OWASP Morocco

Welcome

Welcome to the OWASP Our mission is to enrich Morocco’s application security community and cyber security community. We hope you can join us in accomplishing that.

Modern Society

A modern society focused on the future

Through rooted in its traditions, Morocco offers all the conveniences of modern times

Morocco is a firmly future-focused country that has succeeded in preserving its traditions and promoting its cultural heritage by harnessing them to drive development. The city of Marrakesh is a perfect example: the Medina district and its souks have an unmatched old-fashioned charm, while Guéliz and Hivernage are decked out with the most modern infrastructure and facilities. Far from being in conflict, modernity and tradition together are what makes Morocco strong.

As a visitor, you will enjoy every modern convenience and pleasure. For your accommodations, Morocco is full of hotels in every price range from the major international chains. Plus it also has the biggest international ready-to-wear shops, which are taking advantage of the ideal opportunity for positioning in a fast developing country.

Morocco is striving to avoid the pitfalls of modern life, especially when it comes to the environment, by favoring tourism practices that are respectful of the Earth and local communities. As the author of a sustainable tourism charter and host of COP22, Morocco is on the front lines to preserve our planet.


Upcoming Event Novmebre 2020 - Online Cyber Security Training

Our AppSec Africa 2020 will be Online due to Covid-19 pandemic.

Upcoming Event July 2020 - Online Conference

Upcoming Event- Hands-on on Secure Programming & Secure Coding Standards for OWASP Tunisia

Take your Ticket Here!!!

Our Speaker - Azzeddine RAMRAMI

- IBM Security - Senior Security & Network Architect
- OWASP Morocco Chapter
- OWASP AppSec Africa President
- Data & Application Security, Cogntive Security, IoT/OT/ICS/SCADA Security & SIEM
- Professor/instructor and an expert information security development with over 22 years of 
   experience in the security, secure coding, network and telecommunication arena.
- Certified Mile2 CPTE/CPTC/CDFE/CSWAE and EC-Council C|EH

Hands-on Description

Generally, it is much less expensive to build secure software than to correct security issues after the software package has been completed, not to mention the costs that may be associated with a security breach. We will discuss how to embed security in the SDLC and how to design a secure application architecture.

The following areas will presented:

 1. Software Security and Risk Principles Overview
 2. Secure Coding Standards for Java, C/C++
 3. Secure Coding Practices Checklist
     - Input Validation
     - Output Encoding
     - Authentication and Password Management
     - Session Management
     - Access Control
     - Cryptographic Practices
     - Error Handling and Logging
     - Data Protection
     - Communication Security
     - System Configuration
     - Database Security
     - File Management
     - Memory Management
   4. General Coding Practices & Code Quality

Past Event

Past Event : DevSecOps Training for EGE/Paris July 5, 2020 via GotoMeeting

Past Event : Event at ENSIAS March 28/29, 2020

  • OWASP Morocco Chapter - DevSecOps training workshop
    March 28/29, 2020
  • When: Sunday 2pm, Saturday 9am
  • Where:ENSIAS Rabat/Morocco
  • Title:OWASP Morocco DevSecOps Workshop at MCSC 2020 ENSIAS
  • Have a look at our full program, bring your laptop and join us! Register here:

Past Event : Event at EHTP/Casablanca Feb 5, 2020

  • OWASP Morocco Chapter Meeting
    February 5, 2020
  • When: Wednesday, February 5th @ 08:00AM - 6:00PM
  • Where:EHTP Casablanca/Morocco
  • Title:OWASP Morocco Cyber Security dat at EHTP
  • Have a look at our full program and join us! Full Program

back to top

2020 2019 2018

2019


OWASP Morocco Chapter Meeting

When: OWASP Training Day UM6P, 27 June 2019

Where: OWASP Training Day at Mohammed VI Polytechnic University on June 27th, 2019 in Ben Guerir Marrakech/Morocco

A full training day at UP6P Bengruir Morocco.

Program: Workshop Outline: Two sessions

  • Introduction à l’OWASP: 09h00 - 09h30
  • L’état de l’art de la sécurité IoT 09h30 - 10h30
  • Secure Coding Java & .NET: 11h00 - 18h00

Program:

  • Abdessalam JAY
  • Othmane TAMAGARTI
  • Azzeddine RAMRAMI

Sponsors: Sponsor of this event: Adam Ridson https://www.adamridson.com/

Back to Top

OWASP Morocco Chapter Training Day at ONCF, February 15, 2019

When: Friday, February 15th, 9:00 al - 5:00 pm

Where: ONCF Club, Rabat/Morocco

Programs: OWASP Training Day at ONCF, 15th February 2019 in Rabat/Morocco Azzeddine RAMRAMI will run a one full day developper training on OWASP, on 15th February 2019.

OWASP Morocco Chapter members running this session:

Course Outline:

  • Introductions
  • Agenda
  • Secure Development Lifecycle (SDLC)
  • Lab: Threat Modeling
  • Principles of Secure Code
  • Authentication & Authorization
  • Lab: Access Control
  • Mini-Lab: Weak Session Identifiers
  • Session Management
  • Lab: SQL Injection
  • Lab: Cross-Site Scripting
  • Input Validation
  • Lab: SQL Injection Patching
  • Lab: Cross-Site Scripting Patching
  • Proper Encryption
  • Mini-Lab: Hash Breaking
  • Logic Flaws
  • Lab: Logic Flaw Exploitation

Speakers:

  • Azzeddine RAMRAMI
  • Abdessamad TEMMAR
  • Abdessalam EL JAY

Sponsors: Munisys

Sponsor of this event: MUNISYS (http://www.munisys.net.ma/)

Back to Top

2018


OWASP AppSec Morocco & Africa 2018

Where: November 15-16, 2018 When: Hotel Val d’Anfa, Casablanca/Morocco

Welcome to the second edition of OWASP AppSec Morocco and Africa in Casablanca, Hotel Val d’Anfa on November 15-16, 2018.

Program: See here https://2018.appsecmorocco.org/agenda/

At AppSec Morocco & Africa you can connect with over 250 security professionals in our sponsor hall. Our floor plan is designed to allow you to engage with speakers and attendees.

Thank you to the Sponsors of Appsec Morocco & Africa 2018 :

Speakers: see here

https://2018.appsecmorocco.org/speakers/

Sponsors: https://2018.appsecmorocco.org/sponsors/

Here the final list of our speakers from differents countries including Africa (Morocco and Algerie), Canada, Europe and Asia.

Back to Top


AppSec Morocco 2018 Mosquee_Hassan_II

OWASP Morocco Presentation

Scope of the board is to discuss and approve local activities, meetings and plans.

Contacts et Propositions de Présentations/Contributions

  • Azzeddine RAMRAMI et Tarik EL AOUADI sont à votre disposition si vous souhaitez des informations sur l’OWASP ainsi que sur la Sécurité des Applications Web.

Entreprises, Individuels, Monde Académique, Sponsors, Supports, tout le monde est bienvenu à l’OWASP.

Pour les Entreprises souhaitant adhérer à l’OWASP, le montant de l’adhésion annuelle de $5000 US (dont 40% est reversé au Chapitre de votre choix) est 100% déductible!

Les fonds collectés servent à organiser les meetings du Chapitre Marocain, mais aussi et surtout à construire et organiser avec vous une approche spécifique en fonction de vos souhaits (sessions de sensibilisation, meetings internes, interventions de Speakers, etc.). Tout cela peut être discuté avec le Chapitre Marocain et acté conjointement avec vous si vous souhaitez adhérer à l’OWASP.

N’hésitez pas à nous solliciter si vous souhaitez discuter d’un sujet particulier, ou si vous souhaitez effectuer une présentation lors d’un meeting du Chapitre Marocain.

Amis de la Presse écrite et du Multimédia, n’hésitez pas à faire appel à nous si vous souhaitez notre concours pour vos articles et reportages, vous êtes les bienvenus et nous en serions honorés. Nous avons nous aussi besoin de vous.

Moi et le board du Chapitre Marocain restons modestes dans notre approche, mais nous souhaitons vraiment que le Chapitre OWASP Maroc devienne un de vos contacts de référence.

Meetings 2019

February 2019 Q1/2019

OWASP Training Day at ONCF, 15th February 2019 in Rabat/Morocco

Azzeddine RAMRAMI will run a one full day developper training on OWASP, on 15th February 2019.

OWASP Morocco Chapter members running this session:

Azzeddine RAMRAMI

Abdessamad TEMMAR

Abdessalam EL JAY

Location: ONCF Club

City: Rabat

Country: Morocco

Course Outline:

  • 1)        Introductions
  • 2)        Agenda
  • 3)        Secure Development Lifecycle (SDLC)
  • 4)        Lab: Threat Modeling
  • 5)        Principles of Secure Code
  • 6)        Authentication & Authorization
  • 7)        Lab: Access Control
  • 8)        Mini-Lab: Weak Session Identifiers
  • 9)        Session Management
  • 10)      Lab: SQL Injection
  • 11)      Lab: Cross-Site Scripting
  • 12)      Input Validation
  • 13)      Lab: SQL Injection Patching
  • 14)      Lab: Cross-Site Scripting Patching
  • 15)      Proper Encryption
  • 16)      Mini-Lab: Hash Breaking
  • 17)      Logic Flaws
  • 18)      Lab: Logic Flaw Exploitation
  • Addition Labs:
  • 19)      Other Attacks
  • 20)      Mini-Lab: XML Attacks
  • 21)      Security Hygiene
  • 22)      Final Lab: Hacking Contest

Sponsor of this event: MUNISYS (http://www.munisys.net.ma/)

June 2019 Q2/2019

OWASP Training Day at Mohammed VI Polytechnic University on June 27th, 2019 in Ben Guerir Marrakech/Morocco

Azzeddine RAMRAMI with OWASP Morocco Team will run one full day developper training on workshop OWASP, on 27th June 2019.

This session will run by Azzeddine RAMRAMI, Abdessalam ELJAI and Othmane TAGAMART.

Location: Universite Mohamed VI Bengruir

City: Ben Guerir / UM6P

AdresseMohammed VI Polytechnic University 

Lot 660, Hay Moulay Rachid Ben Guerir, 43150, Morocco

Country: Morocco

Workshop Outline: Two sessions

  • Introduction à l’OWASP: Abdessalam JAY                                                                                                                09h00 - 09h30 
  • L’état de l’art de la sécurité IoT: Othmane TAMAGARTI                                                                                            09h30 - 10h30  
  • Pause café                                                                                                                                                                 10h30 - 11h00 
  • Secure Coding Java & .NET with OWASP TOP 10 2017 Part 1: Azzeddine RAMRAMI & Othmane TAMAGART   11h00 - 13h00 
  • Pause déjeuner                                                                                                                                                          13h00 - 14h00 
  • Secure Coding Java & .NET with OWASP TOP 10 2017 Part 2: Azzeddine RAMRAMI & Othmane TAMAGART   14h00 - 16h00   
  • Pause café                                                                                                                                                                 16h00 - 16h30 
  • Secure Coding Java & .NET with OWASP TOP 10 2017 Part 3: Azzeddine RAMRAMI & Othmane TAMAGART   16h30 - 18h00  

**Contact to subscription: Azzeddine RAMRAMI **https://www.owasp.org/index.php/Morocco#tab=Meetings_2019

Sponsor of this event: Adam Ridson

Past Meeting Meetings 2018

Welcome to the second edition of OWASP AppSec Morocco and Africa in Casablanca, Hotel Val d’Anfa on November 15-16, 2018.

https://2018.appsecmorocco.org/agenda/

At AppSec Morocco & Africa you can connect with over 250 security professionals in our sponsor hall. Our floor plan is designed to allow you to engage with speakers and attendees.

Thank you to the Sponsors of Appsec Morocco & Africa 2018 :

https://2018.appsecmorocco.org/sponsors/

Here the final list of our speakers from differents countries including Africa (Morocco and Algerie), Canada, Europe and Asia.

https://2018.appsecmorocco.org/speakers/

Meetings 2017

OWASP AppSec Africa 2017

OWASP participe à l’évènement MCSC 2017 à l’ENSIAS Rabat

Meetings 2016

OWASP participe à l’évènement MCSC 2016 à l’ENSIAS Rabat/Maroc le 14 et 15 mai 2016

J’ai le plaisir que l’OWASP Morocco Chapter participe en tant que partenaire sécurité à l’évènement MCSC 2016 à l’ENSIAS Rabat le week-end du 14 au 15 mai 2015:

moroccancybersecuritychallenge.com/mcsc-2016

Je vous informe que l’OWASP intervient avec les thèmes suivants:

1. Une conference sur IOT SECURITY avec Mlle.Sanae, PhD Studnet ENSA Tétouan/OWASP Morocco Team 2. Un hands-on de 3h sur comment sécuriser une application web les outils opensource, Azzeddine RAMRAMI, OWASP Leader/IBM Security Senior Architect

Les inscriptions sont disponibles via le lien suivant:

https://goo.gl/mZuX1E

N’hésitez pas donc à s’inscrire et à inviter toute personne intéressée.

Notre sponsor pour cet events est ADAM RIDSON

http://www.adamridson.com/wp-content/uploads/2015/11/logo.001-1024x400.png

Events Sponsors

We need your help, Call for additional sponsors We need sponsors for meeting room, flight cost, hotel accomodations. Please contact the Chapter Leader on how to apply.

Chapter Meeting

Volonteer are encouraged to join OWASP Morocco Chapter. Please contact the Chapter Leader Azzeddine RAMRAMI

OWASP Moroco Local News

2015-03-14 : VINCI school at Rabat provide as with a large room for our seminars. Thanks to the President of VINCI Mr Amine RACHDI

2014-06-22 : MoroccoJUG (Morocco Java User Group) and OWASP Morocco organised a new Java Secure Coding session at Centre Eclipse Casablanca. See http://www.meetup.com/MoroccoJUG/

2012-05-02 : VINCI school at Rabat provide as with a large room for our seminars. Thanks to the President of VINCI Mr Amine RACHDI

2010-12-26 : INSEC (Information Security Club)is planing on 16th of April 2011 the first edition of “Moroccan Cyber Security Challenge”. A challenge that will gather teams from 14 engineering schools in Morocco interested to information security and assurance. OWASP will be present in this events.

2010-12-24 : First meeting preparation in Morocco in Rabat or Casablanca

2010-12-24 : Modification of Morocco Local Chapter Wiki

2010-12-24 : Azzeddine RAMRAMI is co-leader for Morocco local chapter. Welcome!

OWASP Morocco past meetings

OWASP Training Day : Web Application Security Course - Secure Coding Techniques - March 28th, 2013 - at Rabat/Morocco

  • MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
  • ABSTRACT: During this training class Azzeddine RAMRAMI and two other OWASP Volunteers will present a Web Application Security and Secure Coding based on Java and PHP Security, .NET Security and Web 2.0 Botnets.
  • ’'’WHEN: ‘'’March 28th, 2013
  • WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat

*’ 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: [email protected] *’

  • REGISTRATION:

At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure)

  • FEES: Course is free of charge. Nb of seat limited to 25 per class
  • SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader Azzeddine RAMRAMI
  • AGENDA: OWASP Seminars
  • ———————————————–
  • Opening Session : OWASP Presentation and Introduction - 9:30am to 10am - Seat : No Limit
  • Session 1: Secure Coding Technique - Technical Course - 10am to 5pm - Seat : 25
  • Session 2: Resilient C\&C Botnets Using Web 2.0 Technologies - Presentation, PoC and Demo - 10am to 5pm - Seat : 25
  • Session 3: Secure Coding Cryptograhy Crash Course - Theory 10am à 12am - Seat : 25
  • Session 3: Secure Coding Cryptograhy Crash Course - Hands-On 2pm à 5pm - Seat : 25
  • ———————————————–
  • Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo

OWASP Training Day : Web Application Security Course - Secure Coding Techniques - March 28th, 2013 - at Rabat/Morocco

  • MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader
  • ABSTRACT: During this training class Azzeddine RAMRAMI and two other OWASP Volunteers will present a Web Application Security and Secure Coding based on Java and PHP Security, .NET Security and Web 2.0 Botnets.
  • ’'’WHEN: ‘'’March 28th, 2013
  • WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat

*’ 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: [email protected] *’

  • REGISTRATION:

At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure)

  • FEES: Course is free of charge. Nb of seat limited to 25 per class
  • SPONSORS: Sponsor are welcome to support this event, please contact the Chapter Leader Azzeddine RAMRAMI
  • AGENDA: OWASP Seminars
  • ———————————————–
  • Opening Session : OWASP Presentation and Introduction - 9:30am to 10am - Seat : No Limit
  • Session 1: Secure Coding Technique - Technical Course - 10am to 5pm - Seat : 25
  • Session 2: Resilient C\&C Botnets Using Web 2.0 Technologies - Presentation, PoC and Demo - 10am to 5pm - Seat : 25
  • Session 3: Secure Coding Cryptograhy Crash Course - Theory 10am à 12am - Seat : 25
  • Session 3: Secure Coding Cryptograhy Crash Course - Hands-On 2pm à 5pm - Seat : 25
  • ———————————————–
  • Optional: Please BYOD if you want to participate to PoC, Hands-on and Demo

Web Application Security Seminar - May 18th, 2012 - at VINCI School Rabat/Morocco

  • MAIN PRESENTERS: Azzeddine RAMRAMI: OWASP Leader, Hamza WARAKI: Pôle Sécurité PenTest OWASP Morocco, Tarif EL AOUADI from Lexi and Intissar from VINCI
  • ABSTRACT: During this seminars Azzeddine RAMRAMI will present a complete Architecture Security Framework to implement Web Application Security the IT landscape. Hamza WARAKI will present how to conduct an OWASP Web Application PenTesting. OWASP activity and spirit will be presented in this event.
  • ’'’WHEN: ‘'’May 18th, 2012
  • WHERE: VINCI Ecole Supérieure Rabat/Morocco see VINCI Ecole Supérieure Rabat

*’ 10,Rue Al Yamama (Aproximité de la gare Rabat-Ville), Rabat - Tél: 05 37 70 69 05 - E-mail: [email protected] *’

  • REGISTRATION:

At AXEL TELECOM (Axel Telecom) or at VINCI (VINCI Ecole Supérieure)

  • PROGRAM:

09:00-09:30 Welcome 09:30-09:45 OWASP Presentation ( Azzeddine RAMRAMI ) 09:45-10:00 Security Awarnasse ( Tarik EL AOUADI ) 10:00-10:30 OSSTMM v3.0 a PenTest Methodlogy - Overview ( Intissar EL MEZROUI ) 10:30-10:45 PAUSE 10:45-11:30 How to conduct a Web Application Pen Testing ( Hamza WARRAKI) 11:30-12:00 OWASP WebGoat & Attack Example (A virtual Hacking Environnement) (Nawfal Makdad ) 12:00-14:30 PRIERE DE VENDREDI 14:30-15:30 OWASP WebGoat & Attack Example (A virtual Hacking Environnement) (Nawfal Makdad ) 15:30-16:15 Smartphone Security (Tarik EL OUADI) 16:15-16:30 PAUSE 16:30-17:00 Smartphone Security (Tarik EL AOUADI) 17:00-17:45 Writing Secure Code : Java Principles ( Azzeddine RAMRAMI ) 17:45-18:00 Questions & Answers

  • Event Flyer : ![](OWASP_Seminar_Flyer-May_2012.pdf "File:OWASP_Seminar_Flyer-May_2012.pdf") This is the flyer of Morocco Chapter seminar. A short description of the seminar with the agenda and titles.

Resources

Morocco Cyber Security Event Virtual Machin image

To be posted after the first meeting

Downloads

Papers and Articles

NOTOC

Category:Morocco


Sponsorship Opportunities with our Chapter

The Morocco OWASP Chapter can offer your company several sponsorship opportunities. If you are interested in taking advantage of any of these opportunities, please contact Azzeddine RAMRAMI (azzeddine[dot]ramrami[at]owasp.org), the OWASP Morocco Chapter Leader.

Morocco Cyber Security Day

The Morocco OWASP Chapter organizes a quarterly Morocco Cyber Security Day event along with selected school and companies. This event has historically drawn around 100 of Morocco’s security professionals and expert for networking and more. Your sponsorship of this event includes appetizers and drinks for the attendees. Feel free to pass out business cards and network just like you would anywhere else. You’ll find no better opportunity to get your name in front of 100+ security professionals for a free access.

AppSec Morocco & Africa Security Conference (AppSec Africa) Sponsorship

The AppSec Morocco & Africa is an OWASP conference held annually in Morocco. It is a gathering of 250+ web app developers, security engineers, mobile developers and information security professionals. ApPSec is held in Morocco Casablanca or Rabar, where more Fortune 100 companies call home than any other state and it is held in Morocco which is a hub for startups in Morocco. At AppSec Morocco & Africa, leaders at these companies along with security architects and developers gather to share cutting-edge ideas, initiatives, and technology advancements.

Being a non-profit organization, we rely mostly on sponsorships to help us provide the funding to make AppSec Morocco & Africa successful.

Become a AppSec Morocco & Africa Sponsor


OWASP Meeting Presenter Sponsorship

Although OWASP is a non-profit organization, we strive to provide our members with the best presenters we possibly can. While the Austin area has tons of security talent, sometimes it’s worthwhile to reach beyond our borders to pull in more awesome presenters. In exchange for covering travel expenses for these presenters, our chapter will provide you with 5 minutes at the start of the meeting to introduce yourself and tell us about the products or services that your company offers. You’ll also receive mention of being the presenter sponsor in all e-mail communications about the meeting.


Chapter Team & Organization

The chapter leadership board is as follows:

Chapter Leadership Board Member Role Responsibilities Person(s)
Chapter Leader The central point of contact for the Chapter and responsible to the OWASP Board. Serves as Chapter Leader and Chapter board chair. Azzeddine RAMRAMI
Sponsor Coordinator Serves as the primary liaison between the Chapter and all sponsors, and solicits sponsors for the Chapter meetings, happy hours, AppSec Africa, and other events. Azzeddine RAMRAMI
Tarik EL OUADI
Speaker Coordinator Seeks and schedules speakers for monthly Chapter meetings, AppSec Africa, and other events. Tarik EL OUADI
Education Coordinator Coordinates all of the Chapter-sponsored educational offerings, to include the weekly Study Group and OWASP training. Azzeddine RAMRAMI
Tarik EL OUADI
PR/Marketing Coordinator Provides marketing of AppSec Africa and other Chapter events. To be added
Membership and Project Coordinator Coordinates activities to grow individual and corporate memberships. Acts as project manager for events, such as AppSec Africa, tracking assigned tasks and reporting progress. Azzeddine RAMRAMI & Tarik EL OUADI
Events Committee All of the Chapter Leadership Coordinators are responsible for coordinating aspects of events, including the annual Morocco Application Security Conference (AppSec Africa). The Chapter Leader acts as the committee chair. Chapter Leadership Coordinators
Finance The Chapter Leader is designated as primary person responsible for Chapter budget and Chapter expense approvals. The previous Chapter Leader is designated as secondary approver, who also will approve any expenses submitted by the Chapter Leader. Azzeddine RAMRAMI - Primary
Tarik EL OUADI - Secondary
Advisory Board Members Made up of previous Chapter leaders who provide mentoring, coaching, and assistance to the board and contribute to the Chapter’s success. Azzeddine RAMRAMI
Tarik EL OUADI

back to top