This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit

OWASP New Zealand Day 2019

Revision as of 01:38, 14 November 2018 by John dileo (talk | contribs) (Minor corrections - still WIP)

Jump to: navigation, search


21st and 22nd February 2019 - Auckland



We are proud to announce the tenth OWASP New Zealand Day conference, to be held at the University of Auckland on Friday, February 22nd, 2019. OWASP New Zealand Day is a one-day conference dedicated to information security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.

Who is it for?

  • Web Developers: There will be a choice of two streams in the morning. Talks in the first stream will include introductory talks to information security, while those in the second stream will address deeper technical topics. Afternoon sessions will cover offensive security in stream one, and continue with deeper technical topics in stream two
  • Security Professionals and Enthusiasts: Technical sessions later in the day will showcase new and interesting attack and defence topics

Conference structure

Date: Friday, 22 February 2019
Time: 9:30am - 6:00pm
Cost: Free

The main conference is on Friday, the 22nd of February, and will have two streams in both the morning and the afternoon:


In addition to the main conference on Friday, we are pleased to offer opportunities for application security-related training on Thursday (21 February), at the same venue. The Call for Training is currently open, and details on the training sessions selected will appear below as they are finalised.


The tenth OWASP New Zealand Day will be happening thanks to the support provided by the University of Auckland, which will kindly offer the same facilities as those we used in 2018. Entry to the event will, as in the past, be free.

For any comments, feedback or observations, please don't hesitate to contact us.


Registration is not yet open. Please join our low volume mailing list to be notified when registration opens and/or follow us on twitter @owaspnz

There is no cost for the main conference day. Currently, we are planning to provide morning and afternoon tea; however, this is subject to meeting our sponsorship goals for the event. Spaces are limited, so we do ask that, if at any point you realise you will not be able to attend, you cancel your registration to make room for others.

Important dates

  • CFP submission deadline: 21st December 2018
  • CFT submission deadline: 21st December 2018
  • Conference Registration deadline: 14th February 2019
  • Training Registration deadline: 14th February 2019
  • Training Day date: 21st February 2019
  • Conference Day date: 22nd February 2019

For those of you booking flights, ensure you can be at the venue by 9:00am. The conference will end by 6:00pm. However, we will have post conference drinks at a local drinking establishment for those interested. We are planning to hold a special event on Thursday evening for speakers, trainers, and conference volunteers - more details on that to follow.

Places to eat & drink on the day

  • Coffee cart and selection of snacks next to the reception on the ground floor, this is the closest but will probably have long lines
  • Mojo Symonds - also on campus
  • Shakey Isles - coffee and food across the road on the corner of Symonds & Alfred St
  • The CBD - walk up and over Albert Park to get to the CBD with many great food options
    • Fort Street has burgers, kebabs, and KFC
    • High Street & Lorne Street have lots of little cafes and restaurants
  • Subway, Starbucks, St. Pierre's Sushi & Pita Pit - walk up Symonds Street
  • Vulture’s Lane is a popular pub with the InfoSec crowd, there are more seats downstairs
  • The Bluestone Room - also a popular pub just across Queen St

Conference Venue

The University of Auckland School of Business
Owen Glen Building
Address: 12 Grafton Road

Stream One: Level 1
Room: 115 (Fisher & Paykel Auditorium)

Stream Two: Level 0
Room: 098

New Zealand

073 AUBiz 10Apr08small.jpg OWASPNZDayLectureTheatre.jpg

Conference Sponsors

Conference Host:


Platinum Sponsors:


Gold Sponsors:


Silver Sponsors:


Supporting Sponsors:


Conference Committee

  • John DiLeo - Conference Chair, OWASP New Zealand Leader (Auckland)
  • Brendan Seerup - Sponsorships and Promotion
  • Lech Janczewski - Conference Host Liaison - Associate Professor, University of Auckland School of Business
  • YOU - We are looking for volunteers to help make this our most successful conference yet!

Please direct all enquiries to [email protected]

OWASP NZ on Twitter (



In addition to the main conference on Friday, we are pleased to provide opportunities for individuals/vendors to present training on Thursday, at the same venue. We are able to accommodate a maximum of four (4) concurrent training sessions. The Call for Training is currently open, and details will be provided here as selections are finalised. Training fees are $250 for half-day sessions, and $500 for full-day sessions.

Call For Presentations

Call For Presentations

The Call for Presentations is now open, and will close on Friday, 21st December.

OWASP New Zealand Day conferences attract a high quality of speakers from a variety of security disciplines, including architects, Web developers and engineers, system administrators, penetration testers, policy specialists and more.

We would like a variety of technical levels in the presentations submitted, corresponding to the three focus areas of the conference:

Track One:

  • Introductions to various Information Security topics, and the OWASP projects
  • Policy, Compliance and Risk Management

Track Two:

  • Technical topics

Introductory talks should appeal to an intermediate to experienced software developer, without requiring a solid grounding in application security or knowledge of OWASP projects. These talks should be engaging, encourage developers to learn more about information security, and give them techniques that they can immediately return to work and apply to their jobs.

This being an OWASP conference, the selection process for talks in Track One will give priority to those related to OWASP's Projects, Tools, and Guidance (check out the current [OWASP Project Inventory]( for more information). If multiple submissions are received related to the same OWASP Project/Tool, preference will be given to speakers actively involved as leaders or members of the respective project teams.

Technical topics are running all day and should appeal to two audiences - experienced software security testers or researchers, and software developers who have a “OWASP Top Ten” level of understanding of web attacks and defences. You could present a lightning, short or long talk on something you have researched, developed yourself, or learnt in your travels. Ideally the topics will have technical depth or novelty so that the majority of attendees learn something new.

We would also like to invite talks that will appeal to those interested in the various non-technical topics that are important in our industry. These talks could focus on the development of policies, dealing with compliance obligations, managing risks within an enterprise, or other issues that could appeal to those in management roles.

We encourage presentations to have a strong component on fixing and prevention of security issues. We are looking for presentations on a wide variety of security topics, including but not limited to:

  • Web application security
  • Mobile security
  • Cloud security
  • Secure development
  • Vulnerability analysis
  • Threat modelling
  • Application exploitation
  • Exploitation techniques
  • Threat and vulnerability countermeasures
  • Platform or language security (JavaScript, NodeJS, .NET, Java, RoR, Python, etc)
  • Penetration Testing
  • Browser and client security
  • Application and solution architecture security
  • Risk management
  • Security concepts for C*Os, project managers and other non-technical attendees
  • Privacy controls

The submission will be reviewed by the OWASP New Zealand Day conference committee and the highest voted talks will be selected and invited for presentation.


  • Due to limited budget available, expenses for international speakers cannot be covered.
  • If you are selected as a speaker, and your company is willing to cover travel and accommodation costs, the company will be recognised as a "Supporting Sponsor" of the event.

Please submit your presentation on PaperCall.

Submissions deadline: 21st December 2018

Applicants will be notified in the following week after the deadline, whether they were successful or not.