel Grand Tjokro Bandung West Java Indonesia Theme : Tren IOT & Mobile System 27 July 2017

Taiwan International Information Security Organization Summit 2017 OWASP DAY TAIWAN 2017 11 - 13 July 2017

OWASP Summit 2017 London, England [Participants from OWASP Jakarta Chapter is Ade Yoseman, Petty Meisari & 12-16 June 2017

Blackhat Asia Singapore 2017 @Arsenal, Blackhat Asia Singapore 2017 30 - 31 March 2017

2016

OWASP DAY KL 2016 Malaysia OWASPKL2016 15 - 17 November 2016

History

On December 2016, Ade Yoseman reactive OWASP Indonesia

Project Volunteering

OWASP Juice Shop UI v2.21.1 available in Indonesian language! 🇮🇩 (Preview: [OWASP Juice Shop]) download https://github.com/bkimminich/juice-shop/releases/tag/v2.21.1

Project On Progress

Here the lists Project have been submit by OWASP JAKARTA Chapter Projects Members
OWASP Jakarta Projects

2017

OWASP SecureTea Project

2019

Risk Assessment Framework


Sponsoring

Help us to make application security visible and become a supporter of the OWASP or our Chapter in Indonesia. All information about becoming a member/sponsor can be found here.

If your company is interested in supporting us directly, please contact Ade Yoseman Putra to talk about the following sponsoring possibilities.

Chapter Supporter
Single Meeting Supporter
Facility Sponsor
Organization Supporters (allocating 40% of your annual donation to our Chapter)

Local Chapter Supporter

Meeting Sponsors

The following is the list of organisations who have generously provided us with space for OWASP Indonesia chapter meetings:

Mozzilla Indonesia

Corporate Sponsors

Rumah Web f5 Networks Bank BTPN Faspay PT. Media Indonusa Bank Mandiri BUKALAPAK Codemargonda

Government Agency

Community

National Cyber Security Defence BSidesIndonesia

see our Meetup
https://www.meetup.com/OWASP-Jakarta-Chapter/

Next Meetup

We Are Currently seeking venue and sponsorship for owasp monthly meetup. if your company interested support us please email us : [email protected]
Want to talk at Our Chapter please email us :[email protected]

OWASP Jakarta Night Q4 2018 @Bukalapak.com

When: 28th November 2018

From 17:00 pm - 22:00 pm

venue :
Bukalapak Engineering Office, Jalan Ampera Raya, RT.5/RW.10, Ragunan, South Jakarta City, Jakarta Indonesia

Sesi ini akan mendiskusikan tentang :
1. Keynote speech by Badan Siber Sandi Negara / BSSN (Tbc)
2. Security Championing by Vandy Putrandika
3. Novice to expert in Deep Learning and why it's necessary? by rohit parab
4. An architectural approach for decentralized applications by Ayodya Dewangga S R

Event Program:
17:00pm -18:00 pm - Arrival Participant & Registration
18.00p.m - 18.30p.m - Keynote speech - Badan Siber Sandi Negara / BSSN (Tbc)
18:30 pm – 19:15 p.m - Speech by Vandy Putrandika
19.15 p.m - 19.45 p.m - Speech including Q & A by Rohit Parab
20.45 p.m - 21.45 p.m - Speech including Q & A by Ayodya
21:45 p.m - 22.00 pm - Networking Session /Photo Together

This Meetup provide free Snack & food

Sponsored by Bukalapak.com

Topic: Security Championing
Abstract:

Resource, visibility and advocacy are always the main problems for the information security team in any company. Time and head count will always be scarce for the mandated scope of work. For a security bug, we might have to check all corners, rather than someone telling it to us. And no one actually thinks that infosec guys are the hero, right?

Security championing model tries to be the silver bullet for all those, especially in companies who want to incorporate DevSecOps. Yet, the implementation is not without obstacle. It may even introduce new problems along the way.

End of the talk one would be able to understand

1. What is security championing?
2. Who should implement security champion model and when is the best time?
3. Where we can find and evangelize these security champions?
Bio:
Vandy Putrandika
Vandy is a security, governance and project management generalist who is passionate about digital strategy and transformation. Currently he works at Bukalapak as the Head of Information Security and managing the super-awesome security team inside while juggling with several security programs.

Topic :
An architectural approach for decentralized applications

1. Understanding web 2.0 and web 3.0
2. The pros and cons of web 3.0
3. What are decentralized applications?
4. What are the benefits of decentralized application?
5. How to build a decentralized application?
6. How to secure decentralized application?

Ayodya Dewangga S R

1. E-Channel Product Development Risk Officer at PT Bank Mandiri (Persero) Tbk
2. Chief Information Security Officer at PT Dekodr Solusi Digital Indonesia
3. Master of Electrical Engineering (ICT Security) at University of Mercu Buana
4. Founder Cyber Security Division at Computer Student Club of Jakarta State Polytechnic

Rohit Parab

Title - Novice to expert in Deep Learning and why it's necessary? Bio - Co-Founder & CEO at Praemineo, Inc (The Artificial Intelligence Company). Almost a decade of solid hands-on experience in full life-cycle software development. Built applications in as varied as Desktop, Web and now in AI. Experienced in building high performance teams for high output in quicktime. A UX person. Strongly believes that a complete code should not just work, but also be clean and maintainable. An Artificial Intelligence enthusiast.

Abstract - In brief, I will be sharing how someone can

1. Get started with Deep Learning.
2. What are the basic requirements.
3. Online free resources.
4. How much of math is required.
5. What is the current state of Deep Learning and its effects on future.


Past Meetup

OWASP JAKARTA NIGHT Q4 2018

When: 22th October 2018

From 17:00 pm - 22:00 pm

venue :

Plaza Mandiri Auditorium lantai 3
Jl jendral gatot subroto Kav. 36-38 Jakarta 12190, Indonesia

This Meetup provide free drink & food

Sponsored by Bank Mandiri

Talk
1. How to protecting critical infrastructure national (Study case: asian games 2018) by Yusuf Hadiwinata Sutandar

2. Security Engineering by Semi Yulianto

Abstract:
Security engineering is a specialized field of engineering that focuses on the security aspects in the design of systems that need to be able to deal robustly with possible sources of disruption, ranging from natural disasters to malicious acts. It is similar to other systems engineering activities in that its primary motivation is to support the delivery of engineering solutions that satisfy pre-defined functional and user requirements, but it has the added dimension of preventing misuse and malicious behavior.

Topics:
- Security Objectives
- Security Design Guidelines
- Security Modeling
- Security Architecture and Design Review
- Security Code Review
- Security Testing
- Security Tuning
- Security Deployment Review

These activities are designed to help meet security objectives in the software life cycle.
Sesi ini including :
Demo: Threat Modeling, Secure Code Review & Dynamic Analysis

Short bio :
Semi Yulianto
BSc. (Accounting), M.IT (IT Security & Governance)
Doctor in IT, Student at Graduate School of University of the East (Manila, Philippines) MCT, MCDBA, MCTS, MCITP, MCSA, MCSE, MCT, CCNP, CWNA, CEH, ECSA, CHFI, ECSP, EDRP, CND, CEI, SSCP, CISSP, CSSLP, CISA, CISM, CySA+, CASP, OSSA, CASE Java. Co-Founder & CEO, Chief Hacking Officer (CHO) of PT. Systech Global Informasi (SGI Asia).

Information Security Interim Consultant / Subject Matter Expert (SME) at PT. Trinusa Travelindo (Traveloka).

Information Security/Cyber Security Practitioner, Consultant & Senior Technical Trainer


More than 20 years working experience in the IT industry with experiences in the area of Application and Software Development (Database and Management), Operating Systems, Server Systems, Messaging and Collaboration, Inter-networking, Network Infrastructure, Desktop Support and Application (Secure Programming & SDL) and Network Security. Has trained IT Professionals from diverse organizations in Asia Pacific, Middle East and Africa region namely Indonesia, Malaysia, Singapore, Thailand, Bhutan, Cambodia, Philippines, Saudi Arabia/KSA, Tunisia, Morocco & South Korea. Proven track of records in delivering High Quality IT training with very good to excellent feedback ratings (full clients’ satisfaction). Deep knowledge and excellent skills on Vulnerability Assessment, Ethical Hacking, Penetration Testing, IT Audit and Computer Forensics with combination of Technical and Management expertise. Interested in Exploit Writing, Malware Analysis, Forensics on Moving Data, and Cloud Computing Security.
Mission: 'To create Awareness and Educate People in Information Systems Security'

3. DevSecOps Automation: Speedup software delivery with security in mind by Denny

Desc:
Integrating SAST and DAST into SDLC (CI/CD) to quickly find potential security problem in both code and runtime, without sacrificing delivery time. Focusing on the speed on deliveries and creating secure by default software,

Bio:

Denny began his IT career as a software developer, have 5 years experience in developing application on various platform and it was a great advantage to jump into application security as a professional penetration tester for almost 5 years. Now working for Vantage Point Security as a Senior Application Security Consultant, focusing in Security Testing Integration into SDLC process.

• Event Program:
18.00 p.m - 18.30 p.m - Arrival Participant & Registration
18:30 pm – 18:45 p.m - Speech by Nadira Bajrei from Bank Mandiri
18.45p.m - 19.30 p.m - Speech including Q & A by Denny
19.30 p.m - 20.30 p.m - Speech including Q & A by Yusuf Hadiwinata Sutandar
20.30 p.m - 21.30 p.m - Speech including Q & A by Semi Yulianto
21:30 p.m - 22.00 pm - photo together / networking Session


OWASP Indonesia Online Session Talk
Title: Strengthen and Scale security using DevSecOps(PDF)
Thursday, October 4, 2018
1:00 PM to 2:00 PM

Register : https://www.meetup.com/meetup-group-XxqLdaeY/events/255089357/
Speaker Bio


Imran "secfigo" Mohammed is a seasoned security professional with 8 years of experience in helping organisations with their Information Security Programs. He has a diverse background in R&D, consulting and product based industries with a passion to solve complex security programs. Imran is the founder of Null Singapore, the largest information security community in Singapore where he has organised more than 60 events & workshops to spread security awareness. He is also the author of OWASP DevSecOps Studio, OWASP DevSlop and Awesome-Fuzzing projects.

He was also nominated as community star for being the go-to person in the community whose contribution and knowledge sharing has helped many professionals in the security industry. He is usually seen speaking/training in conferences like Blackhat, OWASP AppSec, DevSecCon, PyCon, NullCon, All Day DevOps, Null and OWASP chapters.


OWASP JAKARTA NIGHT Q3 2018
Sesi ini akan mendiskusikan tentang :
Web Application by Design with OWASP

Pembicara
1. First Step to Web Application ISO27001 vs PCIDSS VS OWASP TOP 10 by Elias (Head of System Development Faspay) (PDF)
2. Building a tailored AppSec Program using OpenSAMM by Suman Sourav & Tuyen Do

Abstract: Building a tailored AppSec Program using OpenSAMM

The Software Assurance Maturity Model (SAMM) is an open framework to help organizations formulate and implement a strategy for software security that is tailored to the specific risks facing the organization. The resources provided by SAMM will aid in:

• Evaluating an organization’s existing software security practices
• Building a balanced software security program in well-defined iterations
• Demonstrating concrete improvements to a security assurance program
• Defining and measuring security-related activities within an organization

This session is focused on the practical implementation of an AppSec Program based on your organization needs and business risk appetite. Most of the AppSec program fails because of lack of programmatic approach and strategic rollout. Participants will learn about an importance of a Security Program Management, how it solves people, process and technologies challenges in implementing an AppSec program, driving results and metrics relevant to the different stakeholders.

Speaker Bio:
Suman is a Certified Secure Software Lifecycle Professional (CSSLP) having more than a decade experience in designing secure-SDLC programs and is passionate about integrating security into the development lifecycle. He is skilled beyond existing static analysis tools and code review techniques and shaping the way the industry secures code in a Continuous Deployment world. He has worked with various financial and non-financial institutions to implement software security life-cycle and has strong experience of creating an organizational framework to break silos security culture in the organization and builds a unified approach to deal with the root cause of software security problems. Currently he is working with Vantage Point Security as a Regional Program Director for Vantage Point Security and helping clients in SEA region to implement application security program.
Tuyen is an experienced Security Programme Manager, highly strategic, analytical and performance driven professional with 7+ years of blended experience in managing strategic programs /initiatives within banking & financial, and information technology sectors. Dynamic, versatile, hands-on Program Leader who leads teams to design & implement successful projects/programs that align business objectives and deliver rapid results, within timelines, budgets, and as per specifications.

Catatan :
peserta tidak perlu membawa laptop acara ini free for everyone

Acara ini akan diadakan pada: 27th September 2018

From 18:00 pm - 22:00 pm

REGISTER HERE

venue :
Faspay Working Space
Jakarta Pusat
OWASP Jakarta Night #2

When
19:00 - 22:00
Tue, Aug 7, 2018

Where
Venue:
Marque at Cyber 2 Tower,
Jl. H. R. Rasuna Said Blok X-5 Cyber 2 Tower 17th Floor, RT.7/RW.2, Kuningan Timur, Jakarta, Kota Jakarta Selatan, 12950, Indonesia

Registration in here

• Event Program:
18.00p.m - 19.00p.m - Arrival Participant & Registration
19:00 pm – 19:15 p.m - Speech by OWASP Indonesia Chapter Leader , Ade Yoseman Putra
19.15p.m - 19.30 p.m - Speech including Q & A OWASP Indonesia Co Chapter Leader by Suman Sourav
19.30 p.m - 20.30 p.m - Speech including Q & A by David Holmes
20.30 p.m - 21.30 p.m - Speech including Q & A by Harley Davidson Karel (PDF)
21:30 p.m - 22.00 pm - photo together/networking session

Topic:

Hybrid Cloud Security

Hybrid Cloud Security continues to be relevant topic. David Holmes ( Global Security Evangelist for F5 Networks) will detail F5’s experience assisting a Fortune 10 company overcome some of their security challenges in moving to a multi-cloud architecture. His presentation will also include a look at some new F5 technologies that secure and containerize application traffic.
Mr. Holmes is a 17-year veteran of F5 and has met with banking and finance, government, and private enterprise security teams all over the world so he usually has the measure of who is doing what and where. This is an excellent opportunity to pick his brain about architecture, industry trends, or any other security topic that is top of mind.

More about David Holmes:

Based in Asia Pacific, David Holmes is the Global Security Evangelist for F5 Networks. In this role, Holmes is spokesman, researcher and evangelist for F5’s threat intelligence division, with an emphasis on cryptography, distributed denial of service attacks, and the Internet of Things. He speaks at conferences such as RSA, InfoSec and Gartner Data Center.

Holmes authors white papers on security topics such as global cryptography trends and modern DDoS threat spectrum. He has also written for industry magazines such as the SCMagazine and Network World. These days,he writes regularly about vulnerabilities, technical solutions and the security industry for SecurityWeek.com and F5 Labs.

He joined F5 Networks in 2001, and, as a Principal Software Engineer, where he designed many of the system and core security features. Holmes has 20 years of experience in security and product engineering.

Prior to F5, Holmes was a Vice President of Engineering at Dvorak Development (in Boulder, CO) and a Senior Software Engineer (Security) at CyberSafe, Inc.

Holmes majored in Computer Science and Engineering Physics at the University of Colorado at Boulder. For public speaking, Holmes has a Competent Communicator award from Toastmasters International and other public speaking awards.

Many thanks to F5 for their sponsorship.

Harley Davidson Karel

Topic : Static Analysis Security Testing (SAST) using open source
Topic Extract :

Find security issues on development stage using open source static analysis security testing (SAST), so that developer will be able to identify security issues on earlier stage of software development life cycle, rather than waiting for penetration testing stage.

SAST demo will be conducted with command line interface usage, IDE integration, & Jenkins integration. The demo will scan and found security issues on several programming language such as Java, python, & ruby

Bio:

Harley Davidson Karel is working as Associate Application Security Consultant at Vantage Point Security Indonesia. He is EC-Council Certified and well trained in working in application security activities that help organisations to put security aspect in every stage of software development life cycle. He has been selected as a speaker for PyConMY 2018 Kuala Lumpur, PyConES 2018 Malaga Spain, GrillRB 2018 Wroclaw Poland.




OWASP Indonesia Q1 Meetup 2018


Owaspidq12018.jpeg

Talks


Reduce the Risk of a Data Breach with Open Source INTelligence (OSINT)
by Ayodya (Security Engineer at Bukalapak)

Building Appsec Pipeline
by Suman Sourav

OWASP Top 10 Mobile Application Vulnerability
by Williams

• Event Program:
18.00p.m - 19.00p.m - Arrival Participant & Registration
19:00 pm – 19:15 p.m - Speech by OWASP Indonesia Chapter Leader
19.15p.m - 20.00 p.m - Speech including Q & A by Suman Sourav
20.00 p.m - 20.45 p.m - Speech including Q & A by Ayodya
20.45 p.m - 21.30 p.m - Speech including Q & A by william

Speakers

Ayodya

Ayodya.jpg
1. Security Engineer at Bukalapak
2. Master of Electrical Engineering (ICT Security) at University of Mercu Buana
3. Founder Cyber Security Division at Computer Student Club of Jakarta State Polytechnic

Williams


Suman Sourav
Building Appsec Pipeline

SOFTWARE SECURITY ASSURANCE & DEVSECOPS PROFESSIONAL - VANTAGE POINT SECURITY PTE. LTD SINGAPORE

Suman has more than a decade experience in designing secure-SDLC programs and is passionate about integrating security into the development lifecycle. He is skilled beyond existing static analysis tools and code review techniques and shaping the way the industry secures code in a Continuous Deployment world. He has worked with various financial and non-financial institutions to implement software security life-cycle and has strong experience of creating an organizational framework to break silos security culture in the organization and builds an unified approach to deal with the root cause of software security problems.


19:00 - 22:00
Thursday, March 29, 2018
Register :[closed]
venue :

Btpn.png

Bank BTPN. Menara BTPN, 27 th floor - CBD Mega Kuningan Jl. Dr. Ide Anak Agung Gde Agung Kav. 5.5 – 5.6 Jakarta 12950


OWASP Jakarta Q4 2017 Meetup

Owaspmeetupbtpn.jpg

19:00 - 22:00
Tue, Nov 21, 2017

BANK BTPN
Menara BTPN - CBD Mega Kuningan
Jl. Dr. Ide Anak Agung Gde Agung Kav. 5.5 – 5.6 Jakarta 12950
OWASP Jakarta Q4 2017 Meetup

Menara BTPN, 27 th floor - CBD Mega Kuningan
Jl. Dr. Ide Anak Agung Gde Agung Kav. 5.5 – 5.6
Jakarta 12950

Theme : Application Security in Owasp top 10 2017

When :
at Q1 21th november 2017
From 19:00 pm - 22:00 pm

CLOSED

Talks

  • Secure coding practices with golang (PDF)
    by sulhaedir (IT Security Spesialis at Tokopedia)
  • OWASP Risk Rating Management Project(PDF)
    by M febri

Speakers

sulhaedir

Sulhaedir.jpg

Sulhaedir have 6 years experience in information security. he work as security specialist at TOKOPEDIA. he also Security research in nemosecurity


M.Febri


Febri.jpg

he work as Security Consultant at Visionet.

Thanks for sponsor this meetup
Bank_btpn.jpg       


Workshop OWASP at "Sofware Freedom Day 2017"
Sofware freedom day 2017.jpg



workshop with KSL UBL "improving Security Attack and Defense with OWASP"

when : Sat, September 16, 08:00 – 15:00 pm
Auditorium Universitas Budi Luhur, Jl. Ciledug Raya No.126, RT.1/RW.2, Petukangan Utara, Pesanggrahan, Kota Jakarta Selatan, Daerah Khusus Ibukota Jakarta 12260, Indonesia

OWASP Indonesia Day 2017

Owaspdayid1.jpeg


when Developers, startups, hackers will meet.. just visit us @ OWASP Indonesia Day 2017
Yogyakarta, 09 th september 2017

https://www.owasp.org/index.php/OWASP_Indonesia_Day_2017

if you interested sponsor our events just contact Ade Yoseman Putra


OWASP Jakarta Tech Day Meetup 2017

Owaspmeetup2.jpg

OWASP Jakarta succesfully host meetup on May 2017

with Theme: "How Secure Ecommerce"

Date: 14 May 2017 02 pm to 05 pm (GMT+7 Jakarta)

Venue: PTC Pulogadung Trade Centre Ballroom 2nd Floor

Jalan Raya Bekasi, RW.3, Rw. Terate, Cakung, Kota Jakarta Timur, DKI Jakarta 13920

Google Maps :

https://goo.gl/maps/gmZnSofLvEF2

Talks

  • Turning Legal Website into DDoS Tool
    by Kalpin Erlangga (Indonesia Honeynet Project) (PDF) .
  • The Art of phishing, and how to save yourself
    by Oliver Valentino (Security analyst BUKALAPAK) (PDF)
  • Trend Defacement On Indonesia E-Commerce Website
    by Achmad Syafaat (ID-SIRTII/CC)
  • Client Side Security And Testing Tools
    by David Cervigni ( Minded Security) (PDF)
  • Hacking as a Livestyle
    Matias Prasodjo(Dracos) (PDF)

Speakers

Kalpin Erlangga Silaen

Kelpin2.jpg

Kalpin Erlangga Silaen is a senior security consultant with experience more than 15 years in IT. He is a graduate of the Master of Computer in Faculty of Engineering and IT at Swiss German University. He was first winner as a team at Cyber Defense Competition, Ministry of Defense of Indonesia on 2013

(Jakarta) and 2014 (Surabaya). He has experience as security penetration tester for various industry such as telecommunication, banking, finance, and government for more than 7 years. His interests includes network and cloud security


Oliver Valentino

Oliver Valentino is a tech evangelist and security enthusiast. Currently work as a security analyst at bukalapak. Got his bachelor degree from Universitas Advent Indonesia Bandung

David Cervigni

Dvd.jpg

David Cervigni is a Senior Security Consultant of the Minded Security consultants team. He has a strong experience in collaborating closely with developer teams to securing SDLC and DevOps systems. His specialties include secure coding training, vulnerability assessment, manual and automated code review solutions, critical software design and compliance. His experience maturated mostly in the financial sector and in the biggest institutions across Swiss and UK markets. He holds a master's degree in computer science from the University of Camerino.

Achmad Syafaat

Matias Prasodjo

Matias Prasodjo is Vice Leader DracOs Linux Team. he is Subject Matter Expert Security and System at PT Lintas Teknologi Indonesia.

Past Meetup

OWASP Indonesia Meetup I 2017 on March 4 th, 2017
See More OWASP Indonesia Meetup I 2017 on March 4 th, 2017

OWASP Indonesia adalah sebuah salah satu cabang dari Yayasan OWASP di belahan dunia. Yayasan OWASP adalah terbuka dan organisasi non profit.Kami membuka kesempatan kepada orang indonesia untuk bergabung serta berkontribusi pada OWASP Indonesia (Jakarta) Chapter.

Apa Yang Bisa anda kontribusi kan pada Yayasan OWASP

OWASP Indonesia Chapter

1. Anda bisa menyediakan Tempat untuk Agenda kami
2. Anda bisa menjadi Speaker & Trainer dalam setiap Event kami
3. Anda bisa menjadi University Supporter Kami
4. Anda bisa menjadi Donatur kami
5. Anda bisa menjadi Kontributor kami dengan submit projek (membuat tools, keamanan aplikasi, dsb)

OWASP Foundation

1. Anda bisa menjadi Speaker & Trainer dalam setiap Event Yayasan OWASP di seluruh dunia
2. Anda bisa menjadi Kontributor kami dengan submit projek (membuat tools, keamanan aplikasi, dsb) pada Yayasan OWASP Global

how to register OWASP membership, berikut saya sudah jelaskan step by stepnya di web owasp.or.id

Berita

Kami mencari volunteer untuk penerjemahan OWASP 2013 Top Ten dari Bahasa Inggris ke dalam Bahasa. Saat Ini sedang dalam pengerjaan / On Progress. Silahkan bergabung dengan tim kami tim penerjamah OWASP 2013 Top 10-Bahasa

Chapter Leadership Board Member Role Responsibilities Person(s)
Chapter Leader / Chairman The central point of contact for the Chapter and responsible to the OWASP Board. Serves as Chapter Leader and Chapter board chair. Ade Yoseman Putra
Sponsor Coordinator Serves as the primary liaison between the Chapter and all sponsors, and solicits sponsors for the Chapter meetings, happy hours, and other events. Hilman Aditya
Speaker and Special Event Coordinator Seeks and schedules speakers for monthly Chapter meetings and other events. Dewo Nur Satrio
Conference/Event/Meetup Coordinator Coordinates all of the efforts for the annual OWASP Indonesia Day, OWASP Jakarta Night & all OWASP Jakarta Events. Eka Syahfitri
PR/Marketing Coordinator/Designer Grafis Provides marketing of OWASP Indonesia Day and other Chapter events. Muhamad Iqbal Dewanto
Equipment Committee Equipment Committee for OWASP Meetup Bima
Volunteer Volunteer Lists Achmad Syafaat, Gumux Hijack, Ali Kaharu
Finance The Chapter Leader is designated as primary person responsible for Chapter budget and Chapter expense approvals.

The previous Chapter Leader is designated as secondary approver, who also will approve any expenses submitted by the Chapter Leader.


Advisory Board Members Made up of previous Chapter leaders who provide mentoring, coaching, and assistance to the board and contribute to the Chapter’s success.