If you like the website, feel free to: Buy Me a Coffee at ko-fi.com

Info! CFPTime is a non-profit organization, community-based. Using CFP Time data (through the site and/or API) is allowed but can't be used for commercial purposes.

Boston Application Security Conference

City Burlington, MA
Province -
Country US
Twitter @basconf
Website https://owasp.submittable.com/submit/118363/basc-cfp-boston-application-security-conference-october-27-2018
Code of Conduct Not populated yet
CFP Deadline

Sept. 28, 2018, 11:55 p.m.   

Conference Date

Oct. 27, 2018, 9 a.m.   


(If bit.ly does not work, the long CFP link is at: https://www.owasp.org/index.php/BASC_2018_Call_For_Papers )

The OWASP BASC (Boston Application Security Conference) will be a free, one day, informal conference, aimed at increasing awareness and knowledge of application security in the greater Boston area. While many of the presentations will cover state-of-the-art application security concepts, the BASC is intended to appeal to a wide range of attendees. Application security professionals, professional software developers, software quality engineers, computer science students, and security software vendors will come to the BASC to learn, interact and hopefully enjoy themselves at the same time. We encourage local students, security professionals and academics to present papers as a way to gain exposure and experience in presenting at security conferences.

We expect over 200 attendees this year. Publicity includes the OWASP Boston wiki site (run by OWASP Foundation), OWASP Boston Meetup, OWASP Boston Linkedin group, OWASP Boston mailing list, Eventbrite and Twitter.

Some Suggested Topics

Mobile app security, forensics

Javascript servers, apps, frameworks: Node.js, Angular

Language Framework (in)security – Hibernate, Grails, Ruby etc.

Security for NFC, Bluetooth LE apps

Google Glass app security


Measurable security - advanced threat modelling

Web API security REST, JSON

Application Architecture security

Web security testing in a DevOps organization

Building web app security expertise in engineering teams

Conducting lightweight threat modeling

Vulnerability Management - Process & Tools

Developing your own web app security development standard

Security test automation with OWASP ZAP and Zest scripting language

Authentication & Enterprise Web Applications (incl. Federation, 2 Factor Auth, SSO)

Open Source Identity Management

Open Source Static Analysis

Security test automation with OWASP ZAP and Zest scripting language

Security Unit testing with Selenium

Effective static code analysis tools

Speaker benefits

Not populated yet