OWASP Tunisia

The Open Web Application Security Project (OWASP) is a nonprofit foundation that works to improve the security of software. All of our projects ,tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

The chapter Leader is Nihel Ben Youssef. Follow chapter news on Facebook , Linkedin

Meeting Sponsors

The following is the list of organisations who have generously provided us with space for OWASP Tunisia chapter meetings. Thank you for your contribution.

Partners

The following is the list of organisations/Foundations who have generously help us to communicate about OWASP projects and OWASP Tunisia chapter activities. Thank you for your contribution.

NEXT ONLINE EVENT! Blockchain [for] Security - 5-12-20

Meetup : Register and join the event !

Youtube: Subscribe/Follow us via our Youtube Channel!

Abstract

Blockchain is a disruptive technology proposing some security properties for various digital applications. But Blockchain has also its own challenges in terms of security……

“Blockchain as a security brick for software applications” by Sami Bel Hadj

Sami is Technical/Software Dev Manager with more than 18 years’ experience designing, developing and supporting software systems. Creative and dynamic Engineer with proven expertise in effectively leading technical teams. His professional strengths include extensive database technology expertise, team leadership and management, strong oral and written communication skills, and ability to achieve corporate objectives in challenging work environments. Sami is also professor of Blockchain technology / philosophy in several Tunisian universities

“Pen testing Blockchain Solutions (Ethereum Smart Contracts & Nodes)” By Alex Devassy

Alex is Cyber Security Professional, having 2+ years of rich and insightful exposure in Red Teaming, security consultancy along with cyber security training. Focused on Penetration testing of commercial off-the-shelf applications, Web Application, Web Service, Network PT including Active Directory, SAP, IOS, Blockchain and Salesforce applications using open source and commercial tools. Experienced in developing automation / malicious scripts in windows PowerShell, node js. Have been a part of the winning team at IIT Delhi, Open Innovation Blockchain Hackathon, conducted by Best of Block Inc.

“Secured Smart Contracts Development using SCSVS” by Damian Rusinek

Damian is Senior IT Security Specialist, since 2016 in SecuRing. Professionally responsible for web and mobile application audits and source code analysis. Software developer and analyst with over a decade of experience. Mainly focused on the cryptographic protocols, distributed ledger technologies and applications that use them.

Finished PhD at Warsaw University of Technology. Damian works as researcher at Maria Curie Sklodowska University in Lublin where his main topic of research are biocrypto and blockchain based protocols and applications. Author of several academic research papers and speaker at such conferences as Cryptography and Security Systems, International Science Conference on Computer Networks, Confidence, Confidence London, AppSec EU, InfoShare. Creator of Smart Contracts Security Verification Standard.

Previous Event- Hands-on on Secure Programming & Secure Coding Standards 13-07-20

Subscribe/Follow us via our Youtube Channel!

Our Speaker - Azzeddine RAMRAMI

- IBM Security - Senior Security & Network Architect
- OWASP Morocco Chapter
- OWASP AppSec Africa President
- Data & Application Security, Cogntive Security, IoT/OT/ICS/SCADA Security & SIEM
- Professor/instructor and an expert information security development with over 22 years of 
   experience in the security, secure coding, network and telecommunication arena.
- Certified Mile2 CPTE/CPTC/CDFE/CSWAE and EC-Council C|EH

Hands-on Description

Generally, it is much less expensive to build secure software than to correct security issues after the software package has been completed, not to mention the costs that may be associated with a security breach. We will discuss how to embed security in the SDLC and how to design a secure application architecture.

The following areas will presented:

 1. Software Security and Risk Principles Overview
 2. Secure Coding Standards for Java, C/C++
 3. Secure Coding Practices Checklist
     - Input Validation
     - Output Encoding
     - Authentication and Password Management
     - Session Management
     - Access Control
     - Cryptographic Practices
     - Error Handling and Logging
     - Data Protection
     - Communication Security
     - System Configuration
     - Database Security
     - File Management
     - Memory Management
   4. General Coding Practices & Code Quality

Thanks

Thanks IEEE Tunisia Section !! to be among our valued partners.

and Thanks again to:

for helping us to further develop national software security awarness and extend our OWASP Tunisia community!

Speaking at OWASP Tunisia Chapter Events

If you would like to present a talk on Application Security at future OWASP Tunisia Chapter events - please review and agree with the OWASP Speaker Agreement and send the proposed talk title, abstract and speaker bio to the Chapter Leader via e-mail: nihel.benyoussef (at) owasp.org Please mention in email’s subject : Tunisia Speaker request-your name

Event/meeting TICKETS!

All events/meetings are free to attend for both members and non-members of OWASP and are open to anyone interested in application security and cyber security. Please note that for our future events, you MUST REGISTER to book your place and get a ticket to be admitted to the event - your name will be checked against the guest list. Please note that generally the space are limited, so please only book tickets if you are able to attend!

Current Actions

National Survey about Software Security Awarness

Afin de mieux cibler ses actions futures (cours/moyens/long termes) , OWASP Tunisia chapter mène une compagne de sondage à l’échelle nationale sur la sensibilisation à la sécurité des logiciels (Software Security ).

Merci de remplir ce Formulaire (2 min à remplir) est destiné aux:

  • Professionnels/Développeurs/Experts(Etablissement privée/publique) qui travaillent dans le domaine du Software
  • Universitaires enseignant les cours de développement(Coding et génie logiciel…)
  • Etudiants/nouveau diplômés ayant un cursus en Software

Cette compagne s’aligne avec les actions ciblées par la stratégie nationale de Cybersécurité annoncée officiellement le 9 décembre 2019. Nous comptons sur votre participation et sur la diffusion à votre échelle!

Previous Events

Follow/Subscribe in our Youtube channel Le premier Workshop en ligne présenté par OWASP Tunisia Chapter était organisé en deux parties

Première Partie

L’organisme international à but non lucratif OWASP(Open Web Application Security Project) et OWASP Tunisia chapter seront présentés par Nihel Ben Youssef, OWASP Tunisia Chapter Leader

Suivez nous sur

Facebook

Linkedin

Deuxième Partie

OWASP Juice Shop – est une application web de boutique en ligne délibérément vulnérable ( Node.js, Express et AngularJS) et qui intègre l’ensemble du top 10 des vulnérabilités de l’OWASP et bien plus encore.

Le TOP 10 de vulnérabilités WEB et une démo introductive de pentest(Pwning) sur la plateforme OWASP Juice Shop seront présentés par Wajih Hajji, membre OWASP et ingénieur Cybersécurité

Next Action

Participation of OWASP Tunisia Chapter to the National Security Day SecuriDay April 2020 with SecuriNets Foundation.

Suivez nous sur Facebook Youtube et Linkedin


Example

Put whatever you like here: news, screenshots, features, supporters, or remove this file and don’t use tabs at all.


Past Events

2020-07-13 Virtual Event- Hands-on on Secure Programming and Secure Coding Standards View the video on our Youtube Channel

Our Ghest:

Azzedine RAMRAMI. Senior Security & Network Architect-IBM Security. OWASP Morocco Chaper Leader OWASP Appsec Africa President

2020-05-23 Virtual Event- Presentation of OWASP Foundation and OWASP Tunisia Chapter and Hands on Pwing with OWASP Juice Shop View the video on our Youtube Channel

Our Ghest:

Wajih HAJJI. OWASP member. Cybersecurity and Multi Cloud Management Engineer. Ditriot Consulting

2020-01-16. Participation at 3rd edition of TT Security Day “Cybersécurité et Confiance numérique , clés de la transformation digitale”. Table ronde sur les challenges en sécurité des nouvelles tendances technologiques. Présentation des projets et publications OWASP autour de “Security and privacy by design”

| | 2019-11-16. Local OWASP Tunisia Chapter Meeting.Cercle des bureaux. Centre Urbain Nord. Tunis. Thanks for Axians Cybersecurity for Hosting the event

2019-04-14 Participation of OWASP Tunisia Chapter, SecuriDay2K19 Event : National Security Day. Privacy and Personal Data Protection. With SecuriNets Foundation . INSAT.Tunis.

2019-02-23 : Participation of OWASP Tunisia Chapter, “The art of DevSecOps” Event with SecuriNets Foundation: Presentation of OWASP DevSecOps [email protected] SecurinetsISI Acropolium de Carthage. Tunis. Speaker: Raouf Mnif DevOps Engineer, Futura Digital

2018-06-29 : OWASP Tunisia Chapter, Workshop on OWASP IOT PROJECT and Demo : Exploiting Command injection Vulnerability in firmware using Firmware analysis Tool, Firmadyne, binwalk) and OWASP ZAP : Carthage Cyber Arena CCA 2018 @Arena Lac (Guest Lecture). Speaker: Nihel Ben Youssef. OWASP Tunisia Chapter leader.

2018-03-08 : Workshop on Big DATA Security and OWASP NoSQL injection Demo: Hackathon BigDATA @FSJEG (Guest Lecture). Speaker: Nihel Ben Youssef. OWASP Tunisia Chapter leader.

*2018-03-03: Presentation of OWASP Foundation and OWASP Tunisia Chapter: Ebanking CyberSecurity Event organized by SECURINETS_ISI @Pôle El Ghazela (Guest Lecture)

2017-04-06 : Workshop: Introduction to the OWASP Top 10 Mobile Security Risks @ISET RADESBy Abdessabour Arous, Past OWASP Tunisia Chapter

2017-03-08: Workshop: Introduction to the OWASP Top 10 IoT Security Risks @SECURINETS ISI

2017-02-19 : OWASP Tunisia Chapter, “Project Zero” Project Meetup

2017-02-16: OWASP Tunisia Chapter contributed to the Rounde Table: “Table Ronde sur la sécurité de l’information” @UIT - Université Internatioanle de Tunis