BASC 2019 Call For Papers

Submit Your Proposal
Please use this form to submit your proposal for a presentation.

Please use this form to submit your proposal for a workshop.

Deadline for proposals: Midnight on August 25, 2019

Conference date: October 19, 2019

About BASC
The OWASP Boston chapter would like to announce a call for papers and free workshops for the Boston Application Security Conference. This our 9th annual conference.

The OWASP BASC (Boston Application Security Conference) will be a free*, one day, informal conference, aimed at increasing awareness and knowledge of application security in the greater Boston area. While many of the presentations will cover state-of-the-art application security concepts, the BASC is intended to appeal to a wide range of attendees. Application security professionals, professional software developers, software quality engineers, computer science students, and security software vendors will come to the BASC to learn, interact and hopefully enjoy themselves at the same time. We encourage local students, security professionals and academics to present papers as a way to gain exposure and experience in presenting at security conferences. *Note that some workshops or training may require a fee.

We expect over 200 attendees this year. Publicity includes the OWASP Boston wiki site (run by OWASP Foundation), OWASP Boston Meetup, OWASP Boston Linkedin group, OWASP Boston mailing list, Eventbrite and Twitter.

Past conference presentations
2018 BASC Presentations &middot; 2017 BASC Presentations  &middot;2016 BASC Presentations  &middot; 2015 BASC Presentations &middot; 2014 BASC Presentations &middot; 2012 BASC Presentations &middot; 2011 BASC Presentations &middot; 2010 BASC Presentations

Guidelines
Last year, there were two tracks:

Track 1 - Basic/Current Application Security

Track 2 - Information Security/Frameworks/Professional Development

Each presentation will be 45 minutes.

We attract both people who are new to application security as well as people who are experienced in application security.

We encourage first time presenters: students, researchers, working application security folks etc. to submit presentations.

Some Suggested Topics

 * Mobile app security, forensics


 * Javascript servers, apps, frameworks: Node.js, Angular


 * Language Framework (in)security – Hibernate, Grails, Ruby etc.


 * Security for NFC, Bluetooth LE apps


 * Google Glass app security


 * OWASP ESAPI


 * Measurable security - advanced threat modelling


 * Web API security REST, JSON


 * Application Architecture security


 * Web security testing in a DevOps organization


 * Building web app security expertise in engineering teams


 * Conducting lightweight threat modeling


 * Vulnerability Management - Process & Tools


 * Developing your own web app security development standard


 * Security test automation with OWASP ZAP and Zest scripting language


 * Authentication & Enterprise Web Applications (incl. Federation, 2 Factor Auth, SSO)


 * Open Source Identity Management


 * Open Source Static Analysis


 * Security Unit testing with Selenium


 * Effective static code analysis tools

Submit
Please see above for links.

Deadline for proposals: August 25, 2019

If you have any questions, please email [mailto:boston-leaders@owasp.org boston-leaders@owasp.org].