Submission is now open for the upcoming OWASP AppSec Research
conference, June 21-24, 2010 in Stockholm, Sweden --

The Open Web Application Security Project (OWASP) is an open community
dedicated to enabling organizations to develop, purchase, and maintain
applications that can be trusted. All of the OWASP tools, documents,
forums, and chapters are free and open to anyone interested in
improving application security. We advocate approaching application
security as a people, process, and technology problem because the most
effective approaches to application security include improvements in
all of these areas. We can be found at www.owasp.org.

We encourage the publication and presentation of new tools, new
methods, empirical data, novel ideas, and lessons learned in the
following areas:
 o     Web application security
 o     Security aspects of new/emerging web technologies/paradigms
(mashups, web 2.0, offline support, etc)
 o     Security in web services, REST, and service oriented architectures
 o     Security in cloud-based services
 o     Security of frameworks (Struts, Spring, ASP.Net MVC etc)
 o     New security features in platforms or languages
 o     Next-generation browser security
 o     Security for the mobile web
 o     Secure application development (methods, processes etc)
 o     Threat modeling of applications
 o     Vulnerability analysis (code review, pentest, static analysis etc)
 o     Countermeasures for application vulnerabilities
 o     Metrics for application security
 o     Application security awareness and education

1. Publish or Perish. Peer-reviewed 12 page papers to be published in
formal proceedings by Springer-Verlag (Lecture Notes in Computer
Science, LNCS). Presentation slides and video takes will be posted on
the OWASP wiki after the conference.
2. Demo or Die. A demo proposal should consist of a pdf with a 1 page
abstract summarizing the matter proposed by the speaker(s) and 1 page
containing demo screenshot(s). Presentation slides and video takes
will be posted on the OWASP wiki after the conference.
3. Present or Repent. A presentation proposal should consist of a 2
page extended abstract representing the essential matter proposed by
the speaker(s). Presentation slides and video takes will be posted on
the OWASP wiki after the conference.

Full instructions can be found on the conference webpage:
If you have any questions regarding submissions etc, please email

Submission deadline: February 7th, 2010 23:59 (Apia, Samoa time).
Decision notification: April 7th, 2010
Conference: June 21st - 24th, 2010

 o  John Wilander, Omegapoint and Linköping University (chair)
 o  Alan Davidson, Stockholm University/Royal Institute of Technology (co-host)
 o  Lieven Desmet, Katholieke Universiteit Leuven
 o  Úlfar Erlingsson, Reykjavík University and Microsoft Research
 o  Martin Johns, University of Passau
 o  Christoph Kern, Google
 o  Engin Kirda, Institute Eurecom
 o  Ulf Lindqvist, SRI International
 o  Benjamin Livshits, Microsoft Research
 o  Sergio Maffeis, Imperial College London
 o  John Mitchell, Stanford University
 o  William Robertson, UC Berkeley
 o  Andrei Sabelfeld, Chalmers UT

A warm welcome from the OWASP community!

  Regards, John Wilander