Dear secure coding friends,

In exactly one year -- June 21-24, 2010 -- let's all meet in beautiful
Stockholm, Sweden. OWASP Sweden, Norway, and Denmark hereby invite you to
OWASP AppSec Research 2010.

AppSec Research = AppSec Europe
This conference was formerly known as OWASP AppSec Europe. We have added
'Research' to highlight that we invite both industry and academia. All the
regular AppSec Europe visitors and topics are welcome along with
contributions from universities and research institutes.

This is the European conference for anyone interested in or working with
application security. Co-host is the Department of Computer and Systems
Science at Stockholm University, offering a great venue in the fabulous Aula

Call for Papers and Proposals
We offer two options:
1. Full papers. Peer-reviewed 12 page papers that will be published in
formal proceedings by Springer-Verlag Lecture Notes in Computer Science
(final approval pending).
2. Presentation proposals. A presentation proposal should consist of a
2-page position paper representing the essential matter proposed by the
speaker(s). Proposals must include sufficient material for the reviewers to
make an informed decision.

Topics of Interest
We encourage the publication and presentation of new tools, new methods,
empirical data, novel ideas, and lessons learned in the following areas:
€    Web application security
€    Security aspects of new/emerging web technologies/paradigms (mashups,
web 2.0,  offline support, etc)
€    Security in web services, REST, and service oriented architectures
€    Security in cloud-based services
€    Security of frameworks (Struts, Spring, ASP.Net MVC etc)
€    New security features in platforms or languages
€    Next-generation browser security
€    Security for the mobile web
€    Secure application development (methods, processes etc)
€    Threat modeling of applications
€    Vulnerability analysis (code review, pentest, static analysis etc)
€    Countermeasures for application vulnerabilities
€    Metrics for application security
€    Application security awareness and education

Submission Deadline and Instructions
Submission deadline is Sunday February 7th 23:59 (Apia, Samoa time).
Submissions should be at most 12 pages long in the Springer LNCS style for
"Proceedings and Other Multiauthor Volumes". Templates for preparing papers
in this style for LaTeX, Word, etc can be downloaded from: Full papers
must be submitted in a form suitable for anonymous review: remove author
names and affiliations from the title page, and avoid explicit
self-referencing in the text.

Program Committee
€    John Wilander, Omegapoint and Linköping University (chair)
€    Alan Davidson, Stockholm University/Royal Institute of Technology
€    Andrei Sabelfeld, Chalmers UT
€    Engin Kirda, Institute Eurecom
€    Lieven Desmet, Katholieke Universiteit Leuven
€    Martin Johns, University of Passau
€    Christoph Kern, Google
€    Sergio Maffeis, Imperial College London

Organizing Committee
€    John Wilander, chapter leader Sweden (chair)
€    Mattias Bergling (vice chair)
€    Alan Davidson, Stockholm University/Royal Institute of Technology
€    Ulf Munkedal, chapter leader Denmark
€    Kåre Presttun, chapter leader Norway
€    Stefan Pettersson (sponsoring coordinator)
€    Carl-Johan Bostorp (schedule and event coordinator)
€    Martin Holst Swende (coffee/lunch/dinner)
€    Kate Hartmann, OWASP
€    Sebastien Deleersnyder, OWASP Board

Countdown Challenges -- Free Tickets to Win!
There will be a challenge posted on the conference wiki page the 21st every
month up until the event. The winner will get free entrance to the
conference. What are you waiting for? The first challenge is posted. Go, go,
go --

The Open Web Application Security Project (OWASP) is an open community
dedicated to enabling organizations to develop, purchase, and maintain
applications that can be trusted. All of the OWASP tools, documents, forums,
and chapters are free and open to anyone interested in improving application
security. We advocate approaching application security as a people, process,
and technology problem because the most effective approaches to application
security include improvements in all of these areas. We can be found at

   Welcome to Stockholm next year!
   Regards, John Wilander

Secure Coding mailing list (SC-L)
List information, subscriptions, etc -
List charter available at -
SC-L is hosted and moderated by KRvW Associates, LLC (
as a free, non-commercial service to the software security community.

Reply via email to