This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "OWASP New Zealand Day 2019"

From OWASP
Jump to: navigation, search
m (Corrected background colors on column header cells)
m (Updated Kirk's workplace.)
Line 314: Line 314:
 
<td style="background-color: #EEE; text-align: center">
 
<td style="background-color: #EEE; text-align: center">
 
<b>Virtual Patching: Does It Work?</b><br />
 
<b>Virtual Patching: Does It Work?</b><br />
<i>Kirk Jackson - Aura Red Shield</i>
+
<i>Kirk Jackson - RedShield</i>
 
</td>
 
</td>
 
</tr>
 
</tr>
Line 420: Line 420:
 
<td style="background-color: #EEE; text-align: center">
 
<td style="background-color: #EEE; text-align: center">
 
<b>How Do I Content Security Policy?</b><br />
 
<b>How Do I Content Security Policy?</b><br />
<i>Kirk Jackson - Aura Red Shield</i>
+
<i>Kirk Jackson - RedShield</i>
 
</td>
 
</td>
 
<td valign="top" align="right">16:00</td>
 
<td valign="top" align="right">16:00</td>
Line 461: Line 461:
 
</table>
 
</table>
 
</center>
 
</center>
 
  
 
=Call for Sponsorships=
 
=Call for Sponsorships=

Revision as of 22:44, 21 January 2019

NZDay_2019_web_banner.jpg

21st and 22nd February 2019 - Auckland


UPDATE #4 (12 January) - The Call for Presentations is now closed. Those submitting proposals will be notified shortly whether their talks have been accepted.

UPDATE #3 (7 January) - Registration for Training Classes Now Open! Visit EventBrite to reserve your spot!

UPDATE #2 (22 December) - Registration Now Open! Visit EventBrite to register now!

IMPORTANT UPDATE (21 December) - Call for Presentations Extended: The Call for Presentations has been extended, and will now close on Friday, 11 January, 2019.

Introduction

We are proud to announce the tenth OWASP New Zealand Day conference, to be held at the University of Auckland on Friday, February 22nd, 2019. OWASP New Zealand Day is a one-day conference dedicated to information security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.

There will be two streams throughout the day. The first stream will include introductory talks on application and information security topics, as well as on policy, compliance, and risk management. The second stream will primarily address deeper technical topics.

Who is it for?

  • Web Developers
  • Security Professionals and Enthusiasts
  • Program and Project Managers
  • Business Analysts
  • Requirements Analysts
  • Software Testers

Conference structure

Date: Friday, 22 February 2019

Time: 9:00am - 6:00pm

Cost: FREE

The main conference is on Friday, the 22nd of February, and will have two streams in both the morning and the afternoon:

Stream One:

  • Introductory Topics
  • Program Management, Policy, Compliance, Risk Management

Stream Two:

  • Technical Topics

Training

In addition the main conference on Friday, we are pleased to be offer three training opportunities on Thursday, at the same venue. Course details, including registration, are as follows:

Real-World Penetration Testing

Date: Thursday, 21 February 2019
Time: 8:45 a.m. - 5:30 p.m.
Instructors: Vivek Ramachandran and Nishant Sharma
Instructors' Organisation: Pentester Academy
Registration Fee: $500.00
Training Registration Page

Are You a Secure Code Warrior?

Date: Thursday, 21 February 2019
Time: 8:45 a.m. - 12:30 p.m.
Instructor: Jaap Karan Singh
Instructor's Organisation: Secure Code Warrior
Registration Fee: $250.00
Training Registration Page

Threat Modelling: Getting from None to Done

Date: Thursday, 21 February 2019
Time: 8:45 a.m. - 5:30 p.m.
Instructor: Dr. John DiLeo
Instructor's Organisation: OWASP New Zealand Chapter
Registration Fee: $500.00
Training Registration Page

Spaces are going fast, so get in quickly!

General

The tenth OWASP New Zealand Day will be happening thanks to the support provided by the University of Auckland, which will kindly offer the same facilities as those we used in 2018. Entry to the event will, as in the past, be free.

For any comments, feedback or observations, please don't hesitate to contact us.

Registration

Registration is now open. Visit EventBrite to register.

Please join our low volume mailing list to be notified as further schedule information becomes available, and/or follow us on Twitter @owaspnz.

There is no cost for the main conference day. Currently, we are planning to provide morning and afternoon tea; however, this is subject to meeting our sponsorship goals for the event. Spaces are limited, so we do ask that, if at any point you realise you will not be able to attend, you cancel your registration (i.e., "request a refund" in EventBrite) to make room for others.

Important dates

CFP submission deadline: 11th January 2019 - Submissions are now closed
CFT submission deadline: 21st December 2018 - Submissions are now closed
Training Day date: 21st February 2019
Training Registration Deadline: 14th February 2019
Conference Day date: 22nd February 2019
Conference Registration deadline: 22nd February 2019 (Same-day registration is permitted, if space is available)

For those of you booking flights, ensure you can be at the venue by 8:30am. The conference will end by 6:00pm. However, we will have post conference drinks at a local drinking establishment for those interested. We are planning to hold a special event on Thursday evening for speakers, trainers, sponsors, and conference volunteers - more details on that to follow.

Places to eat & drink on the day

  • Coffee cart and selection of snacks next to the reception on the ground floor, this is the closest but will probably have long lines
  • Mojo Symonds - also on campus
  • Shakey Isles - coffee and food across the road on the corner of Symonds & Alfred St
  • The CBD - walk up and over Albert Park to get to the CBD with many great food options
    • Fort Street has burgers, kebabs, and KFC
    • High Street & Lorne Street have lots of little cafes and restaurants
  • Subway, Starbucks, St. Pierre's Sushi & Pita Pit - walk up Symonds Street
  • Vulture’s Lane is a popular pub with the InfoSec crowd, there are more seats downstairs
  • The Bluestone Room - also a popular pub just across Queen St

Conference Venue

The University of Auckland School of Business
Owen Glen Building
Address: 12 Grafton Road

Stream One: Level 1
Room: 115 (Fisher & Paykel Auditorium)

Stream Two: Level 0
Room: 098

Auckland
New Zealand
Map

073 AUBiz 10Apr08small.jpg OWASPNZDayLectureTheatre.jpg

Conference Sponsors

For more information on our Premier Sponsors, please visit our About Our Sponsors page

Conference Host

AuckUni.png

Platinum Sponsors

 
Logo-Insomnia Security Specialists
 

Gold Sponsors

Logo-Orion Health
Logo-Quantum Security
Logo-Secure Code Warrior
Logo-ZX Security
 

Silver Sponsors

Sponsoring Provider - Training Day Tea Breaks

Logo-Aura Information Security

Bronze Sponsors

   

Supporting Sponsors

   

Conference Committee

  • John DiLeo - Conference Chair, OWASP New Zealand Leader (Auckland)
  • Brendan Laing
  • Austin Chamberlain
  • Lech Janczewski - Conference Host Liaison - Associate Professor, University of Auckland School of Business
  • YOU - We are looking for volunteers to help make this our most successful conference yet!

Please direct all enquiries to John DiLeo ([email protected])

OWASP NZ on Twitter (https://twitter.com/owaspnz)

Training

In addition the main conference on Friday, we are pleased to be offer three training opportunities on Thursday, at the same venue. Course details, including registration, are as follows:

Real-World Penetration Testing

Date: Thursday, 21 February 2019
Time: 8:45 a.m. - 5:30 p.m.
Instructors: Vivek Ramachandran and Nishant Sharma
Instructors' Organisation: Pentester Academy
Registration Fee: $500.00
Training Registration Page

Are You a Secure Code Warrior?

Date: Thursday, 21 February 2019
Time: 8:45 a.m. - 12:30 p.m.
Instructor: Jaap Karan Singh
Instructor's Organisation: Secure Code Warrior
Registration Fee: $250.00
Training Registration Page

Threat Modelling: Getting from None to Done

Date: Thursday, 21 February 2019
Time: 8:45 a.m. - 5:30 p.m.
Instructor: Dr. John DiLeo
Instructor's Organisation: OWASP New Zealand Chapter
Registration Fee: $500.00
Training Registration Page

Spaces are going fast, so get in quickly!

Check-in desk will open at 8:00 a.m.

Morning and afternoon tea breaks will be provided; lunch will be on your own.

Presentations

22nd February 2019

08:00 Registration Opens - Main Foyer, Owen G. Glenn Building
09:00

Welcome to OWASP New Zealand Day 2019
John DiLeo (Conference Chair), Kirk Jackson, and Kim Carter - OWASP NZ Chapter Leaders
Lech Janczewski (Conference Host) - Associate Professor, Univ. of Auckland

 

Upstairs Auditorium (Room 115)

 

Downstairs Auditorium (Room 098)

09:20

Exploiting Vulnerabilities from the OWASP Top 10: SQLi, XSS, XXE, File Injection
David Waters - Pushpay

09:20

Virtual Patching: Does It Work?
Kirk Jackson - RedShield

10:10

Threat Modelling When You've Never Done It Before
Kade Morton - Quantum Security

10:10

Cloud Catastrophes and How to Avoid Them
Michael Haworth - Insomnia Security Specialists]

10:45

That Vulnerability Looks Quite Risky
Peter Jakowetz - Quantum Security

10:45

JWAT: Attacking JSON Web Tokens
Louis Nyffenegger - Pentester Lab

11:20

Mob Learning Using the OWASP Top 10 and 30 Days of Security Testing
Mike Clarke

11:40

How Can OWASP SAMM Help You Build More Secure Software?
Mohamed Hassan

11:40

Security Regression Testing on OWASP ZAP Node API
Kim Carter - Binary Mist

12:10

Break for Lunch

13:30

NoHolidayChurchGenius: Password Security with 2020 Vision
Antonio Radich - Quantum Security

13:30

How to Lose a Container in 10 Minutes
Sarah Young

14:05

Sharing Is Caring: A Beginner's Guide to Security in the Cloud
Petra Smith

14:25

Eating the Elephant: Application Security When You Aren't a Startup
Stephen Morgan

14:25

CI Can Make $$$ from Thin Air
Sajeeb Lohani

15:00

What's In a Name? Law of Agency and Domain Name Registrations
Judy Ting

15:00

Introduction to Building Secure Electron Applications
Nawaz Gayoom

15:30

Break for Afternoon Tea - Coffee / Tea Service Provided

16:00

How Do I Content Security Policy?
Kirk Jackson - RedShield

16:00

Hardening Your Docker Infrastructure
Kim Carter - Binary Mist

16:50

OWASP Software Assurance Maturity Model (SAMM) 2.0
John DiLeo - Orion Health

16:50

Reverse Engineering Mobile Apps: Why, What, and the Hows
Karan Sharma

17:25

Why 'Positive Security' Is the Next Software Security Game Changer, and How to Do It
Jaap Karan Singh - Secure Code Warrior

17:25

Serverless Authentication with JWT
Mehul Patel

18:00

Wrap Up
Time to go out and socialise, for those interested

Call For Sponsorships

OWASP New Zealand Day 2019 will be held in Auckland on the 22nd of February, 2019, and is a security conference entirely dedicated to application security. The conference is once again being hosted by the University of Auckland with their support and assistance. OWASP New Zealand Day 2019 is a free event, but requires sponsor support to help be an instructive and quality event for the New Zealand community. OWASP is strictly not for profit. The sponsorship money will be used to help make OWASP New Zealand Day 2019 a free, compelling, and valuable experience for all attendees.

The sponsorship funds collected are to be used for things such as:

  • Venue - Room use and on-site management fees
  • Name tags - We feel that getting to know people within the New Zealand community is important, and name tags make that possible
  • Promotion - We would like to reach a wider audience, by utilising paid advertising for the event
  • Printed Materials - Printed materials will include program information, room signs, and lanyards
  • Recognition items for speakers and trainers
  • Morning and afternoon tea, to promote a congenial environment for networking among application security professionals

Facts

Last year, the event was supported by seven sponsors and attracted more than 700 registrations. Plenty of constructive (and positive!) feedback from the audience was received, and we are using this to make the conference more appealing to more people. For more information on the last New Zealand Day event, please visit: https://www.owasp.org/index.php/OWASP_New_Zealand_Day_2018

The OWASP New Zealand community is strong, with more than 500 people currently subscribed to the mailing list (sign up). OWASP New Zealand Day is expected to attract between 900 and 1000 attendees this year.

OWASP regular attendees are IT project managers, IT security managers, IT security consultants, Web application architects and developers, QA managers, QA testers and system administrators.

How to Become a Sponsor

All financial matters related to the conference, including Sponsorship Agreements and payments, are handled through the OWASP Foundation. To express interest in supporting the conference as a sponsor, please contact us by email.

Premium Sponsorship Packages

 
Platinum
 
Gold
 
Silver
 
Bronze
A La Carte
(See Below)
Enrolment Limit 2 6 -- -- Varies
General Rate $5,000 $3,000 $1,750 $1,000 Varies
OWASP Corporate Member Rate $4,250 $2,550 $1,500 $850 N/A
A La Carte Sponsorship Discount 15% 10% 5% -- --
Banner in Conference Lobby (see notes) Yes No No No Varies
Banner at Side of Stage (see notes) Yes (2) Yes (1) No No No
Logo on Attendee Badges Yes Yes No No Varies
Logo on Room Signs Yes Yes Yes No Varies
Company Description on Conference Web Page 150 words 100 words 50 words No Varies
Pre-Conference Reception Tickets 4 3 2 1 Varies
Logo on Conference Tote Bags Yes Yes Yes No Varies
Mention in Pre-Event Publicity Yes Yes Yes Yes Varies
Logo on Conference Web Site Yes Yes Yes Yes Yes
Recognition during Opening/Closing Sessions Yes Yes Yes Yes Yes
Promotional Items in Conference Tote Bags (see notes) Yes (up to 3) Yes (up to 2) Yes (1) Yes (1) Varies

A La Carte Sponsorship Opportunities

1. Morning and Afternoon Tea Breaks - Conference Day

Sponsorships Available: Four (4)

General Rate: $4,500

Benefits:

  • Opportunity to display your company's banner in the conference lobby (see notes below) throughout the day of the conference
  • Recognition as sponsoring provider, on signs displayed on service tables during tea breaks
  • Sponsor logo printed on attendee badges
  • Sponsor logo printed on Room Signs
  • Single-colour sponsor logo imprinted on conference tote bags
  • Sponsor logo displayed on conference Web page, alongside Platinum Sponsors
  • Opportunity to include 150-word company description in About Our Sponsors section of conference Web page
  • Written recognition as a leading sponsor, in pre-event publicity communications
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

2. Pre-Conference Reception

On the Thursday evening, the OWASP New Zealand Day Committee will host a reception for speakers, trainers, conference volunteers, and Premier Sponsors. The event will be held at an establishment near the conference venue.

Sponsorships Available: Two (2)

General Rate: $2,000

Benefits:

  • Opportunity to display your company's banner at the reception venue (see notes below) during the reception
  • Opportunity to address reception attendees, as "hosting" sponsor of reception
  • Recognition as sponsoring provider, on signs displayed on service tables/bars during reception
  • Sponsor logo printed on Room Signs
  • Single-colour sponsor logo imprinted on conference tote bags
  • Sponsor logo displayed on conference Web page, alongside Silver Sponsors
  • Opportunity to include 100-word company description in About Our Sponsors section of conference Web page
  • Written recognition as a leading sponsor, in pre-event publicity communications
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

3. Conference Tote Bags for Attendees

Sponsorships Available: One (1)

General Rate: $1,800

Benefits:

  • Single-colour sponsor logo printed on the Conference Tote Bags, along with those of Platinum, Gold, and Silver Sponsors
  • Sponsor logo printed on Room Signs
  • Sponsor logo displayed on conference Web page
  • Opportunity to include 50-word company description in About Our Sponsors section of conference Web page
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

4. Lanyards for Attendee Badges

Sponsorships Available: One (1)

General Rate: $1,800

Benefits:

  • Single-colour sponsor logo printed on the Attendee Lanyards, along with the OWASP logo
  • Sponsor logo printed on Room Signs
  • Sponsor logo displayed on conference Web page
  • Opportunity to include 50-word company description in About Our Sponsors section of conference Web page
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

5. Speaker Gifts

Sponsorships Available: One (1)

General Rate: $1,500

Benefits:

  • Sponsor logo printed on Room Signs
  • Single-colour sponsor logo imprinted on conference tote bags
  • Sponsor logo displayed on conference Web page, alongside Silver Sponsors
  • Opportunity to include 50-word company description in About Our Sponsors section of conference Web page
  • Written recognition as a leading sponsor, in pre-event publicity communications
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

6. Morning and Afternoon Tea Breaks - Training Day

Sponsorships Available: Two (2) --Funded, no longer available

General Rate: $750

Benefits:

  • Opportunity to display your company's banner in the training facility lobby (see notes below) throughout the training day
  • Recognition as sponsoring provider, on signs displayed on service tables during training day tea breaks
  • Sponsor logo displayed on conference Web page, alongside Bronze Sponsors
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

7. International Travel Support

As part of the submission process for presentations, prospective presenters from outside New Zealand are given the opportunity to indicate if they will need travel support to be able to attend OWASP New Zealand Day. Each International Travel Support sponsorship is intended to provide a maximum of $2,500 for one international presenter's travel expenses related to attending, and presenting at, the conference. Supported travel expenses may include: return airfare from the airport nearest the presenter's residence to Auckland, two nights' accommodation in a lodging near the conference venue, and return shuttle transportation between the Auckland airport and the accommodation.

Sponsorships Available: No Limit

General Rate: $2,500

Benefits:

  • Sponsor logo displayed on conference Web page, alongside Gold Sponsors
  • Opportunity to include 100-word company description in About Our Sponsors section of conference Web page
  • Opportunity for sponsor representative to introduce sponsored presenter
  • Written recognition as a leading sponsor, in pre-event publicity communications
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

8. Diversity Fund

The OWASP New Zealand Day Diversity and Financial Aid Fund has been established to provide financial assistance to students at New Zealand universities. Each Diversity Fund sponsorship is intended to cover travel expenses for one New Zealand student, from outside the Auckland area, who will be attending or presenting at the conference. Each Diversity Fund support recipient will receive funding for return airfare from their nearest domestic airport to Auckland International Airport, two night's accommodation in a lodging near the conference venue, and return shuttle transportation between the airport and the accommodation.

Sponsorships Available: No Limit

General Rate: $750

Benefits:

  • Sponsor logo displayed on conference Web page, as a Diversity Fund Sponsor
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

9. Door Prizes

At the closing session of the conference, the OWASP New Zealand Day Committee will conduct a series of random drawings, awarding donated items to attendees, who must be present to win. There is no minimum or maximum value required for donated items, nor is the number of items provided subject to any limit. It is recommended that items provided be of interest to the conference's target audience, rather than of a generic nature.

Sponsorships Available: No Limit

General Rate: In-Kind Donation

Benefits:

  • Verbal recognition, at the time of the prize drawing, as the donor of the prize

10. Other Supporting Sponsorships

If your company would like to provide special items to attendees, funding for paid promotional advertising for the event, or other items that we haven't yet thought of, you are welcome to contact us to discuss your ideas.

Sponsorships Available: No Limit

General Rate: In-Kind Donation

Benefits:

  • Sponsor logo displayed on conference Web page, as a Supporting Sponsor
  • Visual and verbal recognition of sponsor at opening and closing sessions of conference

Notes

Sponsor Logos:

  • Logos are to be provided by the respective sponsors, as digital files (JPEG and PNG preferred)
  • Logos provided should be full colour
  • For lanyards and tote bags (including Platinum/Gold/Silver Sponsors), a single-colour version of the logo should also be provided, in a separate file. If a single-colour version of the logo is not provided by the sponsor, the OWASP New Zealand Day Committee reserves the right to electronically convert the full-colour logo to a single-colour version, or omit the sponsor's logo from the imprinted items if that proves infeasible.

Sponsor Banners:

  • Lobby and stage-side banners are to be provided by the respective sponsors, must be free-standing, and their size is subject to approval by the OWASP New Zealand Day Committee.
  • The conference venue includes two tracks, conducted in separate auditoriums; Platinum Sponsors may display one banner to the side of each auditorium's stage; Gold Sponsors may display a banner to the side of the stage in one auditorium. Gold Sponsors may express an auditorium preference, but final locations are at the discretion of the OWASP New Zealand Day Committee.
  • There will be a maximum of four (4) sponsor banners displayed in each auditorium, with placement priority given to Platinum Sponsors.

Promotional Items:

  • Printed materials are limited in dimensions to A4 size - either a single sheet, printed on one or both sides; or a single A3 sheet, folded in half
  • Small imprinted items are also acceptable - pens, stress balls, USB keys, fidget spinners, etc.
  • Design of printed materials and imprinted items are subject to approval by OWASP New Zealand Day Committee
  • RECRUITMENT: In addition to the promotional item allowances included in Premium Sponsorship Packages, any sponsor may provide one A5-size card with information on actual current vacancies for which candidates are actively being sought

All amounts listed are in New Zealand dollars (NZD)

Diversity and Financial Aid fund

Thanks to the generous support of our lovely sponsors, we have some funding available to help people from around New Zealand attend the OWASP NZ Day, who would otherwise find it hard to attend. In particular, we welcome applications from women, people of colour, LGBTIQ, and all others. You all deserve to be able to learn more about security, and we’ll do our best to help make that happen!

Our funds are limited, and we’ll be reviewing applications every week, starting at the end of January. Submit your application soon, so we can approve them promptly, and you’ll be in several review cycles!

Process:

  • Fill out our Application Form
  • We will review and approve applications each week. The first reviews will be completed by 29 January.
  • We will contact all applicants and let them know the result of the review.
  • Successful applicants will be contacted to help sort things out.

We use the following criteria to help us decide who gets approved:

  • We are biased towards (but not exclusively for) diverse applicants.
  • We do attempt to maximise cost efficiency and will aim to get as many people to OWASP as possible, with our limited funds.

Each successful recipient can choose whether to be kept anonymous (in which case only the OWASP NZ committee will know the details of your funding), or to be put in touch with the supporting company whose sponsorship is going towards your attendance. We think some of our sponsors may enjoy the opportunity to chat with you on the day talk about your experiences and plans for the future, but that’s totally optional and up to you.

If you have any questions, feel free to drop us an email: [email protected]

Code of Conduct

We want to make the OWASP NZ Day a welcoming environment for all attendees. To that end, we would like to remind you of OWASP's Anti-Harassment Policy.

Speakers, trainers and sponsors have all been reminded of these policies, and are expected to abide by them like all attendees.

If you have any concerns during the day, please seek out John, Austin, or Brendan. We will make ourselves visible at the start of the day, so you know what we look like.

Call for Presentations

UPDATE: The Call for Presentations is now CLOSED. The committee is reviewing the proposals received, and will be notifying submitters of their selection status shortly.

OWASP New Zealand Day conferences attract a high quality of speakers from a variety of security disciplines, including architects, Web developers and engineers, system administrators, penetration testers, policy specialists and more.

We would like a variety of technical levels in the presentations submitted, corresponding to the three focus areas of the conference:

Track One:

  • Introductions to various Information Security topics, and the OWASP projects
  • Policy, Compliance and Risk Management

Track Two:

  • Technical topics

Introductory talks should appeal to an intermediate to experienced software developer, without requiring a solid grounding in application security or knowledge of OWASP projects. These talks should be engaging, encourage developers to learn more about information security, and give them techniques that they can immediately return to work and apply to their jobs.

This being an OWASP conference, the selection process for talks in Track One will give priority to those related to OWASP's Projects, Tools, and Guidance (check out the current [OWASP Project Inventory](https://www.owasp.org/index.php/Category:OWASP_Project#tab=Project_Inventory) for more information). If multiple submissions are received related to the same OWASP Project/Tool, preference will be given to speakers actively involved as leaders or members of the respective project teams.

Technical topics are running all day and should appeal to two audiences - experienced software security testers or researchers, and software developers who have a “OWASP Top Ten” level of understanding of web attacks and defences. You could present a lightning, short or long talk on something you have researched, developed yourself, or learnt in your travels. Ideally the topics will have technical depth or novelty so that the majority of attendees learn something new.

We would also like to invite talks that will appeal to those interested in the various non-technical topics that are important in our industry. These talks could focus on the development of policies, dealing with compliance obligations, managing risks within an enterprise, or other issues that could appeal to those in management roles.

We encourage presentations to have a strong component on fixing and prevention of security issues. We are looking for presentations on a wide variety of security topics, including but not limited to:

  • Web application security
  • Mobile security
  • Cloud security
  • Secure development
  • Vulnerability analysis
  • Threat modelling
  • Application exploitation
  • Exploitation techniques
  • Threat and vulnerability countermeasures
  • Platform or language security (JavaScript, NodeJS, .NET, Java, RoR, Python, etc)
  • Penetration Testing
  • Browser and client security
  • Application and solution architecture security
  • PCI DSS
  • Risk management
  • Security concepts for C*Os, project managers and other non-technical attendees
  • Privacy controls

The submission will be reviewed by the OWASP New Zealand Day conference committee and the highest voted talks will be selected and invited for presentation.

PLEASE NOTE:

  • Due to limited funds availability, the conference budget does not include a plan to cover expenses for international speakers. However, if sponsorship funds are received for this purpose, we will issue a call for support applications from those outside New Zealand who have submitted proposals. Please indicate in the "additional information" section, whether you would be able to present without such support.
  • If you are selected as a speaker, and your company is willing to cover travel and accommodation costs, the company will be recognised as a "Supporting Sponsor" of the event.

Please submit your presentation on PaperCall.

Submission Deadline: Friday, 11th January 2019 (NOW CLOSED)

Applicants will be notified in the following week after the deadline, whether they were successful or not.

Call For Trainers

The Call for Trainers is now closed. Trainers selected to present training have been contacted, and details are now being finalised.

We are happy to announce that training will run on Thursday, 21 February 2019, the day before the OWASP NZ Day conference. The training venue will be Level 0, Rooms: case rooms 1(005), 2(057), 3(055), and 4(009), kindly provided by the University of Auckland School of Business, in the same building as the OWASP NZ Day conference itself. Classes can contain up to 69 students, with power for laptop usage and Wi-Fi. A wide range of half-day or full-day training proposals will be considered, see the Call for Papers for a list of example topics.

If you are interested in running one of the training sessions, please contact John DiLeo ([email protected]) with the following information:

  • Trainer name
  • Trainer organisation
  • Telephone + email contact
  • Short Trainer bio
  • Training title
  • Trainer requirements (e.g. a projector, whiteboard, etc)
  • Trainee requirements (e.g. laptop, VMware/VirtualBox, etc)
  • Training summary (less than 500 words)
  • Target audience (e.g. testers, project managers, security managers, web developers, architects)
  • Skill level required (Basic / Intermediate / Advanced)
  • What attendees can expect to learn (key objectives)
  • Short course outline

The fixed price per head for training will be $250 for a half-day session and $500 for a whole-day session. As this training is part of an OWASP event, part of the proceeds go back to OWASP. The split is as follows:

  • 25% to OWASP Global - used for OWASP projects around the world
  • 25% to OWASP NZ Day - used for NZ Day expenses
  • 50% to the training provider.

Submission Deadline: Friday, 21st December 2018

Applicants will be notified in the following week after the deadline, whether they were successful or not.