BASC 2024 is happening on April 6th at 5 Wayside Rd, Burlington, MA. For more information on the conference and sponsorship opportunities, please visit our website https://www.basconf.org/.

Please submit your information using this form. The deadline for submissions is February 14th, and we will get back to you no later than March 1st on whether or not your talk has been accepted. 

We are looking for workshops 2 and half hour long. Our focus is on application security, and all the work that goes into securing software. Talks on tooling, security champions, bugs, or even secure language features are all welcomed. 

Please note all accepted workshop conductors will have to agree to the OWASP speaker agreement, https://owasp.org/www-policy/legal/speaker-agreement, and as a local conference we do not cover transportation or other expenses.

Potential workshop topics include the following:

• Generative Artificial Intelligence (GenAI, LLM, etc.)
• Automation/AI Driven Automation Offensive and Defensive
• Software Bill of Materials (SBoM)
• Supply Chain Security (devices and applications)
• Zero Trust
• Identity-based Security (authentication and authorization, federated access)
• OWASP Projects
• OWASP Global Objectives
• Threat Intelligence
• Application Security Testing/Pentesting/Exploits
• Threat Modeling
• Application Privacy Compliance Requirements
• Vehicle Security

While choosing a topic keep in mind our target audience 

• Computer Science/Information Security Students
• Application Security professionals (junior-architect)
• Developers (junior-architect/principal)
• General cybersecurity/information security professionals (engineers/architects)

BASC 2024 is happening on April 6th at 5 Wayside Rd, Burlington, MA. For more information on the conference and sponsorship opportunities, please visit our website https://www.basconf.org/.

Please submit your information using this form. The deadline for submissions is February 14th, and we will get back to you no later than March 1st on whether or not your talk has been accepted. 

We are looking for talks either 20 minutes or 45 minutes long plus time for Q&A. Our focus is on application security, and all the work that goes into securing software. Talks on tooling, security champions, bugs, or even secure language features are all welcomed. 

Both new speakers and experienced presenters are welcome to submit. If you're new to application security, you probably have a new perspective and we encourage first time presenters to submit presentations.

Please note all accepted speakers will have to agree to the OWASP speaker agreement, https://owasp.org/www-policy/legal/speaker-agreement, and as a local conference we do not cover transportation or other expenses.

Potential talk topics include the following:

• Generative Artificial Intelligence (GenAI, LLM, etc.)
• Automation/AI Driven Automation Offensive and Defensive
• Software Bill of Materials (SBoM)
• Supply Chain Security (devices and applications)
• Zero Trust
• Identity-based Security (authentication and authorization, federated access)
• OWASP Projects
• OWASP Global Objectives
• Threat Intelligence
• Application Security Testing/Pentesting/Exploits
• Threat Modeling
• Application Privacy Compliance Requirements
• Vehicle Security

While choosing a topic keep in mind our target audience 

• Computer Science/Information Security Students
• Application Security professionals (junior-architect)
• Developers (junior-architect/principal)
• General cybersecurity/information security professionals (engineers/architects)

INTRODUCTION

Application Security leaders, software engineers, and researchers from all over the world gather at Global AppSec conferences to drive visibility and evolution in the safety and security of the world’s software, as well as to network, collaborate, and share the newest innovations in the field. The training will take place on June 24-26, 2024, at the Lisbon Congress Centre.

CALL FOR TRAINERS (CfT) & SUBMISSION  

The Program Team is formally issuing a call for Trainers, opening December 8, 2023.

As with previous Global AppSec events, we would like to run a number of different training courses of varying lengths over several days surrounding the conference.

Trainers can apply to give 1, 2 or 3-day classes. Trainers are allowed to make multiple applications, one application per class. The training audience will include developers interested in security as well as security professionals. We will select only the best submission.

We are looking for training courses at all levels, from someone new to the application security field to advanced topics for experienced professionals. However, all training submissions should focus on practical skills which are immediately applicable to an attendee’s job and have a significant hands-on element with tasks and exercises for attendees to attempt during the training. Our main priority for selecting trainings for this event is useful, practical information that will be valuable for our target audience. Even if this training has been offered before, as long as there is fresh and up to date content. 

REVIEW PROCESS

IMPORTANT DATES:

CfT Opens December 8, 2023

CfT Closes January 23, 2024

Notification of submitters Week of March 11, 2024

Program announced the week of Week of March 18, 2024

REVIEW CONSIDERATIONS

The Program Team will review your submission based on a descriptive abstract and detailed outline of your class.  Including additional classroom materials will be helpful in our evaluation.

Please review your proposal thoroughly, as all accepted abstracts and bios will be published on our site as submitted.

Examples of topics include, but are not limited to the following.  We encourage innovation!
 

• Secure development: frameworks, best practices, secure coding, methods, processes, SDLC
• Integrating Security into DevOps or SRE
• Vulnerability analysis: code review, pentest, static analysis
• Threat modeling
• AI
• Mobile security
• Cloud and serverless security
• Kubernetes and Container security
• OWASP tools or projects in practice
• New technologies, paradigms, tools
• Operations and software security
• Other topics but with an emphasis on Application Security: Business Risks, Outsourcing/Offshoring, Awareness Programs, Project Management

Training should:

Be Aimed at a Specific Audience - OWASP has a diverse audience that consists of novice to advanced level practitioners in different fields. Your content should be developed to clearly connect with a specific audience.

Not be a Marketing Pitch - Submissions that double as marketing or include sales pitches within the training will not be accepted.

Have a Clearly Written Abstract - Your Abstract is the only long-form marketing for your specific talk to our audience. It should be written so attendees can clearly understand what you will be discussing and what they will get out of your class.

Have a Detailed Outline - Detailed description of how you are structuring the course. Walk the reviewer through the training. Please try to be as detailed as possible, including timing and learning objectives for each module.

Be Clearly Applicable - Classes that prioritize content that attendees will be able to immediately implement preferred.

Include Hands-on training - Hands-on labs which allow attendees to connect meaningfully with content are preferred.

Demonstrate the Expertise of Trainer(s) - The submission should highlight the experience of the trainer(s) in the subject of training and in delivering professional training.

Terms

All trainers will be required to submit a trainer agreement.

The following conditions apply to those who want to provide conference training.

Trainer provides:

• Class syllabus/training materials.
• Covers travel for the instructor(s) and all course materials for students.
• Promotion of training on all available media eg. Twitter, Linkedin

OWASP provides: 

•  Venue
• Catering 
• Registration logistics 
• Basic wireless internet access (if you need additional technical arrangements, it is important to let us know)

Trainer profit-share:
 

1. Virtual Trainers As a trainer of a Virtual AppSec Days event, I am eligible to share 40% of net revenue up to $7,500 USD and 50% of net revenues above $7,500 USD. I must provide appropriate taxing authority documentation as needed for final payment, such as a W-9 in the United States. I will be granted a complimentary pass to the Virtual AppSec Days event. I will not be reimbursed for any expenses incurred to deliver sessions for the Company’s Conference. For other virtual events, I am eligible according to the terms in the Call for Trainers.
2. In-person Trainers For Global AppSec events, I am eligible to share 40% of net revenue up to $10,000 USD and 50% of net revenues above $10,000 USD. I may ask to be included in the OWASP Foundation’s discounted hotel block booking, subject to availability and at my own cost. I will be granted a complimentary pass to the Global AppSec. I must provide appropriate taxing authority documentation as needed for final payment, such as a W-9 in the United States. I understand that I will not be reimbursed for any travel expenses such as airfare, accommodation, or any other daily expenses incurred while attending the Company’s Event for which I am a Presenter. For other events, I am eligible according to the terms in the Call for Trainers.
3. Should in-person or hybrid training take place, OWASP will revise training agreements for selected trainers and address compensation based on the needs of the program. 

All personal data collected during the submission process will be only for contacting submitters regarding their submission and will not be used for marketing or commercial purposes. All data collected will be deleted once the selection process is complete.