· Nov 1, 2021

InterSystems Security Contest

Security wanted!

Welcome to the next InterSystems online programming competition: 

🏆 InterSystems Security Contest 🏆

Duration: November 15 - December 05, 2021

Prizes: $9,450 in prizes!



1. Experts Nomination - a specially selected jury will determine winners:

🥇 1st place - $4,000 

🥈 2nd place - $2,000 

🥉 3rd place - $1,000

🌟 4-10th places - $100

2. Community winners - applications that will receive the most votes in total:

🥇 1st place - $1,000 

🥈 2nd place - $500 

🥉 3rd place - $250

If several participants score the same amount of votes, they all are considered winners, and the money prize is shared among the winners.  

Who can participate?

Any Developer Community member, except for InterSystems employees (ISC contractors allowed). Create an account!

👥 Developers can team up to create a collaborative application. Allowed from 2 to 5 developers in one team.

Do not forget to highlight your team members in the README of your application – DC user profiles.

Contest Period

🛠 November 15 - 28: Application development and registration phase.

✅ November 29 - December 05: Voting period.

Note: Developers can improve their apps throughout the entire registration and voting period.

The topic

In the security contest, we encourage developers to share the solutions that show how to perform security tasks related to InterSystems IRIS and InterSystems IRIS for Health. We invite you to contribute apps that will reveal tasks related to the Authentication, Authorization, Auditing and Encryption parts of the InterSystems Security Model.

Such tasks could be:

  • OAuth/OpenID/SAML/LDAP Authentication implementations.
  • PKI implementations
  • Access Management to certain parts of a REST API: application-level security, role/user-level security.
  • Access Management to data: on a database, table, column, or row-level access.
  • Access to interoperability components
  • Access to IRIS BI components: cubes, pivots, dashboards etc.
  • DevOps questions of authorization (users, roles, resources) and authentication (OAuth) settings.
  • Developer and support tools related to authentication and authorization.
  • Your idea!


  1. Accepted applications: new to Open Exchange apps or existing ones, but with a significant improvement. Our team will review all applications before approving them for the contest.
  2. The application should work either on IRIS Community Edition or IRIS for Health Community Edition or IRIS Advanced Analytics Community Edition.
  3. The application should be Open Source and published on GitHub.
  4. The README file to the application should be in English, contain the installation steps, and contain either the video demo or/and a description of how the application works.

Helpful resources 

1. For beginners with InterSystems IRIS:

2. For beginners with ObjectScript Package Manager (ZPM):

3. How to submit your app to the contest:

4. Documentation, courses, and videos:

5. Templates


Voting rules will be announced soon. Stay tuned! 


We're waiting for YOUR project – join our coding marathon to win! 

❗️ Please check out the Official Contest Terms here.❗️

Discussion (21)2
Log in or sign up to continue

Consent in the privacy is a legacy resource, because all days we give consent without read the contract and conditions. Now, to reach privacy, you need to use the resource of transparency. When the user know what the data controller did with your data and it is allowed to the data holder manage data sharings, get reports and claim privacy rights using this transparency, you get the real privacy. Gdpr, lgpd is about it. Is not about cypher data or allows a consent opt in, but to give to the holder the power to manage all aspects about your data. So to expand the security contest with privacy, will require to you review all current rules. The risk to see apps using 95% from another technologies and 5% of iris it is real with this expansion. While when you has the requirement to use intersystems security model, we have more chance to see apps with intensive use of iris

Encryption is the part of InterSystems security model. I think the data anonymization task is close to data encryption, isn't it?

And privacy regulations can even deal with anonymized and unencrypted data. If @Henry Pereira removes GDPR or LGPD terms from the question (which are the potential implementation goals), will the case work as a security topic?

So our contest is not about privacy. But we can include encryption and data obfuscation/anonymization.

Hey Developers,

The recording of the InterSystems Security Contest Kick-off Webinar is available on InterSystems Developers YouTube

Please welcome:

InterSystems Security Contest Kick-off Webinar
[This is an embedded link, but you cannot view embedded content directly on the site because you have declined the cookies necessary to access it. To view embedded content, you would need to accept all cookies in your Cookies Settings]