This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Difference between revisions of "OWASP New Zealand Day 2020"
John dileo (talk | contribs) (→Bootstrap and Improve Your SDLC with OWASP SAMM) |
John dileo (talk | contribs) |
||
(One intermediate revision by the same user not shown) | |||
Line 446: | Line 446: | ||
<td style="background-color: #B9C2DC; text-align: center"><strong>Keeping Up with the Joneses: Security from a Developer's Perspective</strong><br /><em>Toni James - Lateral Security</em></td> | <td style="background-color: #B9C2DC; text-align: center"><strong>Keeping Up with the Joneses: Security from a Developer's Perspective</strong><br /><em>Toni James - Lateral Security</em></td> | ||
<td valign="top" align="right">15:00</td> | <td valign="top" align="right">15:00</td> | ||
− | <td style="background-color: #EEE; text-align: center"><strong>Use OSINT to Keep Up with AWS</strong><br /><em>Oliver (Olly) Ewert | + | <td style="background-color: #EEE; text-align: center"><strong>Use OSINT to Keep Up with AWS</strong><br /><em>Oliver (Olly) Ewert</em></td> |
<td valign="top" align="right">15:00</td> | <td valign="top" align="right">15:00</td> | ||
<td style="background-color: #EEE; text-align: center"> </td> | <td style="background-color: #EEE; text-align: center"> </td> | ||
Line 556: | Line 556: | ||
! scope="row" style="text-align: left;" | Enrolment Limit | ! scope="row" style="text-align: left;" | Enrolment Limit | ||
| style="text-align: center;" | 2<br /><strong>SOLD OUT</strong> | | style="text-align: center;" | 2<br /><strong>SOLD OUT</strong> | ||
− | | style="text-align: center;" | | + | | style="text-align: center;" | 9<br /><strong>SOLD OUT</strong> |
| style="text-align: center;" | -- | | style="text-align: center;" | -- | ||
| style="text-align: center;" | -- | | style="text-align: center;" | -- |
Latest revision as of 10:30, 6 February 2020
- Introduction
- Training - 19-20 February
- Conference - 21 February
- Call for Volunteers
- Call for Sponsorships
- Diversity Fund
- International Attendees
- Code of Conduct
- Call for Presentations - CLOSED
- Call For Training - CLOSED
Conference and Training Registration are now OPEN.
Visit our Conference Registration and Training Registration sites, to reserve your places.
Introduction
We are proud to announce the eleventh OWASP New Zealand Day conference, to be held at the University of Auckland on Friday, February 21st, 2020. OWASP New Zealand Day is a one-day conference dedicated to information security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.
There will be three streams throughout the day. The first stream will include introductory talks on application and information security topics, as well as on policy, compliance, and risk management. The second stream will primarily address deeper technical topics. The third stream - new for 2020 - will include talks on OWASP Projects and Tools, presented by leaders of and contributors to those projects.
Who is it for?
- Web Developers
- Security Professionals and Enthusiasts
- Program and Project Managers
- Business Analysts
- Requirements Analysts
- Software Testers
Conference structure
Date: Friday, 21 February 2020
Time: 9:00am - 6:30pm
Cost: FREE
The main conference is on Friday, the 21st of February, and will have three streams throughout the day:
Stream One:
- Introductory Topics
- Program Management, Policy, Compliance, Risk Management
Stream Two:
- Technical Topics
Stream Three:
- OWASP Projects and Tools
As a new feature for 2020, we have added a vendor exhibition area in the lower-level lobby. Representatives from each of our Premier Sponsors will be on hand throughout the day, to answer your questions about their products and services. There will be door prize drawings at the Closing Session on Friday. To qualify for the drawings, you will need to visit with each sponsor during the day, and have them stamp your entry card.
Keynote Speaker
We are excited to announce that Jim Manico, founder of Manicode Security and a co-leader of the OWASP Application Security Verification Standard (ASVS), Top Ten Proactive Controls, and Cheat Sheets Projects, will present our opening keynote.
Training
In addition to the main conference on Friday, we are pleased to be offer training opportunities on Wednesday and Thursday, at the same venue. Course details can be found on the Training tab on this site, and you can register for training here.
Training Fees: $1250.00 for two-day sessions; $625.00 for one-day sessions; $325.00 for half-day sessions (plus EventBrite fees)
General
The eleventh OWASP New Zealand Day will be happening thanks to the support provided by the University of Auckland, which will kindly offer the same facilities as those we used in previous years. The main conference will continue to be free, thanks to the generous support of our sponsors.
For any comments, feedback or observations, please don't hesitate to contact us.
Registration
Registration opened on 15 December 2019.
To register for the main conference, visit the OWASP NZ Day 2020 Registration Site on EventBrite.
Registration for Pre-Conference training is now open, and will close on 12 February, or when all seats are sold. To reserve training seats for you and your team, visit the OWASP NZ Day 2020 Pre-Conference Training Registration Site on EventBrite. For more information on the training classes offered, click the Training tab above.
Please join our low volume Google Groups mailing list to be notified as further schedule information becomes available, and/or follow us on Twitter @owaspnz.
Important dates
CFP and CFT Opened: | 1st October 2019 |
---|---|
CFP First Round deadline: | 15th November 2019 |
CFT submission deadline: | 30th November 2019 (CFT Closed) |
CFP Second Round deadline: | 15th December 2019 (CFP Closed) |
Registration Opened: | 15th December 2019 |
Training Registration Deadline: | 12th February 2020 |
Pre-Conference Training dates: | 19th - 20th February 2020 |
Conference Day date: | 21st February 2020 |
Conference Registration deadline: | 21st February 2020 (Same-day registration is permitted, if space is available) |
For those of you booking flights, ensure you can be at the venue by 8:30am. The conference will end by 6:30pm. However, we will have post-conference drinks at a local drinking establishment for those interested. We will also hold a special Pre-Conference Reception on Thursday evening for speakers, trainers, sponsors, and conference volunteers - if you are planning to be in one of those groups, plan your travel accordingly.
Places to eat and drink on the day
The University published a handy map (in 2018), to help you find places to eat around campus: File:Retail Map City Campus 2018 v2.pdf
Some of the options available:
- The Deli - Located on Level 1 of the Owen G. Glenn Building - This is closest, but will probably have long lines
- Mojo Symonds - also on campus
- Shakey Isles - coffee and food across the road on the corner of Symonds & Alfred St
- The CBD - walk up and over Albert Park to get to the CBD with many great food options
- Fort Street has burgers, kebabs, and KFC
- High Street & Lorne Street have lots of little cafes and restaurants
- Subway, Starbucks, St. Pierre's Sushi & Pita Pit - walk up Symonds Street
- Vulture’s Lane is a popular pub with the InfoSec crowd, there are more seats downstairs
- The Bluestone Room - also a popular pub just across Queen St
Conference Venue
The University of Auckland School of Business |
Conference Sponsors
For more information on our Premier Sponsors, please visit our About Our Sponsors page
Conference Host
Platinum Sponsors
Gold Sponsors
Silver Sponsors
Follow us on Twitter (@owaspnz)
Training
Training Registration is now open, and closes on Wednesday, 12 February - Visit EventBrite to secure your seats
Team Discounts
If your team is planning to register for five (5) or more seats, across any combination of training classes, please contact John to receive a unique discount code.
We're offering the following discount rates:
- 15%, for five (5) or more total registrations, in a single purchase; or
- 25%, for 10 or more registrations, in a single purchase.
Training Schedule
In addition the main conference on Friday, we are pleased to be offer nine (9) training opportunities on Wednesday and Thursday, at the same venue. Course details are as follows:
Two-Day Class
Building Secure APIs and Web Applications
Dates: Wednesday and Thursday, 19 - 20 February 2020
Time: 8:45 a.m. - 5:30 p.m. each day
Instructors: Jim Manico and Georgia Weidman
Instructors' Organisations: Manicode Security,Shevirah, Inc.
Jim's OWASP Affiliations: Co-Leader, OWASP Application Security Verification Standard (ASVS) Project and OWASP Proactive Controls Project
Registration Fee: $1,250.00 (plus EventBrite fees)
Training Registration Page
One-Day Class - Wednesday
Mobile Security Testing Guide Hands-On: Android Edition
Date: Wednesday, 19 February 2020
Time: 8:45 a.m. - 5:30 p.m.
Instructor: Sven Schleier
Instructor's Organisation: Seven Consulting
Sven's OWASP Affiliations: Co-Leader, OWASP Mobile Security Testing Guide (MSTG) Project; Leader, OWASP Mobile Hacking Playground Project; Contributor, OWASP ASVS Project
Registration Fee: $625.00 (plus EventBrite fees)
Training Registration Page
One-Day Classes - Thursday
Bootstrap and Improve Your SDLC with OWASP SAMM
Date: Thursday, 20 February 2020
Time: 8:45 a.m. - 5:30 p.m.
Instructors: John DiLeo and John Ellingsworth
John DiLeo's OWASP Affiliations: Contributor, OWASP Software Assurance Maturity Model (SAMM) Project; Chapter Leader, OWASP New Zealand; Co-Leader, OWASP Application Security Curriculum Project
John Ellingsworth's OWASP Affiliations: Contributor, OWASP Software Assurance Maturity Model (SAMM) Project
Registration Fee: $625.00 (plus EventBrite fees)
Training Registration Page
Mobile Security Testing Guide Hands-On: iOS Edition
Date: Thursday, 20 February 2020
Time: 8:45 a.m. - 5:30 p.m.
Instructor: Sven Schleier
Instructor's Organisation: Seven Consulting
Sven's OWASP Affiliations: Co-Leader, OWASP Mobile Security Testing Guide (MSTG) Project; Leader, OWASP Mobile Hacking Playground Project; Contributor, OWASP ASVS Project
Registration Fee: $625.00 (plus EventBrite fees)
Training Registration Page
Half-Day Class - Thursday
Security Uno: A Fun Way to Threat Model
Date: Thursday, 20 February 2020
Time: 1:45 - 5:30 p.m.
Instructors: Kendra Ash
Instructor's Organisation: Vacasa
Registration Fee: $325.00 (plus EventBrite fees)
Training Registration Page
Cancelled Classes
Due to insufficient advance enrolments, the following classes have been cancelled by their instructors, as of 4 February:
CANCELLED: Attacking and Defending Containerised Apps and Serverless Tech
Dates: Wednesday and Thursday, 19 - 20 February 2020
Time: 8:45 a.m. - 5:30 p.m.
Instructors: Pavan Kumar and Sharath Kumar Ramdas
Instructors' Organisation: we45
CANCELLED: Advanced Pwning & Fixing of Node.js Apps: Shells, Injections, and Fun!
Date: Wednesday, 19 February 2020
Time: 8:45 a.m. - 5:30 p.m.
Instructors: Abraham Aranguren and Anirudh Anand
Instructors' Organisation: 7A Security
Abraham's OWASP Affiliations: Co-Leader, OWASP Offensive Web Testing Framework (OWTF) Project
Anirudh's OWASP Affiliations: Contributor, OWASP OWTF Project and OWASP Hackademic Challenges Project
CANCELLED: DevSecOps: Automating Security in DevOps
Date: Thursday, 20 February 2020
Time: 8:45 a.m. - 5:30 p.m.
Instructors: Anand Tiwari and Rohit Salecha
Instructors' Organisation: NotSoSecure
CANCELLED: Introduction to Fuzzing
Date: Thursday, 20 February 2020
Time: 8:45 a.m. - 12:30 p.m.
Instructor: Dhiraj Mishra
Spaces will fill up fast, so get in quickly!
Check-in desk will be located in the Level 0 lobby (outside the Case Study Rooms), and will open at 8:00 a.m. each day
Morning and afternoon tea breaks will be provided; lunch will be on your own.
NOTE: Due to other events taking place on Wednesday (19 February), we will not be able to host catered tea breaks. Instead, attendees will be issued vouchers, which can be used at the Level 1 café during the breaks.
Conference Schedule
Friday, 21 February 2020
08:00 | Registration Opens - Main Foyer, Owen G. Glenn Building | ||||
09:00 | Welcome to OWASP New Zealand Day 2020 John DiLeo (Conference Chair) and Kirk Jackson - OWASP New Zealand Chapter Leaders Lech Janczewski (Conference Host) - Associate Professor, Univ. of Auckland |
||||
09:20 | Opening Keynote: The Abridged History of Application Security Jim Manico - Founder, Manicode Security; Co-Leader, OWASP Application Security Verification Standard (ASVS) and Proactive Controls Projects |
||||
Upstairs Auditorium (Room 115) Track One: Introductory / Management |
Downstairs Auditorium (Room 098) Track Two: Technical |
Downstairs Lecture Hall OGGB5 (Room 051) Track Three: OWASP Projects and Tools |
|||
10:10 | High-Speed Security Nick von Dadelszen - Lateral Security |
10:10 | A Pentester's Guide to Automating Security Benjamin Kearns (pipeline) - Lateral Security |
10:10 | OWASP Top 10 Overview Kirk Jackson - Co-Leader, OWASP New Zealand Chapter |
10:45 | The Perimeter Has Been Shattered: Attacking and Defending Mobility and IoT on the Enterprise Network Georgia Weidman - Bulb Security |
10:45 | Improving Identity Management with W3C Verifiable Credentials David Chadwick - University of Kent |
10:45 | Building Secure Mobile Apps: You don’t have to learn it the hard way! Sven Schleier - Co-Leader, OWASP MSTG and MASVS Projects |
11:20 | Scanning Your Container Images using Anchore Vince Sesto - Foodstuffs North Island |
||||
11:40 | What's the Worst That Could Happen? Petra Smith - Aura Information Security |
11:40 | Teaching an Old Dog New Tricks Brett Moore - Insomnia Security Specialists |
11:40 | |
12:30 | Break for Lunch - On Your Own | ||||
13:30 | Māori Cultural and Ethical Considerations in Information Security Karaitiana Taiuru |
13:30 | Wyh Ranmdnoses Mattres Frans Lategan - Aura Information Security |
13:30 | OWASP Project Overviews: Top Ten, ASVS, Proactive Controls, Java Encoder, HTML Sanitizer Jim Manico |
14:05 | Mūrere me te haumarutanga Chris Cormack - Catalyst IT |
||||
14:25 | Small, but fierce (but still small) Erica Anderson (@Sputina) - SafeStack |
14:25 | Web App Attacks of the Modern World Karan Sharma |
||
15:00 | Keeping Up with the Joneses: Security from a Developer's Perspective Toni James - Lateral Security |
15:00 | Use OSINT to Keep Up with AWS Oliver (Olly) Ewert |
15:00 | |
15:30 | Break for Afternoon Tea - Coffee / Tea Service Provided | ||||
16:00 | Same-origin policy: The Core of Web Security Kirk Jackson - Red Shield |
16:00 | Security in our code reviews? Check! Daniel Zollinger - SafeStack |
16:00 | OWASP SAMM2: Your Dynamic Software Security Journey John Ellingsworth - Co-Author, OWASP SAMM Project |
|
|||||
16:55 | Fighting an Uneven Battle: Simplicity versus Complexity in Web App Security Sergey Ozernikov - ATTACK |
16:55 | A Recipe for Password Storage: Add Salt to Taste Nick Malcolm - Aura Information Security |
||
17:30 | PCI-DSS-WTF? Peter Jakowetz - Ministry of Justice |
17:30 | Self-Service SSH Certificates Jeremy Stott |
||
18:05 | Wrap Up - Closing Remarks, Recognition, Prize Giving Time to go out and socialise, for those interested |
We're always looking for a few good men and women, to assist with conference preparations and to help things go smoothly during the event.
Please contact John DiLeo ([email protected]), if you're willing and able to help out.
Conference Committee
A few kind souls have already agreed to help out:
- John DiLeo - Conference Chair, OWASP New Zealand Chapter Leader (Auckland)
- Lech Janczewski - Conference Host Liaison, on-site Health & Safety contact - Associate Professor, University of Auckland School of Business
- Kirk Jackson - Diversity Fund Committee Chair, Video post-production, OWASP New Zealand Chapter Leader (Wellington)
- Austin Chamberlain - Programme Committee Chair
- Teresa Chan - Sponsor Relations, Pre-Conference Reception
- Paul Howarth - Registration Chair
- Anneke Smitheram - Volunteer Coordinator
- Judy Ting-Edwards - Brand and Merchandise Manager
- James Ting-Edwards - Outreach and Promotions
- YOU - We're always looking for more help, both during advance preparations and on the conference and training days!
Call For Sponsorships
OWASP New Zealand Day 2020 will be held in Auckland on the 21st of February, 2020, and is a security conference entirely dedicated to application security. The conference is once again being hosted by the University of Auckland with their support and assistance. OWASP New Zealand Day is a very low-cost event, and requires sponsor support to help be an instructive and quality event for the New Zealand community. OWASP is strictly not for profit. The sponsorship money will be used to help make OWASP New Zealand Day 2020 a compelling, and valuable experience for all attendees.
Sponsorship funds collected are to be used for things such as:
- Venue - Room use and on-site management fees
- Name tags - We feel that getting to know people within the New Zealand community is important, and name tags make that possible
- Promotion - We would like to reach a wider audience, by utilising paid advertising for the event
- Printed Materials - Printed materials will include program information, room signs, and lanyards
- Recognition items for speakers and trainers
- Afternoon tea, to promote a congenial environment for networking among application security professionals
Facts
Last year, the event was supported by six premier sponsors and attracted more than 650 attendees. Plenty of constructive (and positive!) feedback from the audience was received, and we are using this to make the conference more appealing to more people. For more information on the last New Zealand Day event, please visit: https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2019
The OWASP New Zealand community is strong, with more than 500 people currently subscribed to the mailing list (sign up). OWASP New Zealand Day is expected to attract between 700 and 850 attendees this year.
OWASP regular attendees are IT project managers, IT security managers, IT security consultants, Web application architects and developers, QA managers, QA testers and system administrators.
How to Become a Sponsor
All financial matters related to the conference, including Sponsorship Agreements and payments, are handled through the OWASP Foundation. To express interest in supporting the conference as a sponsor, please contact us by email.
Premium Sponsorship Packages
NOTE: All amounts listed are in New Zealand dollars (NZD)
Platinum |
Gold |
Silver |
Bronze |
A La Carte (See Below) | |
---|---|---|---|---|---|
Enrolment Limit | 2 SOLD OUT |
9 SOLD OUT |
-- | -- | Varies |
General Rate | $6,000 | $4,000 | $2,500 | $1,500 | Varies |
OWASP Corporate Member Rate (15% discount) | $5,100 | $3,400 | $2,125 | $1,275 | N/A |
A La Carte Sponsorship Discount | 15% | 10% | 5% | -- | -- |
Exhibition Space | 6m x 3m 3 tables |
3m x 3m 2 tables |
2m x 2.5m 1 table |
2m x 2.5m 1 table |
No |
Banner in Conference Lobby (see notes) | Yes | No | No | No | No |
Banner at Side of Stage (see notes) | Yes (2) | Yes (1) | No | No | No |
Banner at Pre-Conference Reception (see notes) | Yes | Yes | Yes | No | No |
Company Description on Conference Web Page | 300 words | 200 words | 150 words | 100 words | Varies |
Pre-Conference Reception Tickets | 8 | 6 | 4 | 2 | Varies |
Reserved Conference Passes (see notes) | 20 | 15 | 10 | 5 | Varies |
Training Passes (see notes) | 8 | 6 | 4 | 2 | No |
Logo on Attendee Badges | Yes | Yes | No | No | Varies |
Logo on Conference T-Shirts | Yes | Yes | No | No | Varies |
Logo on Room Signs | Yes | Yes | Yes | No | Varies |
Logo on Conference Tote Bags | Yes | Yes | Yes | No | Varies |
Logo on Conference Web Site | Yes | Yes | Yes | Yes | Yes |
Mention in Pre-Event Publicity | Yes | Yes | Yes | Yes | Varies |
Recognition during Opening/Closing Sessions | Yes | Yes | Yes | Yes | Yes |
Promotional Items in Conference Tote Bags (see notes) | Yes (up to 3) | Yes (up to 2) | Yes (1) | Yes (1) | Varies |
A La Carte Sponsorship Opportunities
1. Afternoon Tea Break - Conference Day
Sponsorships Available: Two (2)
General Rate: $5,500
Benefits:
- Opportunity to display your company's banner in the conference lobby (see notes below) throughout the day of the conference
- Recognition as sponsoring provider, on signs displayed on service tables during tea breaks
- Six (6) complimentary tickets to the Pre-Conference Reception
- Ten (10) reserved passes for main Conference
- Sponsor logo printed on attendee badges
- Sponsor logo printed on Room Signs
- Single-colour sponsor logo imprinted on t-shirts
- Single-colour sponsor logo imprinted on conference tote bags
- Sponsor logo displayed on conference Web page, alongside Platinum Sponsors
- Opportunity to include 200-word company description in About Our Sponsors section of conference Web page
- Written recognition as a leading sponsor, in pre-event publicity communications
- Visual and verbal recognition of sponsor at opening and closing sessions of conference
2. Pre-Conference Reception
On Thursday evening, the OWASP New Zealand Day Committee will host a reception for speakers, trainers, conference volunteers, and Premier Sponsors. The event will be held at an establishment near the conference venue.
Sponsorships Available: One (1)
General Rate: $4,000
Benefits:
- Opportunity to display your company's banner at the reception venue (see notes below) during the reception
- Six (6) complimentary tickets to the Pre-Conference Reception
- Ten (10) reserved passes for main Conference
- Recognition as sponsoring provider, on signs displayed on service tables/bars during reception
- Sponsor logo printed on Room Signs
- Single-colour sponsor logo imprinted on t-shirts
- Single-colour sponsor logo imprinted on conference tote bags
- Sponsor logo displayed on conference Web page, alongside Gold Sponsors
- Opportunity to include 150-word company description in About Our Sponsors section of conference Web page
- Written recognition as a leading sponsor, in pre-event publicity communications
- Visual and verbal recognition of sponsor at opening and closing sessions of conference
3. T-Shirts for Participants
We will be distributing branded t-shirts to all event participants, including attendees, speakers, sponsor staff, trainers, and volunteers.
Sponsorships Available: One (1)
General Rate: $4,500
Benefits:
- Opportunity to display your company's banner at the reception venue (see notes below) during the reception
- Six (6) complimentary tickets to the Pre-Conference Reception
- Ten (10) reserved passes for main Conference
- Recognition as sponsoring provider, on signs displayed on service tables/bars during reception
- Sponsor logo printed on Room Signs
- Single-colour sponsor logo imprinted on t-shirts
- Single-colour sponsor logo imprinted on conference tote bags
- Sponsor logo displayed on conference Web page, alongside Gold Sponsors
- Opportunity to include 150-word company description in About Our Sponsors section of conference Web page
- Written recognition as a leading sponsor, in pre-event publicity communications
- Visual and verbal recognition of sponsor at opening and closing sessions of conference
4. Conference Tote Bags for Attendees
Sponsorships Available: One (1)
General Rate: $4,000
Benefits:
- Single-colour sponsor logo printed on tote bags
- Single-colour sponsor logo imprinted on t-shirts
- Six (6) complimentary tickets to the Pre-Conference Reception
- Ten (10) reserved passes for main Conference
- Sponsor logo printed on Room Signs
- Sponsor logo displayed on conference Web page, alongside Gold Sponsors
- Opportunity to include 150-word company description in About Our Sponsors section of conference Web page
- Visual and verbal recognition of sponsor at opening and closing sessions of conference
5. Speaker Gifts
Sponsorships Available: One (1)
General Rate: $1,000
Benefits:
- Sponsor logo printed on Room Signs
- Single-colour sponsor logo imprinted on conference tote bags
- Two (2) complimentary tickets to the Pre-Conference Reception
- Five (5) reserved passes for main Conference
- Sponsor logo displayed on conference Web page, alongside Silver Sponsors
- Opportunity to include 100-word company description in About Our Sponsors section of conference Web page
- Written recognition as a leading sponsor, in pre-event publicity communications
- Visual and verbal recognition of sponsor at opening and closing sessions of conference
6. Morning and Afternoon Tea Breaks - Training Day
Sponsorships Available: One (1)
General Rate: $2,500
Benefits:
- Opportunity to display your company's banner in the training facility lobby (see notes below) throughout the training day
- Recognition as sponsoring provider, on signs displayed on service tables during training day tea breaks
- Four (4) complimentary tickets to the Pre-Conference Reception
- Five (5) reserved passes for main Conference
- Sponsor logo displayed on conference Web page, alongside Silver Sponsors
- Opportunity to include 100-word company description in About Our Sponsors section of conference Web page
- Visual and verbal recognition of sponsor at opening and closing sessions of conference
7. Diversity Fund
The OWASP New Zealand Day Diversity and Financial Aid Fund has been established to provide financial assistance to students at New Zealand universities. Each Diversity Fund sponsorship is intended to cover travel expenses for one New Zealand student, from outside the Auckland area, who will be attending or presenting at the conference. Each Diversity Fund support recipient will receive funding for return airfare from their nearest domestic airport to Auckland International Airport, two night's accommodation in a lodging near the conference venue, and return shuttle transportation between the airport and the accommodation.
Sponsorships Available: No Limit
General Rate: $800, or more
Benefits:
- Sponsor logo displayed on conference Web page, as a Diversity Fund Sponsor
- Visual and verbal recognition of sponsor at opening and closing sessions of conference
8. Door Prizes
At the closing session of the conference, the OWASP New Zealand Day Committee will conduct a series of random drawings, awarding donated items to attendees, who must be present to win. There is no minimum or maximum value required for donated items, nor is the number of items provided subject to any limit. It is recommended that items provided be of interest to the conference's target audience, rather than of a generic nature.
Sponsorships Available: No Limit
General Rate: In-Kind Donation
Benefits:
- Verbal recognition, at the time of the prize drawing, as the donor of the prize
9. Other Supporting Sponsorships
If your company would like to provide special items to attendees, funding for paid promotional advertising for the event, or other items that we haven't yet thought of, you are welcome to contact us to discuss your ideas.
Sponsorships Available: No Limit
General Rate: In-Kind Donation
Benefits:
- Sponsor logo displayed on conference Web page, as a Supporting Sponsor
- Visual and verbal recognition of sponsor at opening and closing sessions of conference
Notes
Sponsor Logos:
- Logos are to be provided by the respective sponsors, as digital files (JPEG and PNG preferred)
- Logos provided should be full colour
- For lanyards and tote bags (including Platinum/Gold/Silver Sponsors), a single-colour version of the logo should also be provided, in a separate file. If a single-colour version of the logo is not provided by the sponsor, the OWASP New Zealand Day Committee reserves the right to electronically convert the full-colour logo to a single-colour version, or omit the sponsor's logo from the imprinted items if that proves infeasible.
Sponsor Banners:
- Lobby and stage-side banners are to be provided by the respective sponsors, must be free-standing, and their size is subject to approval by the OWASP New Zealand Day Committee.
- The conference venue includes two tracks, conducted in separate auditoriums; Platinum Sponsors may display one banner to the side of each auditorium's stage; Gold Sponsors may display a banner to the side of the stage in one auditorium. Gold Sponsors may express an auditorium preference, but final locations are at the discretion of the OWASP New Zealand Day Committee.
- There will be a maximum of four (4) sponsor banners displayed in each auditorium, with placement priority given to Platinum Sponsors.
Promotional Items:
- Printed materials are limited in dimensions to A4 size - either a single sheet, printed on one or both sides; or a single A3 sheet, folded in half
- Small imprinted items are also acceptable - pens, stress balls, USB keys, fidget spinners, etc.
- Design of printed materials and imprinted items are subject to approval by OWASP New Zealand Day Committee
- RECRUITMENT: In addition to the promotional item allowances included in Premium Sponsorship Packages, any sponsor may provide one A5-size card with information on actual current vacancies for which candidates are actively being sought
Reserved Conference Passes
Although there is no registration fee for the conference day, there is a hard limit of 1,000 tickets that can be issued for the event. As part of your sponsorship package, you will have the specified number of registrations set aside for you and your team, to ensure you can all take part in the main conference on Friday.
Training Passes
The listed quantities of Training Day Passes refer to "half-day equivalents." For example, a Platinum sponsor would be entitled to eight (8) seats in half-day classes, four (4) seats in one-day classes, two (2) seats in two-day classes, or any combination up to eight (8) total half-days of training. Training Day Passes may be freely transferred (e.g., as promotional gifts or to sponsor students/unwaged to attend), but may not be resold.
NOTE: All amounts listed are in New Zealand dollars (NZD)
Diversity and Financial Aid fund
Thanks to the generous support of our lovely sponsors, we will have some funding available to help people from around New Zealand attend the OWASP NZ Day, who would otherwise find it hard to attend. In particular, we welcome applications from women, people of colour, LGBTQ2IA, Pacific Island indigenous peoples, and all others. You all deserve to be able to learn more about security, and we’ll do our best to help make that happen!
For participants from within New Zealand, support provided by the fund can include return airfare to Auckland, an allowance for accommodations in Auckland, and an allowance for taxi/Uber fares to/from the airports.
If funds are available, support may be extended to a limited number of applicants from outside New Zealand. For such applicants, support provided by the fund will be limited to an allowance for accommodations and taxi/Uber fares in Auckland.
Because of the generous support of our sponsors, and our training instructors, a limited number of fee waivers/discounts will also be available this year. On the application, you can indicate if you'd like to be considered for a training fee waiver, and provide your class preferences.
Our funds are limited, and we’ll be reviewing applications every week, starting in mid-December. Submit your application soon, so we can approve them promptly, and you’ll be in several review cycles!
Process:
- Fill out our Application Form
- We will review and approve applications each week. The first reviews will be completed by 20 December.
- We will contact all applicants and let them know the result of the review.
- Successful applicants will be contacted to help sort things out.
We use the following criteria to help us decide who gets approved:
- We are biased towards (but not exclusively for) diverse applicants.
- We do attempt to maximise cost efficiency and will aim to get as many people to OWASP as possible, with our limited funds.
Each successful recipient can choose whether to be kept anonymous (in which case only the OWASP NZ committee will know the details of your funding), or to be put in touch with the supporting company whose sponsorship is going towards your attendance (if applicable). We think some of our sponsors may enjoy the opportunity to chat with you on the day and talk about your experiences and plans for the future, but that’s totally optional and up to you.
If you have any questions, feel free to drop us an email.
Information for International Travellers
Effective on 1 October 2019, new travel requirements take effect for visitors to New Zealand from Visa Waiver countries.
Here are the requirements, as we (the conference committee) understand them - the usual "does not constitute legal advice" disclaimers apply:
- If you are in one of the groups listed on Immigration New Zealand's Travelers who do not need an NZeTA page: no worries, you can just turn up;
- If you are travelling on a passport meeting the conditions listed on the New Zealand Visa Waiver Countries page: You will need to obtain a New Zealand Electronic Travel Authority (NZeTA);
- If you are travelling on any other passport, you will need to apply for a visa to visit New Zealand:
- If you are visiting New Zealand, and will attend the conference and/or a training class as part of your visit, you should be able to travel on a Visitor Visa. This should be true, even if you are presenting a talk at the main conference, because speakers do not receive compensation.
- For those visiting New Zealand to present a training class, we have been made aware of conflicting information provided by Immigration New Zealand staff and embassy officials. Some trainers have been advised they can come to New Zealand on a Business Visitor Visa, while others have been informed they must apply for a Specific Purpose Work Visa. The latter visa requires more documentation, and takes longer to process, so please plan accordingly.
If you're unsure what travel documentation you need, we highly recommend you contact Immigration New Zealand early.
Code of Conduct
We want to make the OWASP NZ Day a welcoming environment for all attendees. To that end, we would like to remind you that all activities associated with this event are subject to OWASP's Conference Policies. At their core, these policies are intended to promote and maintain an inclusive, welcoming environment for all participants - actions detrimental to that environment are unwelcome.
Speakers, trainers and sponsors have all been reminded of these policies, and are expected to abide by them like all attendees.
If you have any concerns during the day, please seek out John, Judy, or James. We will make ourselves visible at the start of the day, so you know what we look like.
The Call for Presentations is now closed. Speakers selected to present will be contacted shortly, to confirm their participation. See the "Conference - 21 February" tab for information on the talks featured this year.
The Call for Presentations closes on 15th December. Visit PaperCall to submit yours.
Call for Presentations
OWASP New Zealand Day conferences attract a high quality of speakers from a variety of security disciplines, including architects, Web developers and engineers, system administrators, penetration testers, policy specialists and more.
We would like a variety of technical levels in the presentations submitted, corresponding to the three focus areas of the conference:
Track One:
- Introductions to various Information Security topics, and the OWASP projects
- Policy, Compliance and Risk Management
Track Two:
- Technical topics
Introductory talks should appeal to an intermediate to experienced software developer, without requiring a solid grounding in application security or knowledge of OWASP projects. These talks should be engaging, encourage developers to learn more about information security, and give them techniques that they can immediately return to work and apply to their jobs.
This being an OWASP conference, the selection process for talks in Track One will give priority to those related to OWASP's Projects, Tools, and Guidance (check out the current [OWASP Project Inventory](https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Inventory) for more information). If multiple submissions are received related to the same OWASP Project/Tool, preference will be given to speakers actively involved as leaders or members of the respective project teams.
Technical topics are running all day and should appeal to two audiences - experienced software security testers or researchers, and software developers who have a “OWASP Top Ten” level of understanding of web attacks and defences. You could present a lightning, short or long talk on something you have researched, developed yourself, or learnt in your travels. Ideally the topics will have technical depth or novelty so that the majority of attendees learn something new.
We would also like to invite talks that will appeal to those interested in the various non-technical topics that are important in our industry. These talks could focus on the development of policies, dealing with compliance obligations, managing risks within an enterprise, or other issues that could appeal to those in management roles.
We encourage presentations to have a strong component on fixing and prevention of security issues. We are looking for presentations on a wide variety of security topics, including but not limited to:
- Web application security
- Mobile security
- Cloud security
- Secure development
- Vulnerability analysis
- Threat modelling
- Application exploitation
- Exploitation techniques
- Threat and vulnerability countermeasures
- Platform or language security (JavaScript, NodeJS, .NET, Java, RoR, Python, etc)
- Penetration Testing
- Browser and client security
- Application and solution architecture security
- PCI DSS
- Risk management
- Security concepts for C*Os, project managers and other non-technical attendees
- Privacy controls
The submission will be reviewed by the OWASP New Zealand Day conference committee and the highest voted talks will be selected and invited for presentation.
PLEASE NOTE:
- Due to limited funds availability, the conference budget does not include a plan to cover expenses for international speakers. However, as part of the Diversity Fund, we will have funds available to subsidise _local_ expenses (airport taxis, and hotel in Auckland) for international speakers and attendees, on a limited need basis.
- If you are selected as a speaker, and your company is willing to cover travel and accommodation costs, the company will be recognised as a "Supporting Sponsor" of the event.
Please submit your presentation on PaperCall.
Submission Deadline: Friday, 15th November 2019 for first-round consideration; Final Deadline: Sunday, 15th December.
Applicants will be notified in the following week after the deadline, whether they were successful or not.
Call for Training
The Call for Training is now closed. Trainers selected to present have been contacted, and details have been finalised. See the "Training - 19-20 February" tab for information on the training classes offered this year.
We are happy to announce that training will run on Wednesday and Thursday, 19-20 February 2020, the two days before the OWASP NZ Day conference. The training venue will be in classrooms and Case Study rooms of varying sizes, kindly provided by the University of Auckland School of Business, in the same building as the OWASP NZ Day conference itself. The largest rooms can accommodate up to 69 attendees, with power for laptop usage and Wi-Fi. A wide range of half-day, one-day, or two-day training proposals will be considered, see the Call for Presentations for a list of example topics.
The fixed per-attendee fees for training are as follows:
- $325.00 for a half-day session;
- $625.00 for a one-day session; and
- $1,250.00 for a two-day session.
As this training is part of an OWASP event, the OWASP Foundation's revenue sharing policy applies, which allocates 40% of the registration fee to the training presenter ($130 per attendee for a half-day session, $250 for one-day, and $500 for two-day). The per-attendee fee paid will include both paid registrations, and "free" training seats allocated to the conference's premier sponsors.
During each training day, morning and afternoon tea will be provided; lunch will be on your own.
Training presenters will be automatically registered for the main conference on Friday, 21 February, and will receive complimentary tickets to the Pre-Conference Reception on Thursday evening, 20 February.
Please submit your training proposal on PaperCall.
Submission Deadline: Saturday, 30th November 2019
Applicants will be notified in the following week after the deadline, whether they were successful or not. Our goal is to have the training programme finalised before registration opens on 15th December.