Malaysia

Malaysia

OWASP Malaysia &amp; MySecurity Community

OWASP Malaysia Project now officially handle and organize by MySecurity Community. It was non-profit organization. We are pleasure and welcome to all Malaysian to join us and share the knowledge, skill, idea and related to make OWASP Malaysia Project are benefit to everybody. OWASP Malaysia Project as well are the pioneer project for Web Security Application and we tied with Malaysia Government Security Agency &amp; Organization to promote and give awareness to Malaysian specially to government,university and public. Any private sector want to contribute and sponsor are welcome.

Join the local Malaysia chapter Facebook Page

Join the local Malaysia Chapter Discussion Facebook Group

Follow our twitter OWASP Malaysia #owaspmy 

OWASP Malaysia Linkedin Group

'''OWASP Malaysia Meetup Planning Schedule

OWASP Malaysia Translation Project (OMTP) We need any volunteer for our translation project from English - Malay Please free to contact any of our BOM for update the Project

'''NOTE: OWASP now promote for who want to become Official Members for Malaysia Chapter. You can get special rate and discount and get email @owasp.org with 25GB space. Please register at here as individual(Memberships) and to see the example how to (REGISTER) OWASP Memberships'''

=News= For all new members and existing member please free to contribute to OWASP Malaysia Chapter and if you are commitment to help OWASP Malaysia please subscribe OWASP Membership for individual. For Corporate sponsor OWASP Malaysia please contact OWASP Admin.

We are welcome to join our conversation. If any query don't hesitate to contact [mailto:admin@owasp.my OWASP Admin]. Everyone is welcome to join us at our chapter meetings.

Related Security Events for this years.

2013


=== OWASP AppSec AsiaPac 2013 (AppSecAsiaPac2013) 19-22 February 2013 ZebraCon 2013 (ZebraCon2013) 27-28 August 2013 Malaysia Open Source Conference 2013 (MOSC2013) 10-11 September 2013 HITBSecConf 2013 (HITBSecConf2013) 14-17 October 2013 ===

2012
=== OWASP Global AppSec AsiaPac 2012 (AppSecAsiaPac2012)11-14 April 2012 FUDCon AsiaPac KL 2012 (FUDConKL2012) 18-20 May 2012 EPF ISSS Quarterly Services Status Meeting and Technology Presentation Update 14 June 2012 (Closed Invitation) Cyber Security, Cyber Warfare and Digital Forencis (CyberSec12) 26-28 June 2012 Malaysia Open Source Conference 2012 (MOSC2012)8-10 July 2012 Hack In The Box (HITBSecConf2012) 8-11 October 2012 Hacker Halted AsiaPac 2012 (HHAPAC2012)19-22 November 2012===

2011
===KL GreenHAT Challange 2011 (KLGHC 2011) 9-10 February 2011 OWASP Summit 2011 (OWASP Summit 2011) 8-11 February 2011 Counter eCrime Operation Summit V 2011 (CECOSv 2011) 27-29 April 2011 Info Security Conference 2011 (INFOSEC 2011) 12 May 2011 Malaysia Open Source Conference 2011 (MOSC2011) 3-5 July 2011  OWASP Day KL 2011 (OWASP Day KL 2011) 20-21 September 2011 Hack In The Box (HITBSecConf2011) 10-13 October 2011 Security Black Belt Day 2011 (SBBD2011) 3 November 2011 Mozilla AsiaCamp 2011 (MozCamp Asia 2011) 18-20 November 2011 Hacker Halted APAC (HHAPAC2011) 15-17 November 2011 Malaysia Government Open Source Conference 2011 (MyGOSSCON2011) 29-30 November 2011 Computer Security Day 2011 (CSD2011) 30 November 2011===

2010
===Malaysia Open Source Conference 2010 (MOSC2010) 29/30 June - 1 July 2010 Advanced Identify Management &amp; Security 2010 (AIMS 2010) 20-21 September 2010 Next Generation Broadband Wireless Architecture Masterclass (NGBWAM 2010) 28-29 September 2010 Gartner Security Local Briefing 2010 (GartnerSec 2010) 15 July 2010 Hack In The Box 2010 (HITBSecconf 2010) - 4-14 October 2010 OSS Day KPM 2010 (OSS KPM 2010) - 12-13 October 2010 KL Green Hat 2010 (KLGH 2010) - 19-20 October 2010 CyberSecurity Malaysia Conference &amp; Exhibition 2010 (CSMCE 2010)- 25-28 October 2010 Malaysia Government Open Source Conference 2010 (MyGOSSCON 2010)2-3 November 2010 Hacker Halted Asia Pacific 2010 (HHAPAC2010)- 9-11 November 2010 AMDI-USM OSS Day (AMDIOSS) 23 December 2010===

=Webinar=

2012
===Secure Mobile App Development: Differences from Traditional Approach - 31 January 2012 10.00p.m PST Automated Hacking Tools - Meet the New Rock Stars in the Cyber Underground 27 June 2012 9.00a.m GMT=== =Board Of Members= Chapter Leader - [mailto:fazli(at)owasp.my Mohd Fazli Azran]

Board Of Members 2010


 * University Representative - [mailto:nurhizam.safie(at)aeu.edu.my Dr. Nurhizam Safie] (Asia eUniversity)
 * Government Representative - [mailto:naim.ibrahim(at)moha.gov.my Mohd Naim Mohd Ibrahim] (Ministry Of Home Affairs)
 * Community Representative - [mailto:noc(at)ipx.noc.net.my Wan Adnan Wan Jaafar] (NOC IPX)
 * Private Sector Representative - [mailto:shahriman(at)scan-associates.net Muhammad Shahriman Samsudin](Scan Associates)
 * Sec. Professional Representative - [mailto:adli(at)cybersecurity.my Adli Wahid] (MyCERT CyberSecurity)

Advisor - [mailto:amir(at)mysecurity.my Amir Haris] (MyNIC Berhad)

Observer - [mailto:info(at)mysecurity.my MySecurity Community] (MySecurity)

=Meeting Chapter=

OWASP Meetup Q1 2014
C-3A-03, Block c, Level 3A, Phileo Damansara 1, No. 9, Jalan 16/11 off Jalan Damansara, 46350,Petaling Jaya, Selangor, Malaysia.
 * Date : 17 March 2014 (Monday)
 * Time : 10.00a.m - 12.00p.m
 * Venue: Nexperts Academy Sdn Bhd
 * [[Image:nexpert.png]]

Event Program:

9.30a.m - 10.00a.m - Arrival Participant 10.00a.m - 10.10a.m - Opening Speech by OWASP Malaysia Chapter Leader 9.10a.m - 9.20a.m - Speech by Mr. Aatif Khan (Hack Defense) 9.20.a.m - 12.00a.m - Web Security 2.0 Threat - Aatif Khan - Hacking Windows 7/8 wit USB - Aatif Khan 12.50p.m - 1.00p.m - Social Network

BIO: Aatif Khan



Speaker Profile: Aatif Khan, Application Security Evangelist, has delivered highly technical security training for conferences, universities, and corporate clients like Bank of America, Verizon,Amazon, Google, Yahoo, etc. to excellent reviews. He is also one of the main founding member of HDCRB (Hack Defense Certification Review Board). Aatif consults for application security, and is having specialization in security assessments/penetration testing, infosec training's, and reverse engineering/malware analysis. Apart from his stupendous exposure in application security consulting from several years, he has also worked with Defense Personnel, Cyber Crime Police Officials and has also delivered over more than 2000 hours of Information Security training to IT Security Professional's & Government Agencies. He has authored Books entitled "Ethical Hacking", "Advance Penetration Testing", "Backtrack Starter Manual" published by Packt Publications, UK. He is popularly known for designing the most advance course on "Advance Penetration Testing" with his Lab Book & Lab Exam, and has received stupendous feedback from top notch security experts. You can find more about him here - facebook.com/thenapsterkhan

Please register here :

https://docs.google.com/a/bio-xcell.my/forms/d/1kpxanFk4SeM5bwB9PbBdpKj1ZT9LWVxbpBqZowcGuSo/viewform

OWASP Meetup Q1 2013

 * Date : 16 July 2013 (Tuesday)
 * Time : 9.00a.m - 1.00p.m
 * Venue: IMATEC, INTAN, Bukit Kiara
 * [[Image:INTAN.gif]]

Event Program:

8.30a.m - 9.00a.m - Arrival Participant 9.00a.m - 9.10a.m - Opening Speech by INTAN VVIP 9.10a.m - 9.20a.m - Speech by OWASP Malaysia Chapter Leader 9.20.a.m - 10.20a.m - Speech By Tobias Gordon - CISO for Manager 10.20a.m - 10.35a.m - Rest 10.35a.m - 10.50a.m - Talk by INTAN (TBA) 10.50a.m - 11.50a.m - Speech by Drew William - Governance, Risk and Compliance 11.50a.m - 12.50a.m - Speech By Tobias Gordon - Secure Coding 12.50p.m - 1.00p.m - Social Network

BIO: Tobias Gondrom



"Tobias Gondrom is CEO at Thames Stanley, a boutique Global CISO and Information Security & Risk Management Advisory based in Hong Kong, United Kingdom and Germany.

He has 15 yrs of experience in software development, application security, cryptography, electronic signatures and global standardization organizations working for independent software vendors and large global corporations in the financial, technology and government sector.

Over the years, he has trained and advised dozens of CISOs and senior information security leaders around the globe. Since 2003 he is the chair of working groups of the IETF (www.ietf.org), a member of the IETF security directorate, and since 2010 chair of the web security WG at the IETF. He has been in a number of project and chapter leadership roles for OWASP since 2007. Currently, he is a board member of the OWASP London and the CSA Hong Kong and Macau chapters and leads the OWASP CISO Report and Survey project. He is an ISC2 CSSLP and CISSP Instructor. Tobias has authored the Internet standards RFC 4998 and RFC 6283, also co-authored the books „Secure Electronic Archiving“ and the OWASP CISO Guide and is a frequent presenter at conferences and publication of articles (e.g. AppSec, IETF, ISSE, ...).

BIO: Drew Williams



Drew Williams has a pedigree in information management and security that began more than 30 years ago while serving as a journalist and public affairs liaison in the U.S. Navy, participating in key military missions that included the U.S. counter-deterrent against the Soviet invasion of Afghanistan in 1979, and the attempted hostage rescue operation in Tehran in 1980.

On matters of State, Drew served on the President’s Partnership for Critical Infrastructure Security (a precursor to the Department of Homeland Security), and was one of a handful of original drafters of the 1996 Health Information Portability and Accountability Act (HIPAA) Security Policy guidelines for the U.S. government, the 1998 Common Vulnerabilities Enumeration (CVE) reporting model for how viruses and security risks are reported, and was a founding member of the Intrusion Detection Consortium (1999), and worked on the early stages of Common Criteria parameters for infosec product development. In 2004, Drew established the Center for Policy and Compliance for Configuresoft/VM-Ware, and lectures annually in Southeast Asia on IT security trends and best practices, and was named by a security consortium in Australia as “One of the top 20 most influential people in IT security in the Pacific” in 2010.

Please register here :

https://docs.google.com/a/owasp.org/forms/d/1KvFM22I3PkMaG087vNgB6m-DHHfOZyR3VRXgkexYxHY/viewform

OWASP Meetup Q1 2013
We welcome all the people that have interest to join this mini events and it open to everybody. Meetup with all hacker around Malaysian and Open Discussion with CyberSecurity Malaysia


 * Date : 3 April 2013
 * Avenue: Theater Room, Level 7, Bangunan Sapura@Mines, Seri Kembangan, Selangor
 * Schedule

12.30p.m - Lunch (Provided by CSM) 1.00p.m - Registration 2.00p.m - Opening Speech by CSM VVIP 2.10p.m - Welcome Remark by Mohd Fazli Azran (OWASP Malaysia) 2.20p.m - Speech by MyCERT - Activity Hacking & Report 2012 2.45p.m - Speech by Jim Manico - Top 10 Web Security Defense 3.45p.m - Tea Break 4.10p.m - Q&A with the presenter (MyCERT, Jim & OWASP) 4.45p.m - Social Network 5.00p.m - Dismiss


 * Required registration at (https://docs.google.com/a/owasp.org/forms/d/1jS_17ppypXiX3fEtScjWimktGy4eBx0EdsyQoJ-H7h0/viewform?pli=1 Click Here])

CyberSecurity Malaysia (Maps)

Facebook Event https://www.facebook.com/events/575425859134709/

Title: Top Ten Web Security Defenses

We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Citigroup, PBS, Sega, Nintendo, Gawker, AT&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and thousands of others have something in common – all have had websites compromised in the last year. No company or industry is immune. Programmers need to learn to build websites differently. This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.



BIO: Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a background as a software developer and architect. Jim is also a global board member for the OWASP foundation. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and the OWASP podcast series.


 * Required

OWASP Meetup Q1 2013
We welcome all the people that have interest to join this mini events and it open to everybody. Meetup with all hacker around Malaysian and Open Discussion with CyberSecurity Malaysia


 * Date : 3 April 2013
 * Avenue: Theater Room, Level 7, Bangunan Sapura@Mines, Seri Kembangan, Selangor
 * Schedule

12.30p.m - Lunch (Provided by CSM) 1.00p.m - Registration 2.00p.m - Opening Speech by CSM VVIP 2.10p.m - Welcome Remark by Mohd Fazli Azran (OWASP Malaysia) 2.20p.m - Speech by MyCERT - Activity Hacking & Report 2012 2.45p.m - Speech by Jim Manico - Top 10 Web Security Defense 3.45p.m - Tea Break 4.10p.m - Q&A with the presenter (MyCERT, Jim & OWASP) 4.45p.m - Social Network 5.00p.m - Dismiss


 * Required registration at (https://docs.google.com/a/owasp.org/forms/d/1jS_17ppypXiX3fEtScjWimktGy4eBx0EdsyQoJ-H7h0/viewform?pli=1 Click Here])

CyberSecurity Malaysia (Maps)

Facebook Event https://www.facebook.com/events/575425859134709/

Title: Top Ten Web Security Defenses

We cannot “firewall” or “patch” our way to secure websites. In the past, security professionals thought firewalls, Secure Sockets Layer (SSL), patching, and privacy policies were enough. Today, however, these methods are outdated and ineffective, as attacks on prominent, well-protected websites are occurring every day. Citigroup, PBS, Sega, Nintendo, Gawker, AT&T, the CIA, the US Senate, NASA, Nasdaq, the NYSE, Zynga, and thousands of others have something in common – all have had websites compromised in the last year. No company or industry is immune. Programmers need to learn to build websites differently. This talk will review the top coding techniques developers need to master in order to build a low-risk, high-security web application.



BIO: Jim Manico is the VP of Security Architecture for WhiteHat Security, a web security firm. He authors and delivers developer security awareness training for WhiteHat Security and has a background as a software developer and architect. Jim is also a global board member for the OWASP foundation. He manages and participates in several OWASP projects, including the OWASP cheat sheet series and the OWASP podcast series.


 * Required

Computer Security Day 2011
We welcome all the people that have interest to join the mini events and it open to everybody. Meetup with all hacker around Malaysian and Open Discussion with CyberSecurity Malaysia


 * Date : 30 November 2011
 * Avenue: Theater Room, Level 7, Bangunan Sapura@Mines, Seri Kembangan, Selangor
 * Schedule

1.00p.m - 2.00p.m  - Registration (Lunch Provided) 2.00p.m - Arrival Lt Col. (R) Prof Dato' Husin Bin Jazri 2.05p.m - Opening Speech by MC 2.10p.m - Doa 2.15p.m - Opening Speech by Mohd Fazli Azran (OWASP Malaysia) 2.20p.m - Introduction by the participant 2.50p.m - Presentation about CSM & activity CSM for 2012-2013 - Corporate Video - MyCERT Introduction by Adli Wahid Vice President Responsive Service CSM Dialogue 3.15p.m - Speech by CEO CyberSecurity Malaysia Lt Col. (R) Prof Dato' Husin Bin Jazri 3.40p.m - Q & A session 4.20p.m - Tea Break and Networking 4.50p.m - Dismiss


 * Required registration at (Click Here)

CyberSecurity Malaysia (Maps)

Facebook Event https://www.facebook.com/events/147779481990578/
 * Required

AMDI-USM OSS Day 2010

 * Date : 23 December 2010 Thurday
 * Time : 8.00a.m - 5.00p.m
 * Avenue : Hotel Seri Malaysia, Kepala Batas, Pulau Pinang Malaysia

AMDI USM OSS DAY will show a variety of interactive mix of activities that consistent with the objective to promote and bring awareness about Open Source Software in general:

Seminar: 9 talks related to the awareness of Open Source will be held consisting of activists, consumers, application developers or experienced specialists who also come from the Open Source industry itself.

Demonstration: as with any conference, AMDI USM OSS DAY will be holding a demonstration open to visitors who present at the event square. The demonstration is consist by activists, community and society where will provide an opportunity for visitors to know and see more closely what is open source and proprietary technology. We also promote activities in the demonstration area to enliven the program.

To register please click at here AMDI-USM (AMDI-USM OSS Day 2010)

OWASP 4th Meeting Malaysia Chapter

 * Date : 23 November 2010 Tuesday
 * Time : 2.00p.m - 5.00p.m
 * Avenue : Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia, Level 7, SAPURA@MINES, Jln Tasik, Mines Resort City, Seri Kembangan, Selangor


 * Agenda

2.00 : Arrival participant 2.10 : Offensive Security - Muhammad Muslim Mansor 3.40 : Web Application Firewalls: What are we really getting into? - Alex Tan 5.10 : Refreshment


 * Web : www.owasp.my
 * Twitter : @owaspmy #owaspmy
 * Facebook : http://www.facebook.com/OWASP.Malaysia to RSVP

OWASP 3rd Meeting Malaysia Chapter

 * Date : 19 October 2010 Tuesday
 * Time : 2.00p.m - 5.00p.m
 * Avenue : Malaysian Computer Emergency Response Team (MyCERT), CyberSecurity Malaysia, Level 7, SAPURA@MINES, Jln Tasik, Mines Resort City, Seri Kembangan, Selangor


 * Agenda

2.00 : Arrival participant 3.00 : Opening Speech 3.05 : Brian Ritchie - Topic TBA 4.05 : Adnan Mohd Syukor - Topic TBA 5.05 : Refreshment


 * Web : www.owasp.my
 * Twitter : @owaspmy #owaspmy
 * Facebook : http://www.facebook.com/OWASP.Malaysia to RSVP

OWASP 2nd Meeting Malaysia Chapter

 * Date : 15 May 2010 Saturday
 * Time : 3.00p.m - 5.00p.m
 * Avenue : City University College Of Science Technology (CUCST)

Map: City University

Topic :

1) Outbound Monitoring - the Forgotten Child in Infosec (1 hour)     2) Introduction to the new and highly lethal HTTP DDOS attack technique.(1 hour)

Registration Fee : FOC

Parking Fee : FOC (More Parking)

Registration : http://www.facebook.com/event.php?eid=123844360964411&amp;index=1

Speaker : Wong Onn Chee Background :

Wong Onn Chee : Chief Tehnology Office, Resolvo System, Singapore



Onn Chee is currently working as the Chief Technology Officer in Resolvo Systems, a leading information leakage expert in Asia. He has led numerous large-scale projects, primarily in the government and defence sectors. His areas of expertise include information leakage protection, web security and security strategy. Onn Chee is a founding member and the first Vice-President of the Information Systems Security Association (ISSA), Singapore Chapter, the largest international, not-for-profit association for security professionals. He was also a former member of the Center of Internet Security (US) which provides well-recognised security benchmarks for various systems which are commonly used by US Federal Government and private organisations. Onn Chee is also the current Singapore chapter lead of Open Web Application Security Project (OWASP) which publishes the widely respected OWASP Top 10 web vulnerabilities. Other than being a information security professional, Onn Chee is also trained in BS 7799/ISO 17799, ISO 9000 and ITIL. He is also a certified Project Management Professional (PMP) and certified PRINCE2 Practitioner. In 2007, Onn Chee was appointed as the President of International Association of Software Architect (IASA), Singapore Chapter.

For more detail please contact: Mobile : 013-2048672 Email : fazli@owasp.org

OWASP 1st Official Meeting Malaysia Chapter

 * Date : 31 March 2010 Wednesday
 * Time : 2.30p.m - 5.00p.m
 * Avenue : CyberSecurity Malaysia (Sapura Building), Level 7, Jln Tasik, Mines Resort City, Seri Kembangan, Selangor


 * Agenda

2.30 : Arrival participant 3.00 : Opening Speech 3.15 : Introduction of OWASP 3.30 : Introduction of CyberSecurity Malaysia, Summary Report and Incident of Web in Malaysia 4.00 : Meeting Start - Chair Meeting : OWASP Malaysia Chapter Leader :                Comittee Members - CyberSecurity Malaysia, MySecurity Community


 * OWASP Board Of Members election.

BOM - University Representative BOM - Government Representative BOM - Community Representative BOM - Security Professional Representative BOM - Private Sector Representative


 * OWASP activities

1) Workshop 2) Events


 * Register Here : It FOC this is meeting not Workshop/Training/Seminar

http://www.facebook.com/event.php?eid=357732261091&amp;index=1

=Conference=

OWASP Day KL 2011 (OWASP Day KL 2011) 20-21 September 2011
=Supporter=

Community
=Sponsors=