Jump to: navigation, search

OWASP NYC AppSec 2008 Call for Papers

Topics of interest

As there a limited number of available presentations please email your proposed presentation ideas to: tomb 'at' Simply send and email with your idea and a short paragraph or two on what you propose to present on.

Topics of interest include, but are not limited to:

  • OWASP Project Presentation (i.e Tool Updates/Project Status etc)
  • Business Risk from Applications
  • Privacy Concerns with Applications and Data Storage
  • Baseline or Metrics for Application Security
  • Web application security
  • Secure application development
  • Security of Service Oriented Architectures
  • Threat modeling of web applications
  • Vulnerability analysis of web applications (code review, pentest, static analysis, scanning)
  • Countermeasures for web application vulnerabilities
  • Platform or language (e.g. Java, .NET) security features that help secure web applications
  • How to use databases securely in web applications
  • Access control in web applications
  • Browser security
  • Web services security
  • Something that you have found that is broken

Q. What are the submission dates?

A.Closing date for presentation ideas is April 1th 2008, with presentation material due June 1st 2008.

Q: Who is allowed to submit presentations?

A: Original authors of presentations may submit presentations for consideration. Third party representatives such as PR firms or Speaker Representatives MAY NOT submit materials on behalf of a potential speaker.

Q: Why aren't Third Parties such as PR Firms allowed to submit presentations?

A: Due to potential copyright and intellectual property liability issues as well as the need for OWASP to have direct contact with potential and selected presenters to expedite selection and deliverable materials, we require that only original authors of presentations submit for the Call for Papers. Third party representatives such as PR firms or Speaker Representatives MAY NOT submit materials on behalf of a potential speaker.

Q: How long will I have to wait before I am notified if I have been accepted or denied?

A: Submitters are notified of the status (acceptance or denial) within 10 business days after the close of the Call for Papers.

Q: I have been accepted. What are the materials that I have to turn in and what are the deadlines?

A: The following is a list of materials that are required from each accepted presentation. Failure to procide these materials by the deadlines set forth for the event the presentation was accepted for will result in either forfeiture of the honorarium or rescindment of acceptance.

   * Presentation in Powerpoint or Keynote format using the OWASP Template
   * White Paper in electronic format (Word, Text, PDF)
   * Detailed Bibliography of resources, co-authors, etc. 

Materials are generally due (30 days) prior to the start of the conference. Specific dates are provided in your Acceptance Letter.

Q: What if I have a co-author who is not presenting. How do I cite the person(s)?

A: All co-authors and works that have been used should be cited in a detailed bibliography that will be published on the Conference CD.

Q: I have been accepted and would like to add co-presenters. Can I still do this?

A: No. Co-presenters should have been added at the time that the Presentation was submitted. They may attend the conference and present if they pay the full conference fee.

Q: My PR company/friends/co-workers/family would like to come see me give my presentation. Will they be allowed in for free?

A: No. All guests of speakers must be registered and paid in full in order to receive admission to the conference.


Q: My company wants to donate and support OWASP as a 501(3)c non-profit in exchange for a 8x10 space and power, what is the cost?

A: Five Thousand ($5000.00) and that includes 2 event badges. There will also be other sponsorship levels avail shortly that will include Platinum, Gold and Silver simply email us for more information.


Q. I have more questions

A: Call 973-202-0122 or email tomb(at) concerning this event.