If you like the website, feel free to: Buy Me a Coffee at ko-fi.com

Info! CFPTime is a non-profit organization, community-based. Using CFP Time data (through the site and/or API) is allowed but can't be used for commercial purposes.

Boston Application Security Conference - Workshop Submission

City Burlington, MA
Province -
Country US
Twitter @basconf
Website https://owasp.submittable.com/submit/118366/basc-cfw-boston-application-security-conference-october-27-2018
Code of Conduct Not populated yet
CFP Deadline

Sept. 29, 2018, 11:55 p.m.   

Conference Date

Oct. 27, 2018, 9 a.m.   


The OWASP Boston chapter would like to announce a call for papers and free workshops for the Boston Application Security Conference 2018 on October 27, 2018. This our eighth annual conference.

The OWASP BASC (Boston Application Security Conference) will be a free, one day, informal conference, aimed at increasing awareness and knowledge of application security in the greater Boston area. While many of the presentations will cover state-of-the-art application security concepts, the BASC is intended to appeal to a wide range of attendees. Application security professionals, professional software developers, software quality engineers, computer science students, and security software vendors will come to the BASC to learn, interact and hopefully enjoy themselves at the same time. We encourage local students, security professionals and academics to present papers as a way to gain exposure and experience in presenting at security conferences.

We expect over 200 attendees this year. Publicity includes the OWASP Boston wiki site (run by OWASP Foundation), OWASP Boston Meetup, OWASP Boston Linkedin group, OWASP Boston mailing list, Eventbrite and Twitter.

Last year, there were two tracks:

Track 1 - Basic/Current Application Security

Track 2 - Future / Advanced / New Research in Application security.

Each presentation will be 50 minutes.

We attract both people who are new to application security as well as people who are experienced in application security. We encourage first time presenters: students, researchers, working application security folks etc. to submit presentations.

Some Suggested Topics

Mobile app security, forensics

Javascript servers, apps, frameworks: Node.js, Angular

Language Framework (in)security – Hibernate, Grails, Ruby etc.

Security for NFC, Bluetooth LE apps

Google Glass app security


Measurable security - advanced threat modelling

Web API security REST, JSON

Application Architecture security

Web security testing in a DevOps organization

Building web app security expertise in engineering teams

Conducting lightweight threat modeling

Vulnerability Management - Process & Tools

Developing your own web app security development standard

Security test automation with OWASP ZAP and Zest scripting language

Authentication & Enterprise Web Applications (incl. Federation, 2 Factor Auth, SSO)

Open Source Identity Management

Open Source Static Analysis

Security test automation with OWASP ZAP and Zest scripting language

Security Unit testing with Selenium

Effective static code analysis tools

Speaker benefits

Not populated yet