OWASP New Zealand Day 2018

Auckland, New Zealand February 05, 2018


CFP closed at  December 08, 2017 10:59 UTC


We are proud to announce the ninth OWASP New Zealand Day conference, to be held at the University of Auckland on Monday 5 February, 2018. OWASP New Zealand Day is a one-day conference dedicated to information security, with an emphasis on secure architecture and development techniques to help Kiwi developers build more secure applications.

Who is it for?

Web Developers: There will be a choice of two streams in the morning. First stream covering introductory talks to information security, second stream covering deeper technical topics. Afternoon sessions will cover offensive security in stream one, and continue with deeper technical topics in stream two.

Security Professionals and Enthusiasts: Technical sessions later in the day will showcase new and interesting attack and defence topics.

Conference structure

Date: Monday 5 February 2018

Time: 9:30am - 6:00pm

Cost: Free

The main conference is on Monday 5 February, and will have two streams in both the morning and the afternoon:


Introductory information security topics

Informational / Defensive


Offensive Security

Informational / Defensive

CFP Description

Call For Presentations

OWASP New Zealand Day conferences attract a high quality of speakers from a variety of security disciplines including architects, web developers and engineers, system administrators, penetration testers, policy specialists and more.

We would like a variety of technical levels in the presentations submitted, corresponding to the three sections of the conference:

  • Introductions to various Web Application Security topics, and the OWASP projects
  • Technical topics
  • Policy, Compliance and Risk Management

The introductory talks should appeal to an intermediate to experienced web developer, without a solid grounding in web application security or knowledge of the OWASP projects. These talks should be engaging, encourage developers to learn more about web application security, and give them techniques that they can immediately return to work and apply to their jobs.

Technical topics are running all day and should appeal to two audiences - experienced web application security testers or researchers, and web developers who have a “OWASP Top Ten” level of understanding of web attacks and defenses. You could present a lightning, short or long talk on something you have researched, developed yourself, or learnt in your travels. Ideally the topics will have technical depth or novelty so that the majority of attendees learn something new.

We would also like to invite talks that will appeal to those interested in the various non-technical topics that are important in our industry. These talks could focus on the development of policies, dealing with compliance obligations, managing risks within an enterprise, or other issues that could appeal to those in management roles.

We encourage presentations to have a strong component on fixing and prevention of security issues. We are looking for presentations on a wide variety of security topics, including but not limited to:

  • Web application security
  • Mobile security
  • Secure development
  • Vulnerability analysis
  • Threat modelling
  • Application exploitation
  • Exploitation techniques
  • Threat and vulnerability countermeasures
  • Platform or language security (JavaScript, NodeJS, .NET, Java, RoR, etc)
  • Penetration Testing
  • Browser and client security
  • Application and solution architecture security
  • Risk management
  • Security concepts for C*Os, project managers and other non-technical attendees
  • Privacy controls
  • Internet of Things
  • Cloud
  • Car Hacking

The submission will be reviewed by the OWASP New Zealand Day conference committee and the highest voted talks will be selected and invited for presentation.


  • Due to limited budget available, expenses for international speakers cannot be covered.
  • If your company is willing to cover travel and accommodation costs, the company will become “Support Sponsor” of the event.

Submissions deadline: 5 January, 2018

Applicants will be notified in the following week after the deadline, whether they were successful or not.

Attendees (3)