This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

Difference between revisions of "AppSecAsiaPac2014"

Jump to: navigation, search
Line 188: Line 188:
==Keynote Speaker==
==Keynote Speaker==
'''Suguru Yamaguchi''' is a Professor with Graduate School of Information Science, Nara Institute of Science and Technology and former Advisor on Information Security to the Cabinet, Government of Japan.
'''Suguru Yamaguchi''' is a Professor with Graduate School of Information Science, Nara Institute of Science and Technology and former Advisor on Information Security to the Cabinet, Government of Japan.
He was born in Shizuoka, Japan in 1964.  He has D.E from Osaka University, Japan.  In 2000, he was promoted to a Professor with the Graduate School of Information Science, Nara Institute of Science and Technology, Nara, Japan.  Since 2013, he is appointed to Director of Library for FY2013 & 2014.
He was born in Shizuoka, Japan in 1964.  He has D.E from Osaka University, Japan.  In 2000, he was promoted to a Professor with the Graduate School of Information Science, Nara Institute of Science and Technology, Nara, Japan.  Since 2013, he is appointed to Director of Library for FY2013 & 2014.

Revision as of 19:32, 12 November 2013

AppSecAPAC 2014.JPG

We are pleased to announce that the OWASP Japan chapter will host the OWASP AppSec APAC 2014 conference in Tokyo, Japan at the Solar City Conference Center.

The event will be composed of 2 days of training (March 17-18), followed by 2 days of conference talks (March 19-20).

The Global AppSec APAC 2014 Conference will be a reunion of Information Security Asia-Pacific leaders, and will present cutting-edge ideas. OWASP events attract a worldwide audience interested in “what’s next”. The conference is expected to draw 250-300 technologists from Government, Financial Services, Media, Pharmaceuticals, Healthcare, Technology, and many other verticals.

Who Should Attend Global AppSec APAC 2014:

  • Application Developers
  • Application Testers and Quality Assurance
  • Application Project Management and Staff
  • Chief Information Officers, Chief Information Security Officers, Chief Technology Officers, Deputies, Associates and Staff
  • Chief Financial Officers, Auditors, and Staff Responsible for IT Security Oversight and Compliance
  • Security Managers and Staff
  • Executives, Managers, and Staff Responsible for IT Security Governance
  • IT Professionals Interested in Improving IT Security

If you have any questions, please email the conference committee: [email protected]

AppSec APAC 2014 will be held at the SOLA CITY CONFERENCE CENTER in Tokyo, Japan.

Picture1.png Sola City Conference Center.png

Conference Registration is now open! Click here to register

OWASP AppSec APAC features two days of training March 17-18, and two days of talks, March 19-20, 2014.

Conference Registration Fees (not including training)

Ticket price Early Fee (DEADLINE February 1) Regular Fee On-site Fee
Active OWASP member $200 USD (20,000 Yen) $300 USD (30,000 Yen) $400 USD (40,000 Yen)
Non Member + 1 year OWASP membership $220 USD (22,000 Yen) $335 USD (35,000 Yen) $500 USD (50,000 Yen)
Non-Member $250 USD (25,000 Yen) $350 USD (35,000 Yen) $525 USD (52,500 Yen)
Student $50 USD (5,000 Yen) $80 USD (8,000 Yen) $150 USD (15,000 Yen)

Please note - payment will be processed in Japanese Yen but we can process invoice and payment in USD or other currencies.

Training Fees (Please note that conference Registration is separate.)

Course Length Course Dates Fee
1 - day class Monday, March 17 2014 $400 USD (40,000 Yen)
2 - day class Tuesday, March 18 2014 $800 USD (80,000 Yen)

Please note - all prices above appear in USD; however payments can also be made in Japaneses Yen.

Cancellations, Refunds, and Substitutions All ticket sales are final and our general policy is no refunds. However, we are able to substitute registrations at no charge until February 28, 2014.

Group Discounts: 10% off for groups of 10-19; 20% off for groups of 20-29; 30% off for groups of 30 or more. Please contact us for more information about registering a group.

Membership Discounts: We are pleased to offer $20 off admission for active OWASP members. Multiple discounts can not be applied.

Registration for Trainers and Speakers: If you have been selected to deliver a training or talk at the conference, you should have received a discount code for complimentary admission. If you did not receive this code or have questions, please Contact us.

Registration for OWASP Leaders: Complimentary admission to the conference is offered to active OWASP Chapter and Project Leaders. Additionally, two seats for each of the training courses are available at no cost to active OWASP Chapter and Project Leaders (available on a first come, first serve basis).
To register as an active Chapter or Project leader, please select the general event registration option and enter discount code: OWASPLEADER.

Please note: conference and training registration using the OWASPLEADER discount code will be verified by the conference team and if you are not an active OWASP Chapter or Project Leader, you will be contacted regarding your status and your registration may be subject to cancellation.

The AppSec APAC 2014 call for submissions will be open from November 1 to December 15, 2013.

Submission Guidelines

If you want to submit a paper or training, please take note of the following:

* Vendor-Specific Proposals: OWASP does not accept product or vendor-related submissions. If your talk is a thinly-veiled advertisement for a new product, technology or service your company is offering, please do not apply. If you would like to publicize a product, please contact [email protected] for information on exhibiting and other vendor opportunities, including sponsored sessions.

* All presentations must be submitted by the original authors: We currently only accept submissions by original authors of the presentations. PR firms, speaking relation firms, and all other parties who are not direct authors of submitted presentations are discouraged from submitting a proposal on behalf of their clients/speakers. We require direct contact with presenters to expedite questions during the submission review process.

* Supporting materials: If you have an existing body of work available on the subject (blog posts, video, articles, papers...), you now have the possibility to point that out as well. This may help the committee in gauging the nature and the amount of thought and work you have already put into your subject.

What is in it for the Attendees? It is important to let the delegates know what is in it for them. The best presentations are generally those that have good audience interaction and are informing as well as entertaining. It is also important to offer the delegates something to take away that they will be able to use immediately on return to their daily work routine. Audiences do have a preference for presentations which reflect practical applications of something, as opposed to theory. Envisaging the main take-aways for the delegates will help you to develop your presentation. What would you like delegates to tell their colleagues about your session when they get back to work?


  • Security aspects of new web technologies (HTML5, CSP, etc.)
  • New Attack and Defense
  • Mobile security
  • Cloud security
  • SDLC
  • Automated security testing
  • Security awareness and education
  • Threat modeling
  • Secure coding and code review
  • OWASP Projects
  • Case Studies
  • Legacy system and maintenance

Interested in speaking?

Send an e-mail to the selection committee at [email protected]providing them with:

Title of your presentation or training session.
Presentation Type (talk or training).
Language: Please note that all proposals and presentations must be in English or Japaneses.
Short Description: A summary of the main idea of your proposal. Absolute limit of 30 words.
Abstract: A concise description of the purpose, methods, and implications of your presentation. Length 150-200 words.
Previous speaking experience (or references).
Your bio.
Your e-mail.

Notification of acceptance: January 5, 2014

Please note that travel and accomodations are not provided

Selection Criteria

The Selection Committee will review all abstracts that have been submitted on time. The submissions will be rated on a one to five scale by each of the reviewers on the following criteria:
1. Concept: This is the basic idea of your submission. Is it interesting? Is it relevant? Will it be beneficial for the community to hear? Does the speaker have a unique, fresh, and entertaining online and/or stage persona?
2. Clarity / Quality of presentation: Are the ideas conducive to present in front of an audience? Is the abstract articulate and specific? Abstracts should be logical, well-structured and easy to understand. Abstracts should present complete information. This criterion addresses how well the specific research question(s) and objectives, methods used, primary results, etc are explained, rather than the quality of the study itself. A brief, clearly written abstract follows a logical order (e.g. aims, methods, results, followed by a clear interpretation of the results and any implications).
3. Correctness: First, is the technical approach sound and well-chosen? Second, can one trust the claims of the paper -- are they supported by proper proofs, or other argumentation?
4. Depth: Is the basic idea well considered and thought out? To what extent will the audience gain insight? Does this paper have enough substance, or would it benefit from more ideas or results?
5. Takeaway / Innovative content/ Originality / Uniqueness: Is the attendee going to leave this session knowing something they didn't know when they walked in? Are they learning or being inspired? Has this talk or sort of talk been given at a recent AppSec event, or it is something that it is relatively untouched or has a new and interesting spin? Does the abstract present truly innovative ideas and creative solutions to new or known challenges within the industry? How original is the approach? Does this paper break new ground in topic, methodology, or content? Submissions showcasing cutting-edge ideas and approaches or containing significant new findings will be favored.
6. Relevance / contribution to the knowledge: How significant is the work described? If the ideas are novel, will they also be useful or inspirational? If the results are sound, are they also important? This criterion addresses the importance of the research in terms of advancing the subject. Abstracts should help the conference contribute to the progression of the industry as a whole. Particular emphasis will be given to abstracts that provide useful outputs and practical advice & tools for the audience in their daily work.

Keynote Speaker


Suguru Yamaguchi is a Professor with Graduate School of Information Science, Nara Institute of Science and Technology and former Advisor on Information Security to the Cabinet, Government of Japan. He was born in Shizuoka, Japan in 1964. He has D.E from Osaka University, Japan. In 2000, he was promoted to a Professor with the Graduate School of Information Science, Nara Institute of Science and Technology, Nara, Japan. Since 2013, he is appointed to Director of Library for FY2013 & 2014. From April 2004 to March 2010, he was appointed to Advisor on Information Security to the Cabinet, Government of Japan.

He has been deeply involved to its design and implementation of the national master plan on information security policy and establishment of National Information Security Center (NISC) in Cabinet Secretariat in 2005. Furthermore, because of tight relationship with government’s information security policy, he was also appointed to Advisor for Government Program Management Office (GPMO) at secretariat office of IT Strategic Headquarter, Government of Japan, since 2006. His research interests include technologies for information sharing, multimedia communication over broadband channels, large-scale distributed computing systems including “cloud computing” technology, network security and network management for the Internet. Since mid 1980’s, he has been working very hard on development the Internet in Japan and Asia and Pacific region. He has been also a member of WIDE project, which is one of pioneer projects for the Internet development, since its creation in 1988. For the Internet development in Asia and Pacific region, he has been working so long for Asian Internet Interconnection Initiatives (AI3) since its creation in 1996.

He made many contributions for Internet development and network security. He founded JPCERT/CC in 1996, which is a first national CSIRT in Japan, and now he is working as one of board of trustee. He was one of founders of as a regional forum of CSIRT in Asia & Pacific region, established in 2002. From 2011, he has been appointed to a member of Steering Committee of FIRST (Forum of Incident Response and Security Teams). In this role, he is working as a liaison officer of Geographical Outreach to work together for CSIRT teams in developing countries mainly in Africa and Grater Middle East to connect to the global FIRST community. Since 2002, he has been a member of board of trustee of Japan Network Information Center (JPNIC), which is national Internet registry managing IP address and AS number allocations and registrations.

LinkedIn Suguru Yamaguchi

OWASP Board Speaker

Tobias Gondrom is Managing Director of Thames Stanley, a CISO and Information Security & Risk Management Advisory based in Hong Kong, United Kingdom and Germany. He has fifteen years of experience in software development, application security, cryptography, electronic signatures and global standardisation organisations working for independent software vendors and large global corporations in the financial, technology and government sector, in America, EMEA and APAC. As the Global Head of the Security Team at Open Text (2005-2007) and from 2000-2004 as the lead of the Security Task Force at IXOS Software AG, he was responsible for security, risk and incident management and introduced and implemented a secure SDLC used globally by development departments in the US, Canada, UK and Germany.

Since 2003 he is the chair of working groups of the IETF ( in the security area, member of the IETF security directorate, and since 2010 chair of the formed web security WG at the IETF, and a former chapter lead of the German OWASP chapter from 2007 to 2008, and currently board member of OWASP London and member of the OWASP Global Industry Committee. Tobias is the author of the international standards RFC 4998 and RFC 6283 (Evidence Record Syntax) and co-author and contributor to a number of internet standards and papers on security and electronic signatures, as well as the co-author of the book „Secure Electronic Archiving“ (ISBN 3-87081-427-6), and frequent presenter at conferences and publication of articles (e.g. AppSec, IETF, ISSE, Moderner Staat, VOI-booklet “Electronic Signature“, iX).

LinkedIn Tobias Gondrom


We are looking for sponsors for the Global AppSec APAC 2014.

If you are interested to sponsor Global AppSec APAC 2014, please contact the conference team: [email protected]

To find out more about the different sponsorship opportunities please check: OWASP AppSec APAC 2014 Sponsorship Options

Sponsorship Deadline is February 10, 2014.