This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
OWASP Day KL 2011
| |
|
|---|---|
 |
|
OWASP DAY KL 2011 - Malaysia
OWASP Malaysia will host OWASP Day KL 2011 in Kuala Lumpur, Malaysia from Sep. 20 to Sep. 21, 2011 and colloborate with UniKL-MIIT & OSDCMY. The events will gather OWASP leaders, security experts, executives, technical thought leaders, developers, scientists and researchers from Malaysia and around the world for in-depth discussions of cutting-edge application security issues. The summit will draw participation from major Malaysia and global organizations across various verticals including government, information technology, services and consulting, telecommunications, finance, e-commerce, Internet, universities and research institutes. About 200 people are expected to attend the events. exhibition and lunch will be held at the summit, providing sufficient networking opportunities.
Official Invitation Letter for OWASP Day KL 2011 English & Malay.
For the events day we have limited OWASP T-shirt from OWASP Foundation for the most twitter using hash-tag #owaspmy. We will calculate your twitter base on twitter status.
FaceBook Event Page OWASP Day KL 2011
For more detail on the fee and workshop
Who Should Attend OWASP Day KL 2011:
- Application Developers
- Application Testers and Quality Assurance
- Application Project Management and Staff
- Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
- Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
- Security Managers and Staff
- Executives, Managers, and Staff Responsible for IT Security Governance
- IT Professionals Interesting in Improving IT Security
- Lecturer & Student it IT field
All the attendee will be provided Attendee Certificate by UniKL & OWASP Malaysia
Adli Wahid
Adli Wahid of Cybersecurity Malaysia VP CyberSecurity Responsive Services on a day to day basis. Our team provide incident handling service for anything related to .MY, watch and warn activities, and co-ordination with other security teams (FIRST, APCERT), research groups (i.e. The Honeynet Project) and interest groups (i.e. APWG, ShadowServer).
He specializes in malware, phishing and visualization and has designed and co-ordinated cyber drill exercise at the national and regional level.
OWASP DAY KL 2011
CALL FOR Presentation
OWASP Day KL 2011 Conference will be a major international forum for the presentation of research results, cutting-edge ideas and in-depth discussions in the field of application security. OWASP Day KL 2011 Conference invites application security researchers, thought leaders and developers worldwide to submit papers for the opportunity of presenting to expected participants.
The topics we are seeking include, but are not limited to:
- Web Application Security
- Mobile Application Security
- Cloud Application Security
- Software and Architecture Patterns for Application Security
- Metrics for Application Security
- OWASP Tools and Projects
- Secure Coding Practices (J2EE/.NET)
- Application Security Testing
- New Attacks and Defense
- Other subjects related to OWASP and Application Security
To make a submission:
Call For Presentation CLOSED
Each talk should be limited to 40 minutes, followed by a 5 minute question session.
- Submission deadline: August 20, 2011.
- Notification of acceptance: August 22, 2011.
- Presentation slides due: September 20, 2011.
CALL FOR Training
In-conjunction with OWASP Day KL 2011 also provided workshop. It will separate day with the seminar and will conduct 1 full day. It will 3 major topic on the workshop.
- SQL Injection (Secure & Prevent)
- Penetration Tester
- IT Audit
Call For Training CLOSED
- All the speaker & trainers will be given Speaker Honor Cert from UniKL & OWASP Malaysia
Suhas Desai
A distinguished Senior Consultant of Aujas Networks, At Aujas, he is handling Mobile Security Services. He is responsible for growth of Mobile Security Services. His extensive experience in Mobile Technology spreads across iApps Security, Mobile PKI, Mobile Apps (Android, J2ME), USSD/DSTK Apps, Mobile VAS, SIM card and Mobile Payment’s Security services. Prior to joining Aujas Networks, he has worked with Tech Mahindra. A frequent speaker at prominent industry and customer forums, Desai has been on technical advisory committees for prestigious National and International conferences. He has delivered over 350 conference talks on software & mobile security across the globe including OSSPAC’09, Singapore; INTEROP 2009, Mumbai; STeP-IN 2010 Bangalore; MOSC 2010, Kuala Lumpur; OSBizConference 2010, Malaysia; ‘Mobile VAS in Growth Markets summit’, 2010, Dubai ; ClubHack 2009, Pune; c0c0n 2010, Cochin and ‘4th Mobile Commerce Summit ASIA’, 2011, Kuala Lumpur. He is a proud author of several research papers for reputed journals and magazines in Security, RFID and Image Processing domain. He also contributes features for Linux for You, Linux+ and Linux Journal magazines.
Ahmad Azizan Idris
Ahmad Azizan graduated from International Islamic University Malaysia with Bachelor's Degree in Computer Science and is currently working as an Intrusion Analyst in Malaysia Computer Emergency Response Team (MyCERT) at CyberSecurity Malaysia. His works mainly concentrated in incident handling, malware analysis, security tools development and other security-related stuff. Currently he involves heavily in mitigating client-side attack specifically on Malicious PDF analysis.
Azam Abdul Rahim
Azril azam is currently works as the Global Response Center Development Team Leader with the International Multilateral Partnership Against Cyber Threats (IMPACT), an International Telecommunication Union (ITU) cybersecurity agenda agency. Previously, azril works as the senior researcher with MIMOS Berhad specialized in x86 system virtualization, trusted computing, and computer forensics. He is currently a GIAC certified forensics analyst and also the EC COUNCIL certified security instructor. He has wrote several papers pertain to system security, computer forensics and system virtualization. He also a firm believer in OSS where till this date has wrote several security software under the GNU license. His computer forensics software project called FIRST has won several international and demostic awards including gold award for invention at ITEX 2006 and best Malaysian open source software 2006. Currently at his sparetime, he is in the final stage in completing the next OSS project
Errazudin Ishak
Errazudin holds a Master`s degree in Computer Science (Software Engineering) and works as Solution Architect at Mimos Berhad, A Malaysia government research agency, in ICT and frontier technology. His job focuses on web application developement, deployment, performance and stability. He has spoken at several meetups and conferene and has worked with various back-end and web technologies. In his free time he loves to emulate Richard Gasquet`s backhand on court.
Walter Wong
Walter is a technical lead for Gain Secure based in Malaysia. The company specialized for providing secure application development and user experience (UX) consultation services to customers. Walter is a Microsoft MVP for developer security. Research on application development security is Walter's personal interest. He also successfully discovered many websites vulnerabilities including some high traffic websites over the past few years. Walter often speaks at technical conferences such as Visual Studio 2010 Launch, TechEd SEA, Security Symposium, TechNet/MSDN, Tech Insights and more.
Harisfazillah Jamel
Mohd Hafiz Tabrani
Mohd Hafiz Tabrani currently works as Senior Intrusion Analysis for Malaysia Computer Emergency and Response Team (MyCERT) under umbrella of CyberSecurity Malaysia. Prior to that, he worked as an Intrusion Analyst at MyCERT department. His education background comprises of Degree in Computer Science from National University of Malaysia in 2000.
Hafiz has been involved in the computer security field for over 5 years. His area of focus and interest is network security, honeynet, websecurity and malware analysis. He also engages in several penetration-testing exercises and to provide solutions for any vulnerability detected. Moreover, he is recognized for conducting numbers of training for organizations to talk on topics ranging from introduction to advanced security courses. He also involved as a GSOC (Google Summer of Code) mentor for Honeynet Project during 2010 mentoring on PHP Sandbox. He is also main contributor for CyberSecurity Malaysia Honeynet Project’s blog. He currently holds a GPEN certification from SANS Institute.
Adnan Mohd Shukor
Adnan Mohd Shukor is an Intrusion Analyst at Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia. His Education background comprises of Degree in Information Technology, majoring in Security Technology from Multimedia University. He is also a GIAC Certified Penetration Tester (GPEN), GIAC Certified Incident Handler (GCIH) and member of the SANS Advisory Board since 2009.
In the IT security line of work, he has plenty of experience in aspects of network security, penetration testing, web security, client side security, honeypot technology, system development and automation. He has contributed a lot in open source projects especially related to security and he is also the founder of DontPhishMe and MyPHPIPS
Alip Aswalid Asri
Alip Aswalid bin Asri is an Intrusion Analyst at Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia. His works mainly concentrated in Incident Handling, Website Security, Penetration Testing and Security Tools Development. He is also familiar in web development using Ruby on Rails and PHP.
Syed Zainudeen Mohd Shaid
Syed Zainudeen Mohd Shaid is a member of Information Assurance and Security Research Group (IASRG) in Universiti Teknologi Malaysia (UTM). With a Software Reverse Engineering background, he is now active in Malware Research and Penetration Testing. He also does training on Ethical Hacking and give talks on Computer & Internet Security. He is currently the Web Security Advisor for UTM.
Mohd Ridzuan Isa
Mr. Mohd Ridzuan Isa was born in october 1978, entered IIUM for the programme of Bachelor of Engineering in Mechatronics, despite knowing his passion lies with computers. Graduated in 2004, he gained employment with UniKL-BMI. Since then, he dabbled in the arcane world of unix and linux, lived on the bleeding edge with knoppix, kanotix and sidux. These days, he's slowing down a bit, opting for Linux Mint for desktop and Debian stable and testing for server setups. Picked up CCNA instructor certificate along the way, he is currently on an infrastructure design research team for private cloud service.
Amir Haris Ahmad
Amir Haris Ahmad is a visionary in information technology and computer security fields, with particular interest in DNS technology and IPv6. Prior joining Localhost SDN BHD, He was a Senior Researcher at .my DOMAIN REGISTRY, doing research on DNS Security Extension (DNSSEC). A familiar trainer for DNSSEC workshop in Malaysia and some international training events. Amir's extensive technical background includes computer security, DNS, UNIX operating systems, IPv6, and software development in C/C++, ruby and web technology (rails3). He was also a speaker on DNSSEC related topics at few conferences such as MOSC, MYGOSSCON and Hack in The Box (SIGINT-HITB2010KL). At Localhost he is currently head his own development team on some potential projects that involve new technology such as DNS/DNSSEC appliance for .my registry (MYNIC). A registered member of Internet Society Malaysia Chapter (ISOC), Malaysian National Computer Confederation (MNCC), The Open Web Application Security Project (OWASP) and Information Security Professional Association of Malaysia (ISPA). At mean time Amir holds M.Sc, CNE6, GSEC, GCIH, LPIC1, CiSE, NCLA & MCP. He also will be presenting at APECTEL44, talking about DNSSEC related topic.
Final Program
Day 1 - 20 September 2011
- Reminder: Workshop participants please bring your laptop during the workshop sessions
| Time | Web Security: Analysis and Incident Handling on web Attack/Incident by Adnan Mohd Shukor & Alip Aswalid Asri
|
Introduction IT Audit & Assesment by Harisfazellah Jamel |
Introduction to Ethical Web Application Hacking "Pentest" by Syed Zainudeen Mohd Shaid |
| 8.00a.m | Registration (Level 7)
| ||
| 8.30a.m | Lab 706
|
Lab 707
|
Lab 708
|
| 10.00a.m | Morning break (Level 7)
| ||
| 10.20a.m | Lab 706
|
Lab 707
|
Lab 708
|
| 1.00p.m | Lunch (Level 7)
| ||
| 2.00p.m | Lab 706
|
Lab 707
|
Lab 708
|
| 3.45p.m | Tea Break (Level 7)
| ||
| 4.00p.m | Lab 706
|
Lab 707
|
Lab 708
|
| 5.30p.m | Training Ended
| ||
***Reminder: Workshop participants please bring your laptop during the workshop sessions
Day 2 - 21 September
| Time | Activity | Location |
| 8.00a.m | Registration | Bestari Lecture Hall, Lvl 2 |
|---|---|---|
| 8.30a.m |
Opening Ceremony Recitation of Dua’ Welcoming Speech by Dr Shahrul Niza Opening Speech by Mohd Fazli Azran Appointment of UniKL MIIT as OWASP EDUCATION SUPPORTER Montage & UNIKL-MIIT Keynote Speech by Adli Wahid |
Bestari Lecture Hall, Lvl 2 |
| 9.45a.m | Morning Break (Corridor Bestari Lecture Hall Lvl 2, VVIP at Lvl 29, Banquet Room) | |
| 10.00a.m |
Suhas Desai "Mitigating Security Risk in Mobile Payment Application" |
Bestari Lecture Hall, Lvl 2 |
| 10.45a.m |
Ahmad Azizan "Gallus: Analyzing Malicious PDF" |
Bestari Lecture Hall, Lvl 2 |
| 11.30a.m |
Azril Azam Abdul Rahim "Identify, Mitigate & Prevent DDOS Attack via libNetFilters Que" |
Bestari Lecture Hall, Lvl 2 |
| 12.15p.m |
Mohd Hafiz Tabrani "pKaji: Suspicious PHP Script Analyzer"
|
Bestari Lecture Hall, Lvl 2 |
| 1.00 |
Lunch Corridor Bestari Lecture Hall Lvl 2, VVIP at Lvl 29, Banquet Room | |
| 2.00p.m |
Errazudin Ishak |
Bestari Lecture Hall, Lvl 2 |
| 2.45p.m |
Walter Wong |
Bestari Lecture Hall, Lvl 2 |
| 3.40p.m |
Tea Break Corridor Bestari Lecture Hall Lvl 2, VVIP at Lvl 29, Banquet Room | |
| 3.45p.m |
Mohd Redzuan Isa "Cloud Computing: Covering Our Bases" |
Bestari Lecture Hall, Lvl 2 |
| 4.30p.m |
Amir Haris Ahmad "DNS Security" |
Bestari Lecture Hall, Lvl 2 |
| 5.30p.m | End of Events | |
Preliminary Program
The final program will be available before September 2011.
Sponsor US!
Malaysia Computer Emergency Respond Team
Computer Security System Club by Student UniKL-MIIT
Open Source Developer Community Malaysia
New in 2011, we are offering exclusive OWASP Day KL 2011 Sponsorships to provide additional benefits and streamline the planning process for our most supportive organizations.
Please contact us directly if you have any related question.
Intented Sponsors:
Members
OWASP Malaysia representative:
UniKL representative:
- Hamidon Katan (Advisor)
- Herny Ramadhani Mohd Husni (Project Leader)
- Shafiza Mohd Shariff (Deputy Project Leader)
- Norhaiza Ya Abdullah (Secretary)
- Dalilah Abdullah (Treasurer)
- Husna Sarirah Husin (Committee Members)
- Wan Hazimah Wan Ismail (Committee Members)
OSDCMY representative :
- Khairunnajah Abd Kadir (Project Manager)
- Harisfazillah Jamel (Promotion & Advertising
- Hidzuan Hashim (Committee Members)
- Mohd Rizal Mohd Shahari (Committee Members)
- Sharuzzaman Ahmat Raslan (Committee Members)
AJK Student:
- Ahmad Amran Bin Ahmad (Project Manager)
- Amirul Adli Bin Zaimal (Committee Members)
- Mohamad Ridhwan Bin Mohiddin (Committee Members)
- Mohamed Ridzuan Bin Frosh Khan (Committee Members)
- Mohd Syafiq Bin Azizan (Committee Members)
- Muhammad Haziq Bin Muhammad Badri (Committee Members)
- Nur Ainnadjla Binti Mohd Baharudin (Committee Members)
- Nur Marini Binti Azhan (Committee Members)
- Nurul Akmal Binti Mohamad Ramli (Committee Members)
- Norfarishah Bin Zaini (Committee Members)
- Norhafizah Binti Nizar (Committee Members)
- Qamar Syams Bin Borian (Committee Members)
Registration Fee
If you are neither an OWASP member nor an OWASP Malaysia chapter member, please feel free to join us!
It is free for all OWASP Paid members and all OWASP Malaysia Paid chapter members.
| Event |
Early Bird (Before 10 Sept 2011) |
Normal (From 10 Sept 2011) |
|---|---|---|
|
1. Seminar a. Member |
Free |
Free |
|
2. Workshop a. Analysis & Incident Handling |
MYR 198 |
MYR 228 |
|
3.Workshop and Seminar |
MYR 239 |
MYR 279 |
Please ensure that the information given are correct before submission.
Our staff will send confirmation email and payment MUST be made within 5 working days.
Method of payment:
A) cash deposit.
B) LO & PO for government only.
C) cheque deposit .
D) online money transfer.
ACCOUNT DETAIL:
INSTITUT INFOTECH MARA SDN BHD
14260000004107
CIMB BANK
For more inquiries on payment, please contact:
Mrs Dalilah bt Abdullah
No. Telephone : +603-21754363 / +60321754365 / +60321754370 / +60321754210
No. Fax : +603-21754441
Accommodation
Please check the local hotel website for detail information. For more details please check at logistic tab.
Venue
Universiti Kuala Lumpur
website: http://www.unikl.edu.my
Hotel
For the Hotel suggested near at the venue area:
Travel
How to obtain a visa for the event
- Invitation letter will be sent out for overseas attendees after registration.
- For detailed information on obtaining a business visa for this event, please refer to Malaysia embassy
