This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Front Range OWASP Conference 2013/CFP"

From OWASP
Jump to: navigation, search
m
 
(12 intermediate revisions by 2 users not shown)
Line 1: Line 1:
 
====Call for Presentations====
 
====Call for Presentations====
  
Conference organizers are [http://owasp.aerstone.com/cfp actively seeking presentations] relating to the following topics. Please forward this site to all interested practitioners and colleagues.
+
Please direct all interested practitioners and colleagues to this site.
  
 +
==Submission process==
 +
Potential speakers may submit abstracts of proposed presentations [https://owasp.aerstone.com/cfp here].
 +
 +
Abstracts will be formatted automatically during the submission process. However, all uploaded materials must adhere to the following requirements:
 +
*Only Microsoft Word documents, PDFs, rich-text format documents, and text files will be reviewed.
 +
*Author names, affiliations, email addresses, and other personally-identifiable information must be stripped from the uploaded document.
 +
*All presentations must be titled. Titles should appear at the top of the page.
 +
*The overview of the proposed presentation should not exceed 300 words.
 +
 +
Presenters will be allotted 45-minute time slots. One abstract must be submitted for each presentation considered. All abstracts must be written in English.
  
==Tracks and topics==
+
 
 +
==Evaluation process==
 +
The following criteria will determine abstract rankings:
 +
*Applicability to the requested topics (see below)
 +
*Relevance to web application development and operations
 +
*Relevance to the cyber security industry at large
 +
*Relevance to the OWASP Foundation
 +
*Strength of presentation (as determined by the review committee)
 +
*Timeliness of submission
 +
 
 +
Submitted abstracts will be assessed by selected members of the Colorado OWASP chapters. All reviews will be blind and author information will not be visible to reviewers.
 +
 
 +
 
 +
==Dates and deadlines==
 +
Abstract collection will begin January 14th and continue until all speaking slots are filled. Evaluations will occur on a rolling schedule with selected papers announced each Monday, beginning on February 11th. Although the rolling format extends the submission period significantly, potential speakers are advised to submit as early as possible in order to maximize chances for selection.
 +
 
 +
Final presentations of accepted abstracts must be submitted for review by March 17th. Templates and other presentation formatting constraints will be made available to selected speakers directly.
 +
 
 +
'''Phase 1: Jan 14 - Feb 11'''
 +
<br />Jan 14 - Feb 03: Submission period
 +
<br />Feb 04 - Feb 10: Evaluation period
 +
<br />Feb 11: Selected papers announcement
 +
 
 +
'''Phase 2: Feb 04 - Feb 18 (''as needed'')'''
 +
<br />Feb 04 - Feb 10: Submission period
 +
<br />Feb 11 - Feb 17: Evaluation period
 +
<br />Feb 18: Selected papers announcement
 +
 
 +
'''Phase 3: Feb 11 - Feb 25 (''as needed'')'''
 +
<br />Jan 11 - Feb 17: Submission period
 +
<br />Feb 18 - Feb 24: Evaluation period
 +
<br />Feb 25: Selected papers announcement
 +
 
 +
'''Phase 4: Feb 18 - Mar 04 (''as needed'')'''
 +
<br />Feb 18 - Feb 24: Submission period
 +
<br />Feb 25 - Mar 03: Evaluation period
 +
<br />Mar 04: Selected papers announcement
 +
 
 +
'''Presentation evaluation'''
 +
<br />Mar 17: Final draft presentations due
 +
<br />Mar 18 - Mar 25: Committee final review
 +
<br />Mar 28, 2013: SnowFROC proceedings
 +
 
 +
 
 +
==Legalities==
 +
All speakers must agree with and abide by the [[Speaker_Agreement|OWASP Speaker Agreement v2.0]].
 +
 
 +
'''Anyone who cannot or will not abide by these terms will not be permitted to present at the conference.'''
 +
 
 +
In addition, presenters must agree to allow use of abstract titles, text, speaker names, and bios for conference promotion.
 +
With speaker consent, presentation materials will be distributed to conference attendees and will be recorded and archived for future reference.
 +
 
 +
 
 +
==Preferred topics==
 
The following topics will be prioritized during the selection process.
 
The following topics will be prioritized during the selection process.
  
 
====High-level technical track====
 
====High-level technical track====
 +
*Web application security testing, especially targeting large and complex enterprise applications
 +
*Mobile device security
 
*Cloud security
 
*Cloud security
**How cloud hosting changes the security model
+
**Impacts on the security model
 
**Implementation of security controls
 
**Implementation of security controls
*Web application security testing, especially targeting large and complex enterprise applications
 
 
*OWASP tools and projects
 
*OWASP tools and projects
 
**New and proposed projects
 
**New and proposed projects
Line 17: Line 81:
  
 
====Deep-dive technical track====
 
====Deep-dive technical track====
*Encryption across an n-tiered web application stack
 
*Auditing web application mash-ups
 
 
*Technology-specific presentations (HTML5, AJAX, etc.)
 
*Technology-specific presentations (HTML5, AJAX, etc.)
 
*Secure coding for web applications
 
*Secure coding for web applications
 
*Static code analysis
 
*Static code analysis
 
*Hands-on countermeasures
 
*Hands-on countermeasures
 +
*Encryption across an n-tiered web application stack
 +
*Auditing web application mash-ups
  
 
====Management track====
 
====Management track====
*Web application security management: focused on a managerial view of web application security with a special focus on scope, boundaries, responsibilities, and legal considerations
+
*Web application security management (scope, boundaries, responsibilities, legal considerations, etc.)
 
*Emerging threats
 
*Emerging threats
*Planning and managing secure software development lifecycles
+
*Planning and managing secure software development life cycles
*Metrics for application security
+
*Metrics for managing application security
 
*Business risks associated with application security
 
*Business risks associated with application security
  
 
====Legal track====
 
====Legal track====
*Liability considerations related to web application security
+
*Liability related to web application security
*Data ownership and privacy within the cloud
+
*Data ownership and privacy laws within the cloud
*Cybersecurity legislation
+
*Cyber security and privacy legislation and regulation
 
+
*Electronic discovery considerations, both traditional and in the cloud
 
+
*Cyber security considerations related to law enforcement
==Submission process==
+
*Data disclosure liability
One abstract must be submitted for each presentation considered. Abstracts must be written in English, should not exceed 300 words, and should be uploaded [http://owasp.aerstone.com/cfp here].
 
 
 
'''Abstract format'''
 
<br />The submission website will automatically format abstracts during the submission process. Uploaded content, however, must adhere to the following requirements:
 
*Only Microsoft Word documents, PDFs, rich-text format documents, and text files will be reviewed.
 
*Author names, affiliations, email addresses, and other personally-identifiable information must be stripped from the uploaded document.
 
*All presentations must be titled. Titles should appear at the top of the page.
 
*The overview of the proposed presentation should not exceed 300 words.
 
 
 
 
 
==Evaluation process==
 
Submitted abstracts will be assessed by selected members of the Colorado OWASP chapters. All reviews will be blind and reviewers will not have visibility to author information. The following criteria will determine abstract rankings:
 
*Applicability to the requested topics
 
*Applicability to the conference theme
 
*OWASP relevance
 
*Industry relevance (web application development and operations, general cybersecurity, etc.)
 
*Timeliness of submission
 
*Strength of presentation (as determined by the review committee)
 
 
 
 
 
==Dates and deadlines==
 
Abstract collection will occur between January 5th through February 10th, 2013.
 
Initial presentation selections will be announced by February 17th, and a continuing collection may occur as needed until all tracks are filled.
 
 
 
Final presentations of accepted abstracts must be submitted for review by March 14th, 2013. All presentations will be delivered during conference proceedings on March 28th, 2013.
 
 
 
 
 
==Legalities==
 
All speakers must agree with and abide by the [[Speaker_Agreement|OWASP Speaker Agreement v2.0]].
 
====Anyone who cannot or will not abide by these terms will not be permitted to present at the conference.====
 
 
 
In addition, presenters must agree to allow use of abstract titles, text, and speaker names and bios for conference promotion.
 
With speaker consent, presentation materials will be distributed to conference attendees and will be archived for future reference.
 
With speaker consent, presentations will be recorded and archived.
 

Latest revision as of 21:55, 1 March 2013

Call for Presentations

Please direct all interested practitioners and colleagues to this site.

Submission process

Potential speakers may submit abstracts of proposed presentations here.

Abstracts will be formatted automatically during the submission process. However, all uploaded materials must adhere to the following requirements:

  • Only Microsoft Word documents, PDFs, rich-text format documents, and text files will be reviewed.
  • Author names, affiliations, email addresses, and other personally-identifiable information must be stripped from the uploaded document.
  • All presentations must be titled. Titles should appear at the top of the page.
  • The overview of the proposed presentation should not exceed 300 words.

Presenters will be allotted 45-minute time slots. One abstract must be submitted for each presentation considered. All abstracts must be written in English.


Evaluation process

The following criteria will determine abstract rankings:

  • Applicability to the requested topics (see below)
  • Relevance to web application development and operations
  • Relevance to the cyber security industry at large
  • Relevance to the OWASP Foundation
  • Strength of presentation (as determined by the review committee)
  • Timeliness of submission

Submitted abstracts will be assessed by selected members of the Colorado OWASP chapters. All reviews will be blind and author information will not be visible to reviewers.


Dates and deadlines

Abstract collection will begin January 14th and continue until all speaking slots are filled. Evaluations will occur on a rolling schedule with selected papers announced each Monday, beginning on February 11th. Although the rolling format extends the submission period significantly, potential speakers are advised to submit as early as possible in order to maximize chances for selection.

Final presentations of accepted abstracts must be submitted for review by March 17th. Templates and other presentation formatting constraints will be made available to selected speakers directly.

Phase 1: Jan 14 - Feb 11
Jan 14 - Feb 03: Submission period
Feb 04 - Feb 10: Evaluation period
Feb 11: Selected papers announcement

Phase 2: Feb 04 - Feb 18 (as needed)
Feb 04 - Feb 10: Submission period
Feb 11 - Feb 17: Evaluation period
Feb 18: Selected papers announcement

Phase 3: Feb 11 - Feb 25 (as needed)
Jan 11 - Feb 17: Submission period
Feb 18 - Feb 24: Evaluation period
Feb 25: Selected papers announcement

Phase 4: Feb 18 - Mar 04 (as needed)
Feb 18 - Feb 24: Submission period
Feb 25 - Mar 03: Evaluation period
Mar 04: Selected papers announcement

Presentation evaluation
Mar 17: Final draft presentations due
Mar 18 - Mar 25: Committee final review
Mar 28, 2013: SnowFROC proceedings


Legalities

All speakers must agree with and abide by the OWASP Speaker Agreement v2.0.

Anyone who cannot or will not abide by these terms will not be permitted to present at the conference.

In addition, presenters must agree to allow use of abstract titles, text, speaker names, and bios for conference promotion. With speaker consent, presentation materials will be distributed to conference attendees and will be recorded and archived for future reference.


Preferred topics

The following topics will be prioritized during the selection process.

High-level technical track

  • Web application security testing, especially targeting large and complex enterprise applications
  • Mobile device security
  • Cloud security
    • Impacts on the security model
    • Implementation of security controls
  • OWASP tools and projects
    • New and proposed projects
    • Development and status of existing projects

Deep-dive technical track

  • Technology-specific presentations (HTML5, AJAX, etc.)
  • Secure coding for web applications
  • Static code analysis
  • Hands-on countermeasures
  • Encryption across an n-tiered web application stack
  • Auditing web application mash-ups

Management track

  • Web application security management (scope, boundaries, responsibilities, legal considerations, etc.)
  • Emerging threats
  • Planning and managing secure software development life cycles
  • Metrics for managing application security
  • Business risks associated with application security

Legal track

  • Liability related to web application security
  • Data ownership and privacy laws within the cloud
  • Cyber security and privacy legislation and regulation
  • Electronic discovery considerations, both traditional and in the cloud
  • Cyber security considerations related to law enforcement
  • Data disclosure liability
Retrieved from "https://wiki.owasp.org/index.php?title=Front_Range_OWASP_Conference_2013/CFP&oldid=146327"