Call For Proposals

The CFP closes October 1st, 11:59 PM HST-ish.

Thank you for your interest in @LocoMocoSec ! Our product security conference is taking place on the beautiful island of Kauai at the Marriott Beach Resort in Lihue. The conference will start with two days of training on April 16 and 17 and continue with two days of conference talks on April 18 and 19. Talks will be 40 minutes long.

We developed @LocoMocoSec as a Product Security conference. We are a one track conference that focuses on the builder/defender concepts. Do you fall into the “breaker” or offensive category? Your experience and knowledge about effective and ineffective defenses that exist today or should exist in the future is still in scope.

We hope you submit a talk as well as enjoy time on Kauai with your friends and family. Please consider submitting a talk regardless of the “fit” to our conference or your speaking experience. We want to give you the opportunity to share your ideas at our welcoming and supportive conference. We will work with you!

Here are some examples of the type of talks we are actively looking for:

* Tackled a multi-year problem with a detailed explanation of the discovery, investigation, implementation, and maintenance? Tell me your story.
* Did you overhaul the way authentication, two factor, and account recovery works? Explain your process.
* Have experience building or scaling security programs? Bring it!
* Are you an expert cat herder who likes going against the grain? Tell us your secrets.
* Code review! That’s important. Developed a tool or library that makes it harder to do the wrong thing? Yes please.
* Developed a new browser standard for being safer on the internet? This is the place for you.
* Did you keep your application secure with this one under appreciated but incredibly powerful thing that might not be common knowledge yet! Please submit!
* Have you undergone massive architectural changes and had to adapt your security plan as the company changes? How did you do it?
* Maximizing red team and blue team effectiveness. We like it!

Examples of what is not our focus for this conference:

* Buy my thing! You get to talk about your product/company once, and even then it has to be tasteful.
* Reverse engineering is super cool but this is not our focus. However, it would be cool if someone described an automated fuzzing system.
* How I hacked X.
* $operating system is insecure.
* I can phish people.

If you have any questions, you can reach us at