This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

BASC 2019 Call For Papers

Jump to: navigation, search
Home | Agenda | Code of Conduct | Presentations | Workshops | Speakers | Twitter 32.png

Platinum Sponsors

NCC Group Ordr WhiteHat

Gold Sponsors

Auric Checkmarx HackerOne Netsparker Sonatype Tala

Silver Sponsor


Individual Sponsor: Justin Olin

Please help us keep BASC free by viewing and visiting all of our sponsors.

Submit Your Proposal

Please use this form to submit your proposal for a presentation.

Please use this form to submit your proposal for a workshop.

Deadline for proposals: Midnight on August 25, 2019

Conference date: October 19, 2019

About BASC

The OWASP Boston chapter would like to announce a call for papers and free workshops for the Boston Application Security Conference. This our 9th annual conference.

The OWASP BASC (Boston Application Security Conference) will be a free*, one day, informal conference, aimed at increasing awareness and knowledge of application security in the greater Boston area. While many of the presentations will cover state-of-the-art application security concepts, the BASC is intended to appeal to a wide range of attendees. Application security professionals, professional software developers, software quality engineers, computer science students, and security software vendors will come to the BASC to learn, interact and hopefully enjoy themselves at the same time. We encourage local students, security professionals and academics to present papers as a way to gain exposure and experience in presenting at security conferences. *Note that some workshops or training may require a fee.

We expect over 200 attendees this year. Publicity includes the OWASP Boston wiki site (run by OWASP Foundation), OWASP Boston Meetup, OWASP Boston Linkedin group, OWASP Boston mailing list, Eventbrite and Twitter.

Past conference presentations

2018 BASC Presentations · 2017 BASC Presentations ·2016 BASC Presentations · 2015 BASC Presentations · 2014 BASC Presentations · 2012 BASC Presentations · 2011 BASC Presentations · 2010 BASC Presentations


Last year, there were two tracks:

Track 1 - Basic/Current Application Security

Track 2 - Information Security/Frameworks/Professional Development

Each presentation will be 45 minutes.

We attract both people who are new to application security as well as people who are experienced in application security.

We encourage first time presenters: students, researchers, working application security folks etc. to submit presentations.

Some Suggested Topics

  • Mobile app security, forensics
  • Javascript servers, apps, frameworks: Node.js, Angular
  • Language Framework (in)security – Hibernate, Grails, Ruby etc.
  • Security for NFC, Bluetooth LE apps
  • Google Glass app security
  • Measurable security - advanced threat modelling
  • Web API security REST, JSON
  • Application Architecture security
  • Web security testing in a DevOps organization
  • Building web app security expertise in engineering teams
  • Conducting lightweight threat modeling
  • Vulnerability Management - Process & Tools
  • Developing your own web app security development standard
  • Security test automation with OWASP ZAP and Zest scripting language
  • Authentication & Enterprise Web Applications (incl. Federation, 2 Factor Auth, SSO)
  • Open Source Identity Management
  • Open Source Static Analysis
  • Security Unit testing with Selenium
  • Effective static code analysis tools


Please see above for links.

Deadline for proposals: August 25, 2019

If you have any questions, please email [email protected].

You can find out more about this conference at the 2019 BASC Homepage
or by emailing [email protected]
Twitter 32.png