OWASP Kuala Lumpur

Bersatu Kita Teguh Bercerai Kita Roboh by OWASP Kuala Lumpur.

Welcome

OWASP Kuala Lumpur now officially has a monthly meetup. We are a non-profit organization. We welcome all Malaysians to join us and share the knowledge, skill, idea and related to make OWASP Kuala Lumpur Project benefits everybody. OWASP Kuala Lumpur Project as well as the pioneer project for Web Security Application. Any private sector that wants to contribute and sponsor are welcome. If you wanted to talk at Our Chapter, please reach out to Mohd Fazli Azran.

OWASP Kuala Lumpur is proudly celebrating OWASP’s 20th Anniversary!

OWASP 20th Anniversary Image

Participation

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve software security. Our projects, tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

Speakers

  • Everyone is welcome to join us at our chapter meetings. Please, See Meeting Schedule

Project Volunteering

We are currently open to any OWASP Kuala Lumpur members to submit a project to be volunteered.

Project On Progress

Here are the lists of projects that OWASP Kuala Lumpur Chapter Project members have submitted:-

  1. TBA

Past Events

For all new members and existing members, please be free to contribute to OWASP Kuala Lumpur Chapter. If you are committed to helping OWASP Kuala Lumpur Chapter, please subscribe to OWASP Membership for the individual. For Corporate sponsor OWASP Kuala Lumpur, don’t hesitate to get in touch with OWASP Admin.

We are welcome you to join our conversation. If you have any queries, don’t hesitate to contact OWASP Admin. Everyone is welcome to join us at our chapter meetings.

Related Security Events for this years.

2018

NanoSec Conference 2018 (NanoSec2018) 10 October 2018

2017

Durian Conference 2016 (Durian Conference) 8 April 2017

Malaysia Open Source Conference 2017 (MOSC2017) 17 - 18 May 2017

2016

OWASP DAY KL 2016 (OWASPKL2016) 15 - 17 November 2016

Black Hat Asia 2016 (BHAsia2016) 29 March - 1 April 2016

MOSCMY 2016 (MOSCMY2016) 25 - 27 May 2016

2015

Black Hat Asia 2015 (BHAsia2015) 24-27 March 2015

Info Security Malaysia Conference 2015 (InfoSec2015) 12 August 2015

International Conference On Library 2015 (ICOL2015) 25-26 August 2015

2014

OWASP AppSec AsiaPac 2014 (AppSecAsiaPac2014) 17-20 March 2014

Info Security Malaysia Conference 2014 (InfoSec2014) 12 August 2014

Malaysia Open Source Conference 2014 (MOSC2014) 24-25 September 2014

Hack In The Box 2014 (HITBSecConf2014) 13-16 October 2014

OWASP Asia Tour 2014 (Asia Tour 2014) 4 November 2014

2013

OWASP AppSec AsiaPac 2013 (AppSecAsiaPac2013) 19-22 February 2013

ZebraCon 2013 (ZebraCon2013) 27-28 August 2013

Malaysia Open Source Conference 2013 (MOSC2013) 10-11 September 2013

HITBSecConf 2013 (HITBSecConf2013) 14-17 October 2013

2012

OWASP Global AppSec AsiaPac 2012 (AppSecAsiaPac2012)11-14 April 2012

FUDCon AsiaPac KL 2012 (FUDConKL2012) 18-20 May 2012

EPF ISSS Quarterly Services Status Meeting and Technology Presentation Update 14 June 2012 (Closed Invitation)

Cyber Security, Cyber Warfare and Digital Forencis (CyberSec12) 26-28 June 2012

Malaysia Open Source Conference 2012 (MOSC2012)8-10 July 2012

Hack In The Box (HITBSecConf2012) 8-11 October 2012

Hacker Halted AsiaPac 2012 (HHAPAC2012)19-22 November 2012

2011

KL GreenHAT Challange 2011 (KLGHC 2011) 9-10 February 2011

OWASP Summit 2011 (OWASP Summit 2011) 8-11 February 2011

Counter eCrime Operation Summit V 2011 (CECOSv 2011) 27-29 April 2011

Info Security Conference 2011 (INFOSEC 2011) 12 May 2011

Malaysia Open Source Conference 2011 (MOSC2011) 3-5 July 2011

OWASP Day KL 2011 (OWASP Day KL 2011) 20-21 September 2011

Hack In The Box (HITBSecConf2011) 10-13 October 2011

Security Black Belt Day 2011 (SBBD2011) 3 November 2011

Mozilla AsiaCamp 2011 (MozCamp Asia 2011) 18-20 November 2011

Hacker Halted APAC (HHAPAC2011) 15-17 November 2011

Malaysia Government Open Source Conference 2011 (MyGOSSCON2011) 29-30 November 2011

Computer Security Day 2011 (CSD2011) 30 November 2011

2010

Malaysia Open Source Conference 2010 (MOSC2010) 29/30 June - 1 July 2010

Advanced Identify Management & Security 2010 (AIMS 2010) 20-21 September 2010

Next Generation Broadband Wireless Architecture Masterclass (NGBWAM 2010) 28-29 September 2010

Gartner Security Local Briefing 2010 (GartnerSec 2010) 15 July 2010

Hack In The Box 2010 (HITBSecconf 2010) - 4-14 October 2010

OSS Day KPM 2010 (OSS KPM 2010) - 12-13 October 2010

KL Green Hat 2010 (KLGH 2010) - 19-20 October 2010

CyberSecurity Malaysia Conference & Exhibition 2010 (CSMCE 2010)- 25-28 October 2010

Malaysia Government Open Source Conference 2010 (MyGOSSCON 2010)2-3 November 2010

Hacker Halted Asia Pacific 2010 (HHAPAC2010)- 9-11 November 2010

AMDI-USM OSS Day (AMDIOSS) 23 December 2010

Webinar

2012

Secure Mobile App Development: Differences from Traditional Approach - 31 January 2012 10.00p.m PST

Automated Hacking Tools - Meet the New Rock Stars in the Cyber Underground 27 June 2012 9.00a.m GMT

Board Of Members

Chapter Leader - Mohd Fazli Azran

Board Of Members 2010

Advisor - Amir Haris (MyNIC Berhad)

Observer - MySecurity Community (MySecurity)

Meeting Chapter

1st OWASP Meetup 2018

OWASP Malaysia is Open Web Application Security Project for Malaysia Chapter. We like to share and discuss about security. Feel to join and participate as community. This is Open Source Project by OWASP Foundation.

  • Topic : 1st OWASP Malaysia Meetup 2018
  • Date : 5 April 2018 (Thursday)
  • Time : 8.00a.m - 2.00p.m
  • Venue : Hall Level 7, CyberSecurity Malaysia

csm1.jpgmycert.jpg

  • Event Program:

8.00a.m - 8.45a.m - Arrival Participant & Registration 8.45a.m - 9.00a.m - CEO,CTO & SVP Arrival 9.00a.m - 9.05a.m - Negaraku 9.05a.m - 9.10a.m - Doa recitation 9.10a.m - 9.15a.m - Speech by OWASP Malaysia Chapter Leader 9.15a.m - 9.20a.m - Keynote Speech by CEO CSM 9.20a.m - 9.30a.m - Refreshment 9.30a.m - 10.05a.m - Speech By Kamarul Baharin - Mobile Apps Analysis (My Experience) 10.05a.m - 10.40a.m - Speech By Adnan Shukor - Traffic Distribution System 10.40a.m - 11.15p.m - Speech By Ahmad Ramadhan - Responsible Disclosure 11.15a.m - 11.50p.m - Speech By Mr. Khairul Nadzmi - rawSEC: Empowering Local Security Community 11.50p.m - 2.00p.m - Lunch Sponsor by CSM & Network Session

OWASP Meetup Q2 2017

OWASP Malaysia is Open Web Application Security Project for Malaysia Chapter. We like to share and discuss about security. Feel to join and participate as community. This is Open Source Project by OWASP Foundation.

  • Topic : OWASP Malaysia Meetup Q2 2017
  • Date : 18 July 2017 (Tuesday)
  • Time : 8.00a.m - 2.00p.m
  • Venue : Auditorium Hall, Microsoft Malaysia, Level 26, Petronas Tower 3, KLCC

microsoft.jpg

  • Event Program:

8.00a.m - 9.00a.m - Arrival Participant 9.00a.m - 9.10a.m - Official Launch & Opening Speech by Microsoft Malaysia 9.10a.m - 9.20a.m - Speech by OWASP Malaysia Chapter Leader 9.20a.m - 9.35a.m - Keynote Speech by Datuk Wira Dr. Abu Bakar Mohamad Diah 9.35a.m - 10.00a.m - Breakfast 10.00a.m - 10.35a.m - Speech By Sanjay WS - The Security Problem & The Security Solution 10.35a.m - 11.10a.m - Speech By Walter Wong - Consumer Security Impact with Cloud and Machine Learning 11.10a.m - 11.45p.m - Speech By Razwan Mokhtar - Dealing with HealthCare Internet of Things security 11.45a.m - 12.20p.m - Speech By Hasnan Hasim - Introduction Rimau WAF 12.20p.m - 1.00p.m - Speech By Sina Manavi- Cyber-Crime as a Service and Quick Win Strategy to Tackle Them 1.00p.m - 2.00p.m - Pre Lunch by Microsoft

  • Topic - The Security Problem and The Security Solution

Sanjay WS is a CTO of Astiotech Sdn Bhd and MVP Entreprise Security. In this session, I would like to share the security problems that are still plaguing Windows users until we see a worldwide pandemic security fear recently on ransomware. We walkthrough the historical security journey of Windows users and what Microsoft has done to address them. In Windows 10, Microsoft claims to have a silver bullet approach alongside other security primers in Windows 10, will it make the cut? You decide. I also hope to present a custom compromise in Windows that can easily be exploited in any version of Windows and let’s turn on this security solution and see if it survives.

jayws.jpg

  • Topic - Rimau WAF

Hasnan Hasim holds a bachelor’s degree in computer science (information technology) form ukm. With more than 15 years of experience handling Linux server and security device such as firewall, ips, ida and snort rules, ICT operations, training And system development In government sector. Main programming language using php, Java script. His presentation will show next generation WAF using mod_security with modern web UI for easy management.

Nan.jpg

  • Topic - Consumer Security Impact with Cloud and Machine Learning

Walter Wong is a technical lead in Gain Secure, a Malaysian-based company. The company specialized for providing secure application development and user experience (UX) consultation services to customers. Walter is a Microsoft MVP for developer security and Microsoft Azure. Research on application development security is Walter’s personal interest. He also successfully discovered many websites vulnerabilities including some high traffic websites over the past few years. Walter often speaks at technical conferences such as Visual Studio 2010 Launch, TechEd SEA, Security Symposium, TechNet/MSDN, Tech Insights and more. Hosting the application in the cloud infrastructure does not guaranty your application and data security by default. It’s developer responsibility to ensure the application developed, configured and hosted is secure by default. Come and join Walter in his demo packed rollercoaster ride to understand more about Microsoft Azure security features. If you looking forward for a demo how to break the application hosted in Azure, this is the session you don’t want to miss.

Walter.jpg

  • Topic - Cyber-Crime as a Service and Quick Win Strategy to Tackle Them

Sina is an Iranian Senior Information Security Consultant working in banking industry as a CISO advisor helping the banks to design, develop and implement IT Security Blueprint, Project Monitoring, Risk and Compliances, Threatlandscape analysis. He has over 8 years expericen in IT Security area from Application Security, Secure Coding, Vulnerability Management and Penetration Testing in Mobile and Web Applications, SAP systems and Network. He has also experience in Security Posture assessment, Risk and Compliances and regulations in financial industry.

Sina2.jpg

  • Topic - Dealing with HealthCare Internet of Things security

Razwan Mokhtar is a system consultant and overseas system engineer for iDataMap Corporation from Adelaide, Australia. The company is developing new products to bridge the gap in personal health care communications, it’s stored encrypted patient data for ready access by clinicians and is especially useful for DICOM images. For the last 4 years he is very active integrating medical devices & internet of things in hospitals around Asia. Previously in Malaysia, Razwan Mokhtar was experience in the malware analysts focusing in botnet, development, implementation and management of complex Information Security for Department of Defense, Royal Malaysia Police, Royal Malaysian Navy and International Banks.

wansen.jpg

Registration are now open for all. Please download the apps name “OWASP Malaysia Meetup 2017” from Play Store (Android) & App Store (iOS) Please bear in mind this meetup have limited seat only 100ppl. Please register now to book your seat.

OWASP Meetup Q3 2016

OWASP Malaysia is Open Web Application Security Project for Malaysia Chapter. We like to share and discuss about security. Feel to join and participate as community. This is Open Source Project by OWASP Foundation.

  • Topic : OWASP Malaysia Meetup Q3 2016
  • Date : 22 September 2016 (Thursday)
  • Time : 8.00a.m - 2.00p.m
  • Venue : Hall Level 7, CyberSecurity Malaysia

csm1.jpgmycert.jpg

  • Event Program:

8.00a.m - 9.00a.m - Arrival Participant 9.00a.m - 9.10a.m - Official Launch & Opening Speech by CEO CyberSecurity Malaysia 9.10a.m - 9.20a.m - Speech by OWASP Malaysia Chapter Leader 9.20a.m - 10.00a.m - Breakfast 10.00a.m - 10.35a.m - Speech By Melvin Lim (Infoblox) - Data Exfiltration over DNS 10.35a.m - 11.10a.m - Speech By Mohamed Fadzlee Sulaiman (CSM) - CyberDEF: Uncovering Future Threats 11.10a.m - 11.45p.m - Speech By Ahmad Ashraff bin Ahmad (ISC) - Security Through Obscurity : Good or Bad? 11.45a.m - 12.20p.m - Speech By Azril Rahim (ISC) - A Practical Low Cost Cyber Threat Intelligence for SME 12.20p.m - 1.00p.m - Speech by Jay Chow (Rapid7) - Application Assessment for the Modern World 1.00p.m - 2.00p.m - Pre Lunch by CSM

  • Topic - Security Through Obscurity : Good or Bad?

Ahmad Ashraff bin Ahmad will share on his 6 years experience conducting penetration testing and bug bounty hunting related to the ‘Security Through Obscurity’. Is it the right choice to depend on security appliance? Is it bad to leave the code vulnerable while being protected by these ‘obscurity’? What’s the impact to the community?. Ahmad Ashraff was a chemical engineering student from UTP. Choose to be in the ITsec because of his believe in ‘following your passion’ will lead to the right path. 6 years as a pentester. Have been with multiple security companies to learn the strong,weakness,gaps that is currently missing in ITsec MY. Active in bug bounty, 1st place in Malaysia. 1st place in Bugcrowd.Currently working as a IT Security Specialist.

![](ahmadashraff.jpg "File:ahmadashraff.jpg")

  • Topic - Data Exfiltration over DNS

Started off as Solutions Specialist, Melvin carries with him over 13 years of security focus experiences working with leading companies like Bluecoat, McAfee, Akamai and Infoblox. With cyber defense always at the the top of his mind, he provided threat briefing, network security assessment workshops for many organisations in ASEAN, reviewed their network security posture for vulnerabilities, . In a few occasions, Melvin was called back by the organization when the security gaps he highlighted were subsequently exploited by the attackers. In Infoblox, Melvin focuses on data leakage over DNS, defense in depth against DNS DDoS and exploits, which are some of the least addressed security gaps in many organizations today.

![](melvinlim.jpg "File:melvinlim.jpg")

  • Topic - Application Assessment for the Modern World

Jay Chow brings with him more than 10 years of experience in the areas of network and security consulting, implementation, and support. Jay Chow has been on the ground designing, consulting and leading several key government and MNC security projects. Bearing deep practical and strong technical understanding on various security technologies in the market, Jay has been a valuable resource in providing security insights. In his role with Rapid7, Jay focuses on assisting mid-to-large enterprises engineer better security across the South Asia region by visualizing, contextualizing and extracting more insights on their current risk and security exposure.

![](jaychow.jpg "File:jaychow.jpg")

  • Topic - A Practical Low Cost Cyber Threat Intelligence for SME

Azril Rahim is a passionate cyber security expert with over 13 years of experiance. He is also an advocate for open source software where he also developed codes for computer security as well network and general purpose tools. His interest on computer security focuses on vulnerability assessment, pen-test, computer and network forensics, cyber threats intelligence, PKI and secure communication & network programming. He is also has won several awards from the Malaysian government for his work contribution in computer security. He is also hold several international certifications in computer security. Most of his cyber security work are proven hands on and validated via research papers, written & presented technical presentations, hands on work and also computer codes codings. More information about Azril work on computer security & programming can be obtain at his website at http://azrilrahim.site88.net

![](azril1.jpg "File:azril1.jpg")

Mohamed Fadzlee Bin Sulaiman is currently leading CyberDEF unit under Digital Forensics Department, CyberSecurity Malaysia. Eight years of experience in digital forensics has emphasized his credibility in solving criminal and civil cases in major fields including Computer Forensics, Network Forensics, Mobile Phone and Video Forensics. With CyberDEF he has been assisting organization and corporate companies by providing comprehensive cyber security solution especially for Critical National Information Infrastructure (CNII) sectors. Based on the prosecution necessity, he has also experienced as an expert witness to provide testimonial for various cases in court. To date, Mr. Fadzlee has conducted and handled analysis for more than hundred digital forensic cases including hacking, financial crimes, harassment, seditious,bribery, IP theft and etc. Occasionally, he is invited as a speaker and trainer at Government Linked Companies (GLC), local and foreign Law Enforcement Agencies.

![](fadzlee.jpg "File:fadzlee.jpg")

OWASP Meetup Q3 2015

OWASP Malaysia is Open Web Application Security Project for Malaysia Chapter. We like to share and discuss about security. Feel to join and participate as community. This is Open Source Project by OWASP Foundation.

  • Topic : OWASP Malaysia Meetup Q3 2015
  • Date : 14 September 2015 (Monday)
  • Time : 9.00a.m - 2.00p.m
  • Venue : Banquet Hall, Level 29, UniKL MIIT, Jln Sultan Ismail, KL

unikl.jpg

  • Event Program:

9.00a.m - 10.00a.m - Arrival Participant 10.00a.m - 10.10a.m - Official Launch & Opening Speech by 10.10a.m - 10.20a.m - Speech by OWASP Malaysia Chapter Leader 10.20a.m - 10.30a.m - Breakfast 10.30a.m - 11.05a.m - Speech By Adnan Mohd Shukor (BlueCoat) - Attacker Toolkit and Strategic Web Compromise 11.05a.m - 11.40a.m - Speech By Sina Manavi (Kaapagam Technologies) - 11.40a.m - 12.15p.m - Speech By Farhan Faisal - Network Threat Visibility 12.15p.m - 1.00p.m - Speech By Adli Wahid (APNIC) - Establishing Security Response Capabilities 1.00p.m - 2.00p.m - Social Network (Refreshment)

  • Topic - Attacker Toolkit and Strategic Web Compromise

Adnan Mohd Shukor or (@xanda) is a Threat Analyst at BlueCoat System. He detects, analyzes, and blocks web threats and one of his areas of expertise is in exploit kit detection. He also contributed codes and patches to several open source projects and communities before, and most of them are in IT security related projects. Prior to joining BlueCoat System, he was the Senior Analyst at Malaysia CERT, CyberSecurity Malaysia

adnanshukor.jpg

  • Topic -

Sina Manavi s a security enthusiast interested in penetration testing and digital forensics investgation. He has a master`s degree in computer science in the field of digital forensic investigation, and also certificate holder of CEH and CHFL. He has conducted many security talks and practical workshops and training on web/network/mobole penetration testing in Malaysia. His main interest is in mobile app penetration testing. He started his IT career as a software and database developer, and later joined the software database designing field. Currently, he works as professional trainer and information security consultant for Kaapagam Technologies Sdn Bhd in Malaysia.

sinamanavi.jpg

  • Topic - Network Threat Visibility

Farhan Faisal He started his way in system administration, exposed to the real threats every day,gaining real experience from live system. Got GPEN, CCNA, and work experience in MyCERT allows him to work on real customer’s network and various environment. He have done Network Forensic, Incident Management, Penetration Testing, and Security Monitoring for various organization and government agencies. He runs his company Scan Insight Sdn Bhd, and right now building External Threat Monitoring

farhanfaisal.jpg

  • Topic - Establishing Security Response Capabilities

Adli Wahid (@adliwahid) is a Security Specialist at the Asia Pacific Network Information Centre (APNIC) in Brisbane, Australia. He does a lot of engagement with network operators, CERTs/CSIRTs, Law Enforcement and Inter-Government Agencies. He is also a member on the Board of Directors of the Forum of Incident Response and Security Teams (FIRST). Prior to joining APNIC he was the Head of Malaysia CERT at CyberSecurity Malaysia and a member of MUFG-CERT (Bank of Tokyo-Mitsubishi UFJ) You can read some of his activities at APNIC’s blog https://blog.apnic.net/

adliwahid.jpg

OWASP Meetup Q2 2015

OWASP Malaysia is Open Web Application Security Project for Malaysia Chapter. We like to share and discuss about security. Feel to join and participate as community. This is Open Source Project by OWASP Foundation.

  • Topic : OWASP Malaysia Meetup Q2 2015
  • Date : 12 June 2015 (Friday)
  • Time : 8.00a.m - 2.00p.m
  • Venue : Theater Room, Level 7, CyberSecurity Malaysia, Seri Kembangan, Selangor

csm1.jpgmycert.jpg

  • Event Program:

8.30a.m - 9.00a.m - Arrival Participant 9.00a.m - 9.10a.m - Official Launch & Opening Speech by Dr. Amirudin Abdul Wahab CEO CyberSecurity Malaysia (CSM) 9.10a.m - 9.20a.m - Speech by OWASP Malaysia Chapter Leader 9.20.a.m - 9.50a.m - Speech By Fatah Al-Farihin (CSM) - Zero day malware detection/prevention using open source software - Proof of Concept 9.50a.m - 10.20a.m - Speech By Dick Bussiere (Tenable Security)- The increasing importance of Continuous Network Monitoring in today’s Cyberworld 10.20a.m - 10.35a.m - Rest 10.35a.m - 11.05a.m - Talk by Walter Wong (GainSecure) - Security Awareness for .Net Developers 11.05a.m - 11.45a.m - Speech by Azril Aari (Infoblox) - Advance Financial Malware: GameOver Zeus - The art of espionage, data ex-filtration and network disruption 11.45a.m - 12.15a.m - Speech By Ken Too (Vectra Network) - An Analysis of Recent Cyber Attacks 12.15p.m - 2.00p.m - Social Network (Friday Pray)

Abstract: Zero day malware detection/prevention using open source software - Proof of Concept Today, as computer attacks tend to be malware-centric, the cyber criminals have introduced sophistication in their attack techniques that makes the traditional way of protecting the enterprise with firewalls, intrusion detection systems and antivirus software at the network perimeter ineffective. While maintaining Honeypot technology to collect malware information from the Internet & internal organizations, we would like to present a proof on concept on mitigating zero day malware using several combination of open source projects involving malware collection from network traffic, ssl interception, sandboxing. evading anti-vm, network ids/ips, process flow, etc. From the idea, we are welcoming contributions & collaboration from the public & education sector.

Bio: Mr Fatah is currently a Senior Analyst under Malware Research Centre, MyCERT Department. He has already worked in information security domain for almost 10 years in most domain in security posture assessment (penetration testing, source code audit, wireless assessment, web assessment, database assessment, etc.), software development, geographical information system, managed security services, and others. He holds information security professional certification such as GWAPT, OSWiSP, HP ArcSight Certified Professional, ITILv3, CNE6, etc.

fatah.jpg

Abstract: The increasing importance of Continuous Network Monitoring in today’s Cyberworld

Bio : Mr. Dick Bussiere is Tenable Network Security’s Principal Architect for the Asia Pacific Region. In this multifaceted role, Mr. Bussiere is responsible for evangelizing the criticality of vulnerability assessment, vulnerability management, and thorough security monitoring as part of an organizations enhanced security posture. Mr. Bussiere is a frequent public speaker on these and other security and networking mattersMr. Bussiere frequently assists Financial Services Organizations, Governments, and Managed Security Service Providers in adopting a regimen of pro-active vulnerability management to help them reduce their vulnerability footprint.

Prior to Tenable, Mr. Bussiere was Arbor Network’s Solution Architect for Asia Pacific. In this role, Mr. Bussiere assisted organizations in assessing their risk exposure to Distributed Denial of Service attacks. He has advised several regulatory bodies on recommended legislation to protect critical infrastructure against DDoS attacks. Mr. Bussiere is a seasoned technical architect with over 20 years of experience in ICT security, computer networking, and engineering. Mr. Bussiere has a strong background in Research and Development, including both software and hardware engineering.

Mr. Bussiere was a principle in an ICT security consulting firm and provided consulting services to numerous business, academic and government organizations. Activities included developing network security architectures with an emphasis on intrusion detection and prevention techniques, as well as the development of comprehensive organizational security policies. Additionally, Mr. Bussiere was an active contributor to the IEEE P1901 Power Line Communication security architecture and specification. Mr. Bussiere is the holder of five patents related to computer networking. He was also an active participant in the IEEE and IETF working groups.

Dick.jpg

Abstract: Security Awareness for .Net Developers Design and code carefully can protect today’s complicated business application. With the rising of cyber–attacks in recent years, developer security become an important aspects for all software business. If you are .Net developer, this session will show you the tips and tricks of secure your applications, understand security threat, tools and others.

Bio: Walter is the founder for Gain Secure based in Malaysia. The company specialized for providing secure application development and user experience (UX) consultation services to customers. Walter is a Microsoft MVP for developer security. Research on application development security is Walter’s personal interest. He also successfully discovered many websites vulnerabilities including some high traffic websites over the past few years. Walter often speaks at technical conferences such as TechDays Hong Kong, TechEd SEA, Security Symposium, TechNet/MSDN, Tech Insights and more.

walter.jpg

Abstract: Advance Financial Malware: GameOver Zeus - The art of espionage, data ex-filtration and network disruption GameOver ZeuS (GoZ) is the most sophisticated & the most researched malware to date. Since the released of the 2nd version of the original gruesome ZeuS malware, the new variant so-called “gameover” comes with a different strength and capabilities. It is more resilient, stealthy and deadly. It has cause the lost of millions of dollars and there are no specific methods to stop it. This has forced the FBI to put a bounty head for its creator.

Without any leading leaked source codes on its new capabilities & strength, most leading knowledge on GoZ is based on a 2 years of “assumption” from various threat intelligence’s collected share data around the globe. The assumption date were derived from analyzing its network behavior and some reverse-engineered dumped codes since 2013.

This presentation contents will be based on the collaborate data that has been collected by Infoblox’s Threat Intelligence group. The focus will be in discussing GoZ capabilities, how to detect & mitigate it.

Bio: Mr Azril is currently a core security researcher with Infoblox’s Threat Intelligence Group based in Santa Clara, California USA. He has already worked in information security domain for almost 12 years with interest in computer forensics, PKI, trusted computing, virtualization, secure programming, penetration testing and malware analysis. He has been an active speaker at international industry conferences since 2005. He has authored several technical papers and developed award winning open source software particularly in computer forensics, trusted computing & virtualization. Graduated with 2 degrees in computer science and operation management from the University of Missouri, he also holds information security professional certifications such as GCFA, CEI, ECSP and CEH.

Azril1.jpg

Abstract: An Analysis of Recent Cyber Attacks Over the past year, cyber attacks have gone from being a worst-case scenario for security teams to a real-world certainty. Yet for all the recent investment and focus on cyber security, attackers continue to succeed at stealing or destroying our most valued assets. In this discussion, we will deconstruct recent cyber attacks to see what is working in security and where the industry still has gaps. Then we will go beyond the search for simplistic silver bullets, and propose new models of defense-in-depth that can apply generically to detecting today’s most sophisticated attacks.

This session will cover: - An analysis of recent cyber attacks and what they have in common - Understanding the inherent advantages attackers enjoy today, and how we can turn the tables - Proposing a repeatable methodology for automating the detection of breaches and APTs

Bio: Ken Too Ken Too is a Technical Director for Datapath Networks Sdn Bhd, focused on solutions using machine learning and data science that provide protection beyond the perimeter. Ken has a long history in security and had been working with HP & CSC. His discussion will deconstruct recent cyber attacks and how they are unfolding globally with a goal to propose repeatable and generic solutions to prevent damage to valuable assets.

Kentoo.jpg

  • Please register here:

https://docs.google.com/forms/d/1UQb-EYR4oXh0qmelrM1SB7Abyj7R4LFdZi_kLtIbU4E/viewform

This events will covered by local newspaper and media by

Awani.jpg Bh.png

OWASP Meetup Q1 2015

We welcome all the people that have interest to join this mini events and it open to everybody. Meetup with all hacker around Malaysian and Open Discussion with CyberSecurity Malaysia

  • Date : 19 January 2015
  • Avenue: Dewan Seminar, Menara Razak, UTM Jalan Semarak, Kuala Lumpur
  • Schedule
  • Time : 9.00a.m - 1.00p.m
  • Event Program:

9.00a.m - 10.00a.m - Arrival Participant 10.00a.m - 10.10a.m - Opening Speech by CSM VVIP 10.10a.m - 10.20a.m - Speech by OWASP Malaysia Chapter Leader 10.20a.m - 11.20a.m - Speech By Saharudin Saat - Capturing Web Application Threats Virtual CMS Honeypot 11.20a.m - 12.20p.m - Speech by Sandeep Nain - Introducing Application Security In Your Organization Think Like a Developer 12.20p.m - 1.00p.m - Social Network 1.00p.m - 2.00p.m - Refreshment

  • Please register here :

https://docs.google.com/forms/d/1UQb-EYR4oXh0qmelrM1SB7Abyj7R4LFdZi_kLtIbU4E/viewform

  • Required registration at (https://docs.google.com/a/owasp.org/forms/d/1b5I0n2KyvuyqmsNb68PCs-w7mNruWpLXIbY74qVcf2o Click Here])

University Technology Malaysia (Maps)

Facebook Event https://www.facebook.com/events/381598735333730/

Title : Capturing Web Application Threats - Virtual CMS Honeypot by Saharudin Saat

Opensource Content Management System (CMS) is very popular and widely used by web administrators around the world nowadays because of their simplicity for the instant web application solution. Consequently, web applications have increasingly been the focus of attackers because of the unintentional web vulnerabilities that comes from the newly introduced functionality. This project aims at enhancing the level of security for CMS inside the Universiti Teknologi MARA (UiTM) network by providing the most extensive way on developing Virtual CMS Honeypots. The outcome is hoped to ease the web administrators to monitor any kind of computer threats such as hackers, worms and viruses in more comfortable and efficient way. The results also will provide the administrator some form of countermeasures for security purposes and traffic analysis. Using Customize Awstats, Snort, AcidBase and Proxy will provide a Honeypot for a rapidly expandable network and suit for the web administrator especially at UiTM to monitor webserver traffic activity and any latest computer threats.

BIO : Saharudin Saat is a System Administrator at Ministry of Domestic Trade Cooperatives and Consumerism with over 15 years of computer experience. Saharudin’s expertise in server technology, network security and cloud computing. He is also a consultant for open source software and cloud computing for some government related agencies.

Winner of the Kaspersky Southeast Asia Cup IT Security for the next generation 2009.Won third place in Malaysian Government Open Source Software Award (MyGOSS) 2012 .Saharudin holds a Degree in Computer Science (Hons) Data Communication and Networking from the Universiti Teknologi MARA Malaysia.

saharudin.jpg

Title: Introducing Application Security in Your Organization - Think Like a Developer by Sandeep Nain

To protect your enterprise from application layer attacks, your application security program needs to be goal-oriented and should be supported by a central team of professionals enabled with the best of the breed technologies; following effective processes. If you are wondering, how you can build such an application security program that effectively leverages secure development methodologies while being scalable and effective for a complex organization, this is the session to attend. In this session Speaker will cover:

  • 1. How to build secure development lifecycle for development teams using modern software development methodologies
  • 2. Challenges of enforcing secure development lifecycle at an enterprise scale
  • 3. Reasons why most application security programmes fail and how we can collaborate with development teams for easier enterprise adoption

BIO : Sandeep Nain is Managing Principal in HP Enterprise Security Products and leads Fortify Solution Consulting Services. In this role, he is responsible for the business growth and delivery of software security solutions for South Pacific and Asia region. Sandeep and his team help customers understand their business requirement for application security programme, assess their current security maturity state, design solutions which fit their need and deliver outcomes that exceed expectations.

Before joining HP, Sandeep was a Managing Partner at Appsecure, an application security specialist firm where he built and led the application security consulting team to provide enterprise grade application security solutions to Australian market. Prior to this, Sandeep held various security consulting positions at Pure Hacking, Fortify, IBM and Accenture. With an IT career spanning over 13 years, Sandeep is an accomplished Application Security Expert. He has worked alongside many high-profile national and international organisations, enabling them to produce secure software. He has extensive experience with enterprise grade software languages, software development frameworks, mobile platforms and security and risk management frameworks which makes him a perfect security advisor to our clients.

Sandeep has been actively involved in industry open source projects such as OWASP (Australia) and is active in the development of papers and initiatives published through the community. Sandeep has presented on application and database security at a number of national and international conferences. Academically, Sandeep holds a Master of Technology degree in Information Technology with specialization in Distributed Computing and several industry certifications including CISSP, CSSLP and CEH.

sandeep.jpg

  • Required

OWASP Meetup Q4 2014

  • Date : 4 November 2014 (Tuesday)
  • Time : 8.00a.m - 1.00p.m
  • Veneu: Dewan Seminar, Menara Razak, UTM, Jalan Semarak

Event Program:

Agenda

8.00a.m - 9.00a.m - Arriving all OWASPrians 9.00a.m - 9.15a.m - Opening Speech By OWASP Malaysia 9.15a.m - 10.15a.m - Opening Ceremony by Prof. Dr. Shamsul bin Sahibuddin (Dean of Advanced Informatics School, UTM) 9.45a.m - 10.15a.m - Social Activity 10.15.a.m - 11.15a.m Tobias Gondrom (OWASP Foundation) 10.15 .m - 10.45a.m - Wann Senn (Regal Paradigm) 1.45a.m - 12.15p.m - Amir Haris Ahmad (Localhost) 12.15p.m - 1.00p.m - Megat Muazzam Abdul Mutalib (CyberSecurity Malaysia) 1.00p.m - Networking & End

This events is FOC to all OWASPrian and Non-OWASPrian

Please Register and confirm your attendant here:

https://docs.google.com/forms/d/1J05m6wonvb6BYvAgK90JXN40PFkIWLX1XqR-dXlKs64/viewform

Our Speaker: wannsen.jpg amir.jpg tobias.jpg Megat.jpg

OWASP Meetup Q1 2014

  • Date : 17 March 2014 (Monday)
  • Time : 10.00a.m - 12.00p.m
  • Venue: Nexperts Academy Sdn Bhd

` C-3A-03, Block c, Level 3A, Phileo Damansara 1, No. 9, ` ` Jalan 16/11 off Jalan Damansara, 46350,Petaling Jaya, Selangor, Malaysia.`

  • Image:nexpert.png

Event Program:

9.30a.m - 10.00a.m - Arrival Participant 10.00a.m - 10.10a.m - Opening Speech by OWASP Malaysia Chapter Leader 9.10a.m - 9.20a.m - Speech by Mr. Aatif Khan (Hack Defense) 9.20.a.m - 12.00a.m - Web Security 2.0 Threat - Aatif Khan ` - Hacking Windows 7/8 wit USB - Aatif Khan 12.50p.m - 1.00p.m - Social Network`

BIO: Aatif Khan

aatifkhan.jpg

Speaker Profile: Aatif Khan, Application Security Evangelist, has delivered highly technical security training for conferences, universities, and corporate clients like Bank of America, Verizon,Amazon, Google, Yahoo, etc. to excellent reviews. He is also one of the main founding member of HDCRB (Hack Defense Certification Review Board). Aatif consults for application security, and is having specialization in security assessments/penetration testing, infosec training’s, and reverse engineering/malware analysis. Apart from his stupendous exposure in application security consulting from several years, he has also worked with Defense Personnel, Cyber Crime Police Officials and has also delivered over more than 2000 hours of Information Security training to IT Security Professional’s & Government Agencies. He has authored Books entitled “Ethical Hacking”, “Advance Penetration Testing”, “Backtrack Starter Manual” published by Packt Publications, UK. He is popularly known for designing the most advance course on “Advance Penetration Testing” with his Lab Book & Lab Exam, and has received stupendous feedback from top notch security experts. You can find more about him here - facebook.com/thenapsterkhan

Please register here :

https://docs.google.com/a/bio-xcell.my/forms/d/1kpxanFk4SeM5bwB9PbBdpKj1ZT9LWVxbpBqZowcGuSo/viewform

OWASP Meetup Q2 2013

  • Date : 16 July 2013 (Tuesday)
  • Time : 9.00a.m - 1.00p.m
  • Venue: IMATEC, INTAN, Bukit Kiara
  • INTAN.gif

Event Program:

8.30a.m - 9.00a.m - Arrival Participant 9.00a.m - 9.10a.m - Opening Speech by INTAN VVIP 9.10a.m - 9.20a.m - Speech by OWASP Malaysia Chapter Leader 9.20.a.m - 10.20a.m - Speech By Tobias Gordon - CISO for Manager 10.20a.m - 10.35a.m - Rest 10.35a.m - 10.50a.m - Talk by INTAN (TBA) 10.50a.m - 11.50a.m - Speech by Drew William - Governance, Risk and Compliance 11.50a.m - 12.50a.m - Speech By Tobias Gordon - Secure Coding 12.50p.m - 1.00p.m - Social Network

BIO: Tobias Gondrom

tobias.jpg

“Tobias Gondrom is CEO at Thames Stanley, a boutique Global CISO and Information Security & Risk Management Advisory based in Hong Kong, United Kingdom and Germany.

He has 15 yrs of experience in software development, application security, cryptography, electronic signatures and global standardization organizations working for independent software vendors and large global corporations in the financial, technology and government sector.

Over the years, he has trained and advised dozens of CISOs and senior information security leaders around the globe. Since 2003 he is the chair of working groups of the IETF (www.ietf.org), a member of the IETF security directorate, and since 2010 chair of the web security WG at the IETF. He has been in a number of project and chapter leadership roles for OWASP since 2007. Currently, he is a board member of the OWASP London and the CSA Hong Kong and Macau chapters and leads the OWASP CISO Report and Survey project. He is an ISC2 CSSLP and CISSP Instructor. Tobias has authored the Internet standards RFC 4998 and RFC 6283, also co-authored the books „Secure Electronic Archiving“ and the OWASP CISO Guide and is a frequent presenter at conferences and publication of articles (e.g. AppSec, IETF, ISSE, …).

BIO: Drew Williams

Drew.jpg

Drew Williams has a pedigree in information management and security that began more than 30 years ago while serving as a journalist and public affairs liaison in the U.S. Navy, participating in key military missions that included the U.S. counter-deterrent against the Soviet invasion of Afghanistan in 1979, and the attempted hostage rescue operation in Tehran in 1980.

On matters of State, Drew served on the President’s Partnership for Critical Infrastructure Security (a precursor to the Department of Homeland Security), and was one of a handful of original drafters of the 1996 Health Information Portability and Accountability Act (HIPAA) Security Policy guidelines for the U.S. government, the 1998 Common Vulnerabilities Enumeration (CVE) reporting model for how viruses and security risks are reported, and was a founding member of the Intrusion Detection Consortium (1999), and worked on the early stages of Common Criteria parameters for infosec product development. In 2004, Drew established the Center for Policy and Compliance for Configuresoft/VM-Ware, and lectures annually in Southeast Asia on IT security trends and best practices, and was named by a security consortium in Australia as “One of the top 20 most influential people in IT security in the Pacific” in 2010.

Please register here :

https://docs.google.com/a/owasp.org/forms/d/1KvFM22I3PkMaG087vNgB6m-DHHfOZyR3VRXgkexYxHY/viewform

OWASP Meetup Q1 2013

We welcome all the people that have interest to join this mini events and it open to everybody. Meetup with all hacker around Malaysian and Open Discussion with CyberSecurity Malaysia

  • Date : 3 April 2013
  • Avenue: Theater Room, Level 7, Bangunan [email protected], Seri Kembangan, Selangor

![](csm1.jpg "File:csm1.jpg")![](mycert.jpg "File:mycert.jpg")

  • Schedule

12.30p.m - Lunch (Provided by CSM) 1.00p.m - Registration 2.00p.m - Opening Speech by CSM VVIP 2.10p.m - Welcome Remark by Mohd Fazli Azran (OWASP Malaysia) 2.20p.m - Speech by MyCERT - Activity Hacking & Report 2012 2.45p.m - Speech by Jim Manico - Top 10 Web Security Defense 3.45p.m - Tea Break 4.10p.m - Q&A with the presenter (MyCERT, Jim & OWASP) 4.45p.m - Social Network 5.00p.m - Dismiss

  • Required registration at (https://docs.google.com/a/owasp.org/forms/d/1jS_17ppypXiX3fEtScjWimktGy4eBx0EdsyQoJ-H7h0/viewform?pli=1 Click Here])

CyberSecurity Malaysia (Maps)

Facebook Event https://www.facebook.com/events/575425859134709/

Title: Top Ten Web Security Defenses

We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Citigroup, PBS, Sega, Nintendo, Gawker, AT\&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and thousands of others have something in common – all have had websites compromised in the last year. No company or industry is immune. Programmers need to learn to build websites differently. This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.

jim.jpg

BIO: Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a background as a software developer and architect. Jim is also a global board member for the OWASP foundation. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and the OWASP podcast series.

  • Required

OWASP Meetup Q2 2013

We welcome all the people that have interest to join this mini events and it open to everybody. Meetup with all hacker around Malaysian and Open Discussion with CyberSecurity Malaysia

  • Date : 3 April 2013
  • Avenue: Theater Room, Level 7, Bangunan [email protected], Seri Kembangan, Selangor

![](csm1.jpg "File:csm1.jpg")![](mycert.jpg "File:mycert.jpg")

  • Schedule

12.30p.m - Lunch (Provided by CSM) 1.00p.m - Registration 2.00p.m - Opening Speech by CSM VVIP 2.10p.m - Welcome Remark by Mohd Fazli Azran (OWASP Malaysia) 2.20p.m - Speech by MyCERT - Activity Hacking & Report 2012 2.45p.m - Speech by Jim Manico - Top 10 Web Security Defense 3.45p.m - Tea Break 4.10p.m - Q&A with the presenter (MyCERT, Jim & OWASP) 4.45p.m - Social Network 5.00p.m - Dismiss

  • Required registration at (https://docs.google.com/a/owasp.org/forms/d/1jS_17ppypXiX3fEtScjWimktGy4eBx0EdsyQoJ-H7h0/viewform?pli=1 Click Here])

CyberSecurity Malaysia (Maps)

Facebook Event https://www.facebook.com/events/575425859134709/

Title: Top Ten Web Security Defenses

We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Citigroup, PBS, Sega, Nintendo, Gawker, AT\&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and thousands of others have something in common – all have had websites compromised in the last year. No company or industry is immune. Programmers need to learn to build websites differently. This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.

jim.jpg

BIO: Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a background as a software developer and architect. Jim is also a global board member for the OWASP foundation. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and the OWASP podcast series.

  • Required

Computer Security Day 2011

We welcome all the people that have interest to join the mini events and it open to everybody. Meetup with all hacker around Malaysian and Open Discussion with CyberSecurity Malaysia

  • Date : 30 November 2011
  • Avenue: Theater Room, Level 7, Bangunan [email protected], Seri Kembangan, Selangor

![](csm1.jpg "File:csm1.jpg")![](mycert.jpg "File:mycert.jpg")

  • Schedule

1.00p.m - 2.00p.m - Registration (Lunch Provided) 2.00p.m - Arrival Lt Col. (R) Prof Dato' Husin Bin Jazri 2.05p.m - Opening Speech by MC 2.10p.m - Doa 2.15p.m - Opening Speech by Mohd Fazli Azran (OWASP Malaysia) 2.20p.m - Introduction by the participant 2.50p.m - Presentation about CSM & activity CSM for 2012-2013 - Corporate Video - MyCERT Introduction by Adli Wahid Vice President Responsive Service CSM Dialogue 3.15p.m - Speech by CEO CyberSecurity Malaysia Lt Col. (R) Prof Dato' Husin Bin Jazri 3.40p.m - Q & A session 4.20p.m - Tea Break and Networking 4.50p.m - Dismiss

CyberSecurity Malaysia (Maps)

Facebook Event https://www.facebook.com/events/147779481990578/

  • Required

AMDI-USM OSS Day 2010

  • Date : 23 December 2010 Thurday
  • Time : 8.00a.m - 5.00p.m
  • Avenue : Hotel Seri Malaysia, Kepala Batas, Pulau Pinang Malaysia

AMDI USM OSS DAY will show a variety of interactive mix of activities that consistent with the objective to promote and bring awareness about Open Source Software in general:

Seminar: 9 talks related to the awareness of Open Source will be held consisting of activists, consumers, application developers or experienced specialists who also come from the Open Source industry itself.

Demonstration: as with any conference, AMDI USM OSS DAY will be holding a demonstration open to visitors who present at the event square. The demonstration is consist by activists, community and society where will provide an opportunity for visitors to know and see more closely what is open source and proprietary technology. We also promote activities in the demonstration area to enliven the program.

To register please click at here AMDI-USM (AMDI-USM OSS Day 2010)

OWASP 4th Meeting Malaysia Chapter

  • Date : 23 November 2010 Tuesday
  • Time : 2.00p.m - 5.00p.m
  • Avenue : Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia, Level 7, [email protected], Jln Tasik, Mines Resort City, Seri Kembangan, Selangor

![](csm1.jpg "File:csm1.jpg")![](mycert.jpg "File:mycert.jpg")

  • Agenda

2.00 : Arrival participant 2.10 : Offensive Security - Muhammad Muslim Mansor 3.40 : Web Application Firewalls: What are we really getting into? - Alex Tan 5.10 : Refreshment

OWASP 3rd Meeting Malaysia Chapter

  • Date : 19 October 2010 Tuesday
  • Time : 2.00p.m - 5.00p.m
  • Avenue : Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia, Level 7, [email protected], Jln Tasik, Mines Resort City, Seri Kembangan, Selangor

![](csm1.jpg "File:csm1.jpg")![](mycert.jpg "File:mycert.jpg")

  • Agenda

2.00 : Arrival participant 3.00 : Opening Speech 3.05 : Brian Ritchie - Topic TBA 4.05 : Adnan Mohd Syukor - Topic TBA 5.05 : Refreshment

OWASP 2nd Meeting Malaysia Chapter

  • Date : 15 May 2010 Saturday
  • Time : 3.00p.m - 5.00p.m
  • Avenue : City University College Of Science Technology (CUCST)

Image:City.png Map: City University

Topic :

` 1) Outbound Monitoring - the Forgotten Child in Infosec (1 hour) 2) Introduction to the new and highly lethal HTTP DDOS attack technique.(1 hour)`

Registration Fee : FOC

Parking Fee : FOC (More Parking)

Registration : http://www.facebook.com/event.php?eid=123844360964411&index=1

Speaker : Wong Onn Chee Background :

Wong Onn Chee : Chief Tehnology Office, Resolvo System, Singapore

Image:Onnchee.jpg

Onn Chee is currently working as the Chief Technology Officer in Resolvo Systems, a leading information leakage expert in Asia. He has led numerous large-scale projects, primarily in the government and defence sectors. His areas of expertise include information leakage protection, web security and security strategy. Onn Chee is a founding member and the first Vice-President of the Information Systems Security Association (ISSA), Singapore Chapter, the largest international, not-for-profit association for security professionals. He was also a former member of the Center of Internet Security (US) which provides well-recognised security benchmarks for various systems which are commonly used by US Federal Government and private organisations. Onn Chee is also the current Singapore chapter lead of Open Web Application Security Project (OWASP) which publishes the widely respected OWASP Top 10 web vulnerabilities. Other than being a information security professional, Onn Chee is also trained in BS 7799/ISO 17799, ISO 9000 and ITIL. He is also a certified Project Management Professional (PMP) and certified PRINCE2 Practitioner. In 2007, Onn Chee was appointed as the President of International Association of Software Architect (IASA), Singapore Chapter.

For more detail please contact: Mobile : 013-2048672 Email : [email protected]

OWASP 1st Official Meeting Malaysia Chapter

  • Date : 31 March 2010 Wednesday
  • Time : 2.30p.m - 5.00p.m
  • Avenue : CyberSecurity Malaysia (Sapura Building), Level 7, Jln Tasik, Mines Resort City, Seri Kembangan, Selangor
  • Agenda

2.30 : Arrival participant 3.00 : Opening Speech 3.15 : Introduction of OWASP 3.30 : Introduction of CyberSecurity Malaysia, Summary Report and Incident of Web in Malaysia 4.00 : Meeting Start - Chair Meeting : OWASP Malaysia Chapter Leader ` : Comittee Members - CyberSecurity Malaysia, MySecurity Community`

  • OWASP Board Of Members election.

BOM - University Representative BOM - Government Representative BOM - Community Representative BOM - Security Professional Representative BOM - Private Sector Representative

  • OWASP activities

1) Workshop 2) Events

  • Register Here : It FOC this is meeting not Workshop/Training/Seminar

http://www.facebook.com/event.php?eid=357732261091&index=1

Conference

OWASP Conference

Cyber Range Academy Conference 2018 (CRAC2018) 7-8 October 2018

World CyberSecurity Day 2018 (WCSD2018) 21-22 April 2018

[email protected] Cyber Campaign 2018 (ISCC2018) 18 April 2018

Cyber Range Academy Conference 2017 (CRAC2017) 26-27 September 2017

OWASP Day KL 2016 (OWASP Day KL 2016) 15-17 November 2016

OWASP Day KL 2011 (OWASP Day KL 2011) 20-21 September 2011

Workshop

Bengkel Asas Keselamatan 2015 (Bengkel Asas Keselamatan Server Dari Ancaman Penggodam 2015) 21 September 2015

Supporter

Government Agency

University

Corporate

Community

Sponsors

Category:OWASP_Chapter Category:Malaysia Category:Asia


Meetup

Meeting Schedule

Meetings are organized via meetup

Check our Upcoming Meetup Events:


Leadership


The chapter leadership board is as follows:

Chapter Leadership Board Member Role Responsibilities Person(s)
Chairman The central point of contact for the Chapter and responsible to the OWASP Board. Serves as the Chapter board chair. Mohd Fazli Azran
Vice Chairman Help Chairman, coordinates all of the Chapter-sponsored educational offerings, including the weekly Study Group and OWASP training. Serves as Chapter board Vice Chair. Ahmad Aizuddin Aizat Tajul Arif
Secretary Help Chairman, seeks and schedules speakers for Chapter meetings and other events. Serves as Secretary. Vacant
PR/Marketing Coordinator Provides marketing of the Chapter events. Mohammad Zulfahmy
Membership and Project Coordinator Coordinates activities to grow individual and corporate memberships. Acts as project manager for events, tracking assigned tasks and reporting progress. Teng
Events Committee Responsible for coordinating aspects of events.
  • Neo
  • All Leadership Members
Advisory Board Members Made up of previous Chapter leaders who provide mentoring, coaching, and assistance to the board and contribute to its success.
  • Vacant
  • Vacant
  • Vacant
  • Vacant
  • Vacant
  • Vacant

Base Camp


OWASP KL Club
Kuala Lumpur
Mobile Phone/Whatsapp : 60108111181


AppSec Malaysia Sponsorships

AppSec Malaysia detailed sponsorship tiers and options can be found in Our Conference Website or Download the Virtual AppSec Malaysia sponsorship

Local sponsors

If you want to support our chapter, please contact Kelly Santalucia.


Supporter

We are currently cooperating with the following universities:-

  1. Universiti Kuala Lumpur
  2. Universiti Teknologi Malaysia
  3. Politeknik Mersing
  4. Universiti Kebangsaan Malaysia
  5. International Islamic University Malaysia
  6. German-Malaysian Institute
  7. Kolej Vokasional Shah Alam

We are currently cooperationg with following communities:-

  1. rawSEC
  2. NanoSec
  3. TBD
  4. HITB
  5. PARC

We Cooperation with following Industry

  1. Vacant

Members

Here our Official OWASP Members list 2017:

  1. Raihan Ahmad
  2. Azlina Ahmad
  3. Mohd Sufian Ahmad
  4. Norzaidi Baharudin
  5. Rene FBernard
  6. Mohd Sofian Akasah
  7. Ahmad Maher Che Mohd Adib
  8. Mohamed Ashraf Husni Zai
  9. Aldi Johari Shaqis
  10. Mohd Hafiz Kamaruzaman
  11. Khalid Zulazly
  12. Mohd Dawi Mohd Haritih
  13. Shazil Imri Mohd Hizam (Individual Lifetime)
  14. Tajul Azhar Mohd Tajul Ariffin
  15. Mohd Hanafiah Muhamad
  16. Muhammad Hamizi Jaminan
  17. NORAZLAN NORDEN
  18. Rajivarnan Raveendradasan
  19. Aalim Rozli
  20. Ahmad Aizuddin Aizat Tajul Arif
  21. James Tan
  22. Adli Wahid
  23. Yong Kian Chong
  24. Shazri Azizan

Here our Official OWASP Members list 2016:

  1. Adli Wahid
  2. Lim Soo Kok
  3. Gurdip Singh
  4. Rajivarnan Raveendradasan
  5. Krishna Rajagopal
  6. Mohd Rahim Muhamad
  7. Mohd Hanafiah
  8. Norazlan Norden
  9. Shazil Imri Mohd Hizam
  10. Khairul Marjan
  11. Zulazly Khalid
  12. Mohamad Hamizi Jamaludin
  13. Mohamed Ashraf Husni Zai
  14. Anthony Hing Kheong
  15. Hidzuan Hashim
  16. Razif Hashim
  17. Wati Darma
  18. Matlan Dahari
  19. Ahmad Aizuddin Aizat Tajul Arif
  20. Amir Osman
  21. Muhammad Zuhair Abd Rahman
  22. Norzaidi Baharudin
  23. Mohd Sufian Ahmad
  24. Azlina Ahmad
  25. Raihan Ahmad
  26. Ahmad Amran Ahmad
  27. Mohammad Zahir Mat Salleh
  28. Mohd Khairuddin Che Ibrahim
  29. Muhammad Najmi Ahmad Zabidi
  30. Sofian Akasah
  31. Mohd Shahril Hussin

Here our Official OWASP Members list 2015:

  1. Mohd Azri Abdullah
  2. Ahmad Amran Ahmad
  3. Mohd Sufian Ahmad
  4. Norzaidi Baharudin
  5. Ahmad Aizuddin Aizat Tajul Arif
  6. Arif Fahmi Fisal
  7. Ab Malek Idris
  8. Mohamad Hamizi Jamaludin
  9. Chien Shing Kuan
  10. Shaifullnizam Mohamad
  11. Simon Lim
  12. Charles Loh
  13. Shazil Imri Mohd Hizam
  14. Mohd Firdaus Ramlan
  15. Bharanidharan Shanmugam
  16. Kam Yim Siew
  17. James Tan
  18. Choong Tan Fook
  19. Adli Wahid
  20. Kiang Chong Yong
  21. Lillian Nasharitah Boney Abdullah
  22. Hidzuan Hashim
  23. Neo Wong Wei Zhen
  24. Harisfazillah Jamel
  25. Yong Kiang Chong
  26. Kamal Tam
  27. Jalani Sidek
  28. Hafidz Nasruddin
  29. Tajul Azhar Mohd Tajul Ariffin
  30. Mohammed Mirza
  31. Hafiz Ismail

Here our Official OWASP Members list 2014:

  1. James Tan
  2. Mohd Syazwan Mohd Shafie
  3. Willie Poh
  4. Bharanidharan Shanmugam
  5. Shaiffulnizam Mohamad
  6. Fakrul Adli Mohd Zaki
  7. Hidzuan Hashim
  8. Kenneth Lau
  9. Adzmely Mansor
  10. Amir Osman
  11. Ahmad Kiambang
  12. Mohammed Mirza
  13. Samad Mayang
  14. Rahmat Tuah
  15. Sabariah Kesuma
  16. Mohd Som
  17. Kamal Tam
  18. Razif Hashim
  19. Mohd Rahim
  20. Hafiz Ratnasari
  21. Jalani Sidek
  22. Choong Tan Fook
  23. Matlan Dahari
  24. Yew Seng Ong
  25. Mokhtar Azman Mohamed
  26. Wati Darma
  27. Khairul Marjan
  28. Ling Koh Yew
  29. Lim Soo Kok
  30. Chuan Kian Tan
  31. Anthony Hing Kheong
  32. Kiang Chong Yong
  33. Adli Wahid
  34. Norzaidi Baharudin