InterSystems Security Contest

Topic and Rules

In the security contest, we encourage developers to share the solutions that show how to perform security tasks related to InterSystems IRIS and InterSystems IRIS for Health. We invite you to contribute apps that will reveal tasks related to the Authentication and Authorization parts of InterSystems Security Model

Here are the requirements:

  1. Accepted applications: new to Open Exchange apps or existing ones, but with a significant improvement. Our team will review all applications before approving them for the contest.
  2. The application should work either on InterSystems IRIS Community Edition or on InterSystems IRIS for Health Community Edition or on InterSystems IRIS Advanced Analytics Community Edition.
  3. The application should be Open Source and published on GitHub.
  4. The README file to the application should be in English, contain the installation steps, and contain either the video demo or/and a description of how the application works.

Technology bonuses

If the application satisfies some additional requirements listed here, it gets additional technology votes.

Sample applications

Sample applications will be added soon. Stay tuned!

Who can participate

Any Developer Community member, except for InterSystems employees (ISC contractors allowed). Create an account!

Developers can team up to create a collaborative application. Allowed from 2 to 5 developers in one team.

Don't forget to highlight your team members in the README of your application – DC user profiles.

How to apply

Log in to Open Exchange, open your application page, make sure that it meets the requirements, and click the "Apply for Contest" button. Your application will be sent for approval and once approved will appear on the Contest page eventually.

Prizes and nominations

Experts Nomination

  • 1st place - $4,000
  • 2nd place - $2,000
  • 3rd place - $1,000
  • NEW PRIZES: 4-10th places - $100

Community Nomination

  • 1st place - $1,000
  • 2nd place - $500
  • 3rd place - $250

Terms and conditions, rules and judgment criteria

By participating in the contest you agree with the following Terms and Conditions.

Visit contest landing page to read and discuss the rules, nominations & judgment criteria.

Join InterSystems Discord channel to chat about requirements, technology, voting, etc.

NominationsRegistered applications (14)
iris-disguise

Data Anonymization tool for InterSystems IRIS

Author: Henry Hamon Pereira

Experts 66Community 137

Bonuses
zap-api-scan-sample

An example on how to scan your REST APIs on IRIS using the OWASP

Author: José Roberto Pereira

Experts 55Community 142

Bonuses
iris-saml-example

InterSystems IRIS - SAML Authentication Test

Author: Dmitry Maslennikov

Experts 46Community 90

Bonuses
API Security Mediator

InterSystems IRIS Declarative Security Rules for REST APIs

Author: YURI MARX PEREIRA GOMES

Experts 40Community 95

Bonuses
Data_APP_Security

OAuth Authentication, Authorization & Auditing basics

Author: Muhammad Waseem

Experts 37Community 54

Bonuses
Server Manager 3 Preview

Now an Authentication Provider for VS Code, for better security

Author: John Murray

Experts 24Community 72

Bonuses
IRIS Middlewares

Specify your middlewares. security treatments on all requests.

Author: davi massaru teixeira muta

Experts 18Community 54

Bonuses
isc-apptools-lockdown

Program for changing the security level of the system.

Author: Sergey Mikhailenko

Experts 14Community 35

Bonuses
Audit Mediator

Object Script mediator to audit ObjectScript REST API requests

Author: YURI MARX PEREIRA GOMES

Experts 14Community 33

Bonuses
passwords-tool

Generating secure passwords and check strength of passwords

Author: Dmitry Maslennikov

Experts 13Community 69

Bonuses
appmsw-dbdeploy

An example of deploying solutions with prepared databases, even without source code.

Author: Sergey Mikhailenko

Experts 13Community 16

Bonuses
appmsw-forbid-old-passwd

To meet the requirements of section 8.2.5 PCI DSS "Prohibit the use of old passwords", a small application has been implemented that will be launched by the system when a user tries to change a password and check if it was used before.

Author: Sergey Mikhailenko

Experts 11Community 57

Bonuses
https-rest-api

Rest API with Apache2 Web server

Author: Oliver Wilms

Experts 5Community 34

Bonuses
TimeTracking-workers

TimeTracking-workers

Author: Evgeniy Potapov

Experts 5Community 15

Bonuses