OWASP is an open community dedicated to enabling organizations to conceive, develop, acquire, operate, and maintain applications that can be trusted. All of the OWASP tools, documents, forums, and chapters are free and open to anyone interested in improving application security.

OWASP is completely vendor neutral and does not endorse or certify any company, service, or product. All presentations, training, and talks performed for OWASP are required to meet this standard.


Use this form to submit your proposed talk for LASCON.  The CFP will close on June 30, 2019. Submissions will be reviewed and you will be contacted via the email address you provide on the form. We will announce all presentation selections by July 31, 2019.  

Selected speakers will …

Use this form to submit your proposed training for LASCON.  The CFT will close on June 30, 2019. Submissions will be reviewed and you will be contacted via the email address you provide on the form. We will announce all training selections by July 31, 2019.  

Please know that due to space considerations we can only select a limited number of training workshops.

Selected trainers will …

Web applications leaders, software engineers, and researchers from all over the world gather at Global AppSec conferences to drive visibility and evolution in the safety and security of the world’s software. The conference will be held September 26 and 27 in Amsterdam.  Hands on training will be offered September 23, 24, and 25.  
 


IMPORTANT DATES:
CfP Opens May 27, 2019
Review committee Announced June 7, 2019
CfP Closes June 30, 2019
Notification of submitters July 31, 2019
Program announced  August 15, 2019


 EXAMPLES OF PREVIOUS TALKS:
 

  • Our Journey for Rolling out MFA
  • Building a TLS Service
  • Auth Plugins
  • Open Source Security Building Blocks
  • Scaling Security /Incident Response: Account Takeover
  • Scaling Security /Incident Response:Fraud
  • Data Driven Security
  • Enabling the User to be Secure by Default
  • Enabling Developers to remain Secure Throughout the SDLC
  • Bringing Teams up to Speed in DevSecOPs Environments
  • How Does Your Org Enable the Next Generation of Security Research

 Of course we love surprises so if your talk falls outside of the examples given, feel free to submit!

REVIEW COMMITTEE
TBD

REVIEW POLICIES
The program committee will review your submission based on a descriptive abstract and detailed outline of your presentation. Please review your proposal thoroughly as accepted abstracts and bios will be published on our site as submitted.

Successful applications will:
 

  • Take audience into account, OWASP has a diverse audience with more than half of the audience consisting of mid career security professionals and the remainder consisting of developers and entry level or advanced security professionals. While our Audience does cover Builders, Breakers, and Defenders, OWASP tends towards defenders. 
  • Remember that well-trod concepts should advance the topic, address the content from a new angle, or introduce new applications for the content. We are not adverse to accepting talks that have been presented elsewhere first, but we do ask that you share if your talk has been previously presented. 
  • Be well written. Your Abstract is the only long-form marketing for your specific talk to our audience. It should be written so that attendees can clearly understand what you will be discussing and what they will get out of your talk. Your detailed outline is your chance to sway our judges. Write this as thoroughly as possible so that the committee understands all you bring to the table.
  • Be applicable. While there is a place for talks about the distant future, talks which will allow the audience to immediately implement or share concepts, changes, or processes with colleagues are more interesting to our judges and audience and will comprise the majority of accepted presentations. 
  • Conform to the blind protocol. Submissions that identify the author will automatically be disqualified. Please leave your name out of any materials or fields not directly requesting this information.

 

TERMS
You must fill out and agree to the OWASP Speaker Agreement. OWASP values vendor neutrality. You must use the OWASP presentation template and you’re not allowed to place marketing pitches in your slides. All presentation slides will be published on the conference website after the conference. Please make sure that any pictures and other materials in your slides don’t violate any copyrights. You are solely liable for copyright violations. You may choose any CC license for your slides, including CC0. OWASP does suggest open licenses.

The Global AppSec conference in Amsterdam is a premier venue for web applications leaders, software engineers, researchers, and visionaries from all over the world. This year the conference will be September 23-27 to share and discuss innovation and advancements in the security industry.


IMPORTANT DATES:
CfP Opens May 27, 2019
Review committee Announced June 7, 2019
CfP Closes June 30, 2019
Notification of submitters July 31, 2019
Program announced  August 15, 2019

TOPICS
We are especially interested in “the next”, cutting edge research in the context of web applications, secure development, security management and privacy. Our goal is to give both academic researchers and industry practitioners the possibility to share their latest findings with the rest of the community, including coverage via our media channels.

Topics of interest include, but are not limited to the following:
 

  • Novel web vulnerabilities and countermeasures
  • New technologies, paradigms, tools
  • OWASP tools or projects in practice
  • Secure development: frameworks, best practices, secure coding, methods, processes, SDLC
  • Browser security
  • Mobile security and security for the mobile web
  • Cloud security
  • REST/SOAP security
  • Security of frameworks
  • Effects of UX on security
  • Large-scale security assessments of web applications and services
  • Privacy risks in the web and the cloud
  • Management topics in Application Security: Business Risks, Awareness Programs, Project Management, Managing SDLC

 To ensure that the best training courses are available, OWASP reads all submissions blind.

You are welcome to apply with a training course you have given before but you must note where and when the training occurred.


SUBMISSION
The program committee will review your submission based on a descriptive abstract of your intended training. Feel free to attach a preliminary version of your training if available, or any other supporting materials. Keep in mind: the better your description is, the more accurate our review will be. Please review your proposal thoroughly as accepted abstracts and bios will be published on our site as submitted. If your training is accepted for inclusion in the conference program, you are free to submit a white paper describing your work, which will be added to the website.


TERMS
By your submission you agree to the OWASP Speaker Agreement
OWASP values vendor neutrality. You must use the OWASP presentation template and you’re not allowed to place marketing pitches in your slides. All presentation slides will be published on the conference website after the conference. Please make sure that any pictures and other materials in your slides don’t violate any copyrights. You are solely liable for copyright violations. You may choose any CC license for your slides, including CC0. OWASP does suggest open licenses.

OWASP Foundation