On the 19th of October, I attended the rawSEC 2022 conference at Putra World Trade Centre (PWTC). The last time this cybersecurity community-based conference was held was in early 2020 right before COVID-19 arrived in Malaysia.
This year’s cybersecurity conference is a little bit different from the rawSEC joint venture with JomLaunch. This event gathers all ICT professionals to meet and geek out about technologies in the community. I was excited to attend this event because the last time I came as a student but this time I am already part of the cybersecurity industry. The event during that day is divided into two parts which are the cybersecurity conference and pocket talk which is more like sharing session. The main topics of this conference for this year are mostly about implementing and enhancing cybersecurity methods in financial technology (FinTech).
The event started with a speech from the founder of rawSEC, Encik Tahrizi Tahreb. He gave a speech about how and why rawSEC is established in Malaysia. It started with a small cybersecurity enthusiasts community that gathers monthly to conduct knowledge sharing among them and somehow grows bigger and bigger every year. The reason this community is established is also to encourage cybersecurity professionals and future talents to met new friends and expand their connections in the cybersecurity industry. There was also an opening speech from our CEO, Dato Dr. Amiruddin Abdul Wahab. Part of his speech was that he wishes that rawSEC can continue to conduct this type of event frequently and become well-known among Malaysian.
Other than that, I also attend the Pocket Talk conducted by Ahmad “Yappare” Ashraff from ZX Security. Yappare is one of the earliest Malaysian bug bounty hunters. He is well known for his penetration testing and vulnerability assessment skills. The sharing session that he conducted is about cross-site scripting (XSS) attacks which are considered his signature attack in bug bounty. It was insightful knowledge received from this cybersecurity expert. I still consider myself a script kiddie (read: newbie to the hacking and bug bounty world) so there’s a lot I need to learn about XSS after attending this talk. Yappare is friendly and approachable so we talk a while regarding the cybersecurity industry and also about one of the events that he currently handles for cybersecurity students.
The final conference talk of the day is a forum titled “Mempertahan, Memperkukuh dan Melestarikan Teknologi Kewangan (Fintech) di Malaysia”. The 4 panelists of the forum are from the Fintech industry and hold the position of CTO or Head of Cyber Security in their respective companies. As I am being honest with myself and to the reader, I have difficulty understanding what is being talked about in front considering that I am a cybersecurity fresh graduate who has just only two months of entering the industry. Maybe one day if I become the CTO of a Fintech company this will be my cup of tea. But for now, I am just happy to be there and hear these cybersecurity professionals talk to each other.
Somehow I also met a few familiar faces that I usually only see their LinkedIn posts sharing cybersecurity tips and tricks. They were friendly and respectful toward each other. The most interesting part is that I can finally meet a few of my CTF friends from different universities. We usually only talk and discuss through Discord and Twitter and are accidentally able to see each other faces physically. We talk a lot about our current job scope and somehow we are all sad about being unable to participate in any physical CTF event anymore as they usually only target university students to join :’)
I believe that CSM staff especially the technical team should attend at least this kind of event once during their working life for the experience. It is important to represent CSM in any kind of public or community event to establish new connections with other cybersecurity professionals in this industry. The most important part is that you can also get many merchandises if you attend this exhibition. See you next year!
