This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP New Zealand Day 2017"

From OWASP
Jump to: navigation, search
m (Change date)
m (.)
Line 40: Line 40:
 
==Training==
 
==Training==
  
 +
As well as the main conference on Thursday, we are pleased to be able to provide training on Wednesday at the same venue. All details including registration are as follows:
 +
 +
 +
'''LittleHackMe
 +
Date: Wed 19 April 2017<br>
 +
Time: 2:00pm - 6:00pm or part thereof<br>
 +
[https://www.eventbrite.com/e/owasp-nz-day-training-littlehackme-v-tickets-32870738263 Training Registration Page]
 +
 +
 +
'''Advanced Web Hacking and Secure Coding
 +
Date: Wed 19 April 2017<br>
 +
Time: 10:00am - 6:00pm or part thereof<br>
 +
[https://www.eventbrite.com/e/owasp-nz-day-training-advanced-web-hacking-and-secure-coding-tickets-32871439360 Training Registration Page]
 +
 +
 +
'''Droid-Sec Exploitation
 
Date: Wed 19 April 2017<br>
 
Date: Wed 19 April 2017<br>
Time: 9:30am - 6:00pm or part thereof<br>
+
Time: 10:00am - 6:00pm or part thereof<br>
Cost: To be advised<br>
+
[https://www.eventbrite.com/e/owasp-nz-day-training-droid-sec-exploitation-tickets-32871240766 Training Registration Page]
 +
 
  
As well as the main conference on Thursday, we are pleased to be able to provide training on Wednesday at a discounted price. We anticipate a selection of introductory and advanced training topics.
+
'''Security Testing for Software Testers
 +
Date: Wed 19 April 2017<br>
 +
Time: 10:00am - 6:00pm or part thereof<br>
 +
[https://www.eventbrite.com/e/owasp-nz-day-training-security-testing-for-software-testers-tickets-32871328027 Training Registration Page]
  
Training sessions will be held at the same venue on Wednesday 19 April.
 
  
 +
Spaces going fast, so get in quick
  
 +
==General==
  
 
The eighth OWASP New Zealand Day will be happening thanks to the support provided by the University of Auckland, which will kindly offer the same location as last year for stream one, with the addition of another room near by for the stream two room. Entry to the event will, as in the past, be free.
 
The eighth OWASP New Zealand Day will be happening thanks to the support provided by the University of Auckland, which will kindly offer the same location as last year for stream one, with the addition of another room near by for the stream two room. Entry to the event will, as in the past, be free.
Line 159: Line 180:
  
 
Please direct all enquiries to [email protected] | [email protected] | [email protected]
 
Please direct all enquiries to [email protected] | [email protected] | [email protected]
 
 
  
 
= Call For Presentations =
 
= Call For Presentations =

Revision as of 01:13, 15 March 2017

OWASP_NZ_Day_2017_logo.jpg

19th and 20th April 2017 - Auckland


Introduction

We are proud to announce the eighth OWASP New Zealand Day conference, to be held at the University of Auckland on Thursday April 20th, 2017. OWASP New Zealand Day is a one-day conference dedicated to application security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.


Who is it for?

  • Web Developers: There will be a choice of two streams in the morning. First stream covering introductory talks to application security, second stream covering deeper technical topics. Afternoon sessions will cover offensive security in stream one, and continue with deeper technical topics in stream two.
  • Security Professionals and Enthusiasts: Technical sessions later in the day will showcase new and interesting attack and defence topics.

Conference structure

Date: Thurs 20 April 2017
Time: 9:30am - 6:00pm
Cost: Free

The main conference is on Thursday 20th of April, and will have two streams in both the morning and the afternoon:


Morning Introductory application security topics Informational / Defensive
Afternoon Offensive Security Informational / Defensive

Training

As well as the main conference on Thursday, we are pleased to be able to provide training on Wednesday at the same venue. All details including registration are as follows:


LittleHackMe Date: Wed 19 April 2017
Time: 2:00pm - 6:00pm or part thereof
Training Registration Page


Advanced Web Hacking and Secure Coding Date: Wed 19 April 2017
Time: 10:00am - 6:00pm or part thereof
Training Registration Page


Droid-Sec Exploitation Date: Wed 19 April 2017
Time: 10:00am - 6:00pm or part thereof
Training Registration Page


Security Testing for Software Testers Date: Wed 19 April 2017
Time: 10:00am - 6:00pm or part thereof
Training Registration Page


Spaces going fast, so get in quick

General

The eighth OWASP New Zealand Day will be happening thanks to the support provided by the University of Auckland, which will kindly offer the same location as last year for stream one, with the addition of another room near by for the stream two room. Entry to the event will, as in the past, be free.


For any comments, feedback or observations, please don't hesitate to contact us.

Registration

Registration for the main conference day is now open: Conference Registration Here Follow us on twitter @owaspnz


There is no cost for the main conference day. Unfortunately due to increased conference running costs, lunch, morning and afternoon tea's will not be provided as it has been for the past OWASP NZ Days. We do ask that if at any point you realise you cannot make it please cancel your registration to make room for others as spaces are limited.


Important dates

  • CFP submission deadline: 18th March 2017
  • CFT submission deadline: 28th February 2017
  • Conference Registration deadline: 15th April 2017
  • Training Registration deadline: 15th April 2017
  • Training Day date: 19th April 2017
  • Conference Day date: 20th April 2017


For those of you booking flights, ensure you can be at the venue at 9:00am, the conference will end by 6:00pm however we will have post conference drinks at a local drinking establishment for those interested.


Conference Venue

The University of Auckland School of Business
Owen Glen Building
Address: 12 Grafton Road

Stream one room: Level 1
Room: 115 (Fisher & Paykel Auditorium)

Stream two room: Level 0
Room: 092

Auckland
New Zealand
Map

073 AUBiz 10Apr08small.jpg OWASPNZDayLectureTheatre.jpg

Conference Sponsors

AuckUni800-110.png

Gold Sponsors:

SA_Logo_w_DD.gif
   
INSOMNIA.PNG
   
Aura_PBK_Colour.jpg
Redshield.png
   
Zx.png
   
Quantumblack3.png

Support Sponsor:

BinaryMistLimited.png

Conference Committee

  • Denis Andzakovic - OWASP New Zealand Leader (Auckland)
  • Kirk Jackson - OWASP New Zealand Leader (Wellington)
  • Kim Carter - OWASP New Zealand Leader (Christchurch)
  • Lech Janczewski - Associate Professor - University of Auckland School of Business

Please direct all enquiries to [email protected] | [email protected] | [email protected]

Call For Presentations

OWASP New Zealand Day conferences attract a high quality of speakers from a variety of security disciplines including architects, web developers and engineers, system administrators, penetration testers, policy specialists and more.


We would like a variety of technical levels in the presentations submitted, corresponding to the three sections of the conference:

  • Introductions to various Web Application Security topics, and the OWASP projects
  • Technical topics
  • Policy, Compliance and Risk Management


The introductory talks should appeal to an intermediate to experienced web developer, without a solid grounding in web application security or knowledge of the OWASP projects. These talks should be engaging, encourage developers to learn more about web application security, and give them techniques that they can immediately return to work and apply to their jobs.

Technical topics are running all day and should appeal to two audiences - experienced web application security testers or researchers, and web developers who have a “OWASP Top Ten” level of understanding of web attacks and defenses. You could present a lightning, short or long talk on something you have researched, developed yourself, or learnt in your travels. Ideally the topics will have technical depth or novelty so that the majority of attendees learn something new.

We would also like to invite talks that will appeal to those interested in the various non-technical topics that are important in our industry. These talks could focus on the development of policies, dealing with compliance obligations, managing risks within an enterprise, or other issues that could appeal to those in management roles.


We encourage presentations to have a strong component on fixing and prevention of security issues. We are looking for presentations on a wide variety of security topics, including but not limited to:


  • Web application security
  • Mobile security
  • Secure development
  • Vulnerability analysis
  • Threat modelling
  • Application exploitation
  • Exploitation techniques
  • Threat and vulnerability countermeasures
  • Platform or language security (JavaScript, NodeJS, .NET, Java, RoR, etc)
  • Penetration Testing
  • Browser and client security
  • Application and solution architecture security
  • PCI DSS
  • Risk management
  • Security concepts for C*Os, project managers and other non-technical attendees
  • Privacy controls


The submission will be reviewed by the OWASP New Zealand Day conference committee and the highest voted talks will be selected and invited for presentation.


PLEASE NOTE:

  • Due to limited budget available, expenses for international speakers cannot be covered.
  • If your company is willing to cover travel and accommodation costs, the company will become "Support Sponsor" of the event.


Please submit your presentation here.


Submissions deadline: 18th March 2017

Applicants will be notified in the following week after the deadline, whether they were successful or not.

Call For Trainers

We are happy to announce that training will run on Wednesday April 19 2017, the day before the OWASP NZ Day conference. The training venue will be Level 0, Rooms: case rooms 1(005), 2(057) and 3(055), kindly provided by the University of Auckland School of Business, in the same building as the OWASP NZ Day conference itself. Classes can contain up to 69 students, with power for laptop usage and Wi-Fi. A wide range of half-day or full-day training proposals will be considered, see the Call for Papers for a list of example topics.

If you are interested in running one of the training sessions, please contact Denis Andzakovic, Kirk Jackson and Kim Carter with the following information:


  • Trainer name
  • Trainer organisation
  • Telephone + email contact
  • Short Trainer bio
  • Training title
  • Trainer requirements (e.g. a projector, whiteboard, etc)
  • Trainee requirements (e.g. laptop, VMware/VirtualBox, etc)
  • Training summary (less than 500 words)
  • Target audience (e.g. testers, project managers, security managers, web developers, architects)
  • Skill level required (Basic / Intermediate / Advanced)
  • What attendees can expect to learn (key objectives)
  • Short course outline


The fixed price per head for training will be $250 for a half-day session and $500 for a whole-day session. As this training is part of an OWASP event, part of the proceeds go back to OWASP. The split is as follows:

  • 25% to OWASP Global - used for OWASP projects around the world
  • 25% to OWASP NZ Day - used for NZ Day expenses
  • 50% to the training provider.


Please submit the above information to all of the following:


Submissions deadline: 28th February 2017

Applicants will be notified in the following week after the deadline, whether they were successful or not.


Call For Sponsorships

Thank you to all our sponsors. Sponsorship has now been fully subscribed, we are no longer accepting new sponsors.

OWASP New Zealand Day 2017 will be held in Auckland on the 20th of April, 2017 and is a security conference entirely dedicated to application security. The conference is once again being hosted by the University of Auckland with their support and assistance. OWASP New Zealand Day 2017 is a free event, but requires sponsor support to help be an instructive and quality event for the New Zealand community. OWASP is strictly not for profit. The sponsorship money will be used to help make OWASP New Zealand Day 2017 a free, compelling, and valuable experience for all attendees.


The sponsorship funds collected are to be used for things such as:

  • Name tags - we feel that getting to know people within the New Zealand community is important, and name tags make that possible.
  • Promotion - up to now our events are propagating by word of mouth. We would like to get to a wider audience by advertising our events.
  • Printed Materials - printed materials will include brochures, tags and lanyards.

Facts

Last year, the event was supported by nine sponsors and attracted more than 500 participants. Plenty of constructive (and positive!) feedback from the audience was received and we are using this to make the conference more appealing to more people. For more information on the last New Zealand Day event, please visit: https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2016

The OWASP New Zealand community is strong, there are more than 490 people currently subscribed to the mailing-list. OWASP New Zealand Day is expected to attract between 500 and 600 attendees this year.

OWASP regular attendees are IT project managers, IT security managers, IT security consultants, web application architects and developers, QA managers, QA testers and system administrators.

Sponsorships

There are three different levels of sponsorships for the OWASP Day event:


Support Sponsorship: (Covering international speaker travel expenses, media coverage/article/promotion of the event)

Includes:


Silver Sponsorship: 750 NZD

Includes:

  • Publication of the sponsor logo on the event web site - https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2017
  • The publication of the sponsor logo in the event site, in the agenda, on the handouts and in all the official communications with the attendees at the conference.
  • The possibility to distribute the company brochures, CDs or other materials to the participants during the event.


Gold Sponsorship: 1500 NZD

Includes:

  • The possibility to have a promotional banner or sign side stage in the main auditorium (to be provided by the sponsor, size subject to approval by the OWASP NZ Day Committee).
  • The publication of the sponsor logo in the event site, in the agenda, on the handouts and in all the official communications with the attendees at the conference.
  • The possibility to distribute the company brochures, CDs or other materials to the participants during the event.
  • Publication of the sponsor logo on the OWASP New Zealand Chapter page - Sponsor logo on the OWASP NZ site prior and during the OWASP Day event - https://www.owasp.org/index.php/New_Zealand
  • Publication of the sponsor logo on the event web site - https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2017


Those who are interested in sponsoring OWASP New Zealand 2017 Conference can contact the OWASP New Zealand Board.

Thank you to all our sponsors. Sponsorship has now been fully subscribed, we are no longer accepting new sponsors.


Diversity and Financial Aid fund

[We have unashamedly followed the model adopted by the nz.js(con) team with their fund. Many thanks to Jen and the team!]

Due to the support of our lovely sponsors, we have some additional funding available to help people from around New Zealand attend the OWASP NZ Day that would find it hard to otherwise attend. In particular, we welcome applications from women, people of colour, LGBTIQ and all others. You all deserve to be able to learn more about security, and we’ll do our darndest to help make that happen!

Our funds are limited, and we’ll be reviewing applications every two weeks. Submit your applications soon, so we can approve them early and you’ll be in several review cycles!

Process:

  • Fill out our application form
  • We will review and approve applications each two weeks. The next review date is 27 March 2017.
  • We will contact all applicants and let them know the result of the review.
  • Successful applicants will be contacted to help sort things out.

We use the following criteria to help us decide who gets approved:

  • We are biased towards (but not exclusively for) diverse applicants.
  • We do attempt to maximise cost efficiency and will aim to get as many people to OWASP with our limited funds.

Each successful recipient can choose whether to be kept anonymous (in which case only the OWASP NZ committee will know the details of your funding), or to be put in touch with the supporting company whose sponsorship is going towards your attendance. We think some of our sponsors may enjoy the opportunity to chat with you on the day talk about your experiences and plans for the future, but that’s totally optional and up to you.

If you have any questions, feel free to drop us an email: [email protected] | [email protected] | [email protected]

Code of Conduct

We want to make the OWASP NZ Day a welcoming environment for all attendees. To that end, we would like to remind you of OWASP's anti-harassment policy: [1].

Speakers, trainers and sponsors have all been reminded of these policies, and are expected to abide by them like all attendees.

If you have any concerns during the day, please seek out Kirk, Denis or Kim. We will make ourselves visible at the start of the day so you know what we look like.