OWASP 2025 Global AppSec EU

The OWASP Microservice Cheat Sheet makes a bold statement about the limitations of edge-level authorization architectures - implying that they cannot handle the complexities of modern microservices. But what if that’s no longer true?

Enter heimdall, an identity-aware proxy that redefines edge-level authentication and authorization. By integrating fine-grained access control with modern Zero Trust principles, heimdall overcomes the supposed weaknesses, providing scalability, flexibility, and performance without sacrificing security and team agility.

In this talk, I will challenge the OWASP Cheat Sheet’s view and demonstrate how heimdall addresses its concerns head-on. You’ll learn how edge-level authorization can scale to meet the demands of large, distributed systems while maintaining granular control over access. Through real-world examples and architecture insights, we’ll explore why the edge-level might just be the most effective place for secure access control.

Join me to see how heimdall blows away the perceived limitations of edge-level authorization and why it’s time to rethink this critical piece of microservice security.

False positives are one of the biggest pain points in running a Static Application Security Testing (SAST) program. While SAST tools are valuable for identifying security issues in a codebase—flagging critical vulnerabilities like Remote Code Execution and SQL Injection—they often generate significant noise due to their lack of contextual awareness. SAST testing is relatively easy to set up, requires no accounts or credentials, and can uncover issues in multi-step processes that would be difficult to detect with dynamic security testing. However, the high volume of false positives leads to alert fatigue and demands considerable effort to triage, making it challenging to identify the relatively small number of true vulnerabilities.

This research addresses that challenge by combining Program Analysis with Large Language Models (LLMs) to simulate the manual triage process for SAST findings. Our approach leverages a carefully designed LLM agent that enhances context around vulnerable code, identifies conditions that make exploitation infeasible, and determines whether a clear execution path exists from a user-controlled input to the vulnerable line flagged by SAST.

We will demonstrate this novel approach in action, showcasing how it can be integrated with any SAST tooling to streamline triage. By reducing false positives and prioritizing actionable findings, this method allows security engineers and developers to focus on the vulnerabilities that truly matter.

High performing teams are a treasure for every organization. But what if cognitive load gets too high and creates a buffer overflow in a team’s working memory? Security adds an additional layer of complexity to the work of development teams and endangers their quality of work and solution finding capabilities as a team. We will show actionable remediation strategies like a Security Champions Program, automation for security scans and secure scrum with a real-life example.

Join Us in Shaping the Future of Secure Software Development

The OWASP Education and Training Committee is developing a certification program designed specifically for developers—and we need your expertise.

For the first time, this initiative will be showcased at OWASP Global AppSec EU 2025, and we’re inviting the community to help build the body of knowledge that will form the foundation of the certification curriculum.

If you're passionate about secure coding and developer education, this is your chance to contribute meaningfully to a global effort. Let’s build something that lasts—together.

The OWASP Web Honeypot Project is an open-source (Proof of Concept PoC) initiative designed to deploy deceptive security mechanisms that lure, detect, and analyze cyber threats targeting web applications. It aims to provide security professionals with actionable intelligence on attack patterns, tools, and techniques used by adversaries.

The goal of the project is to identify emerging attacks against web applications and report them to the community, in order to facilitate protection against such targeted attacks. Within this project, we are leading the collection, storage and analysis of threat intelligence data.

The purpose of this part of the project is to capture intelligence on attacker activity against web applications and utilise this intelligence as ways to protect software against attacks. Honeypots are an established industry technique to provide a realistic target to entice a criminal, whilst encouraging them to divulge the tools and techniques they use during an attack. Like bees to a honeypot. These honeypots are safely designed to contain no information of monetary use to an attacker, and hence provide no risk to the businesses implementing them.

Originally the honeypots were VM, Docker or small computing profile based like Raspberry Pi, employed ModSecurity based Web Application Firewall (WAF) technology using OWASP’s Core Rule Set (CRS) pushing intelligence data back to a console to be converted to STIX/TAXII format for threat intelligence or pushed into ELK for visualisation.

Further enhancement and research-based work has been undertaken this year to enhance the container based approach (Docker) to introduce key features which include 

• Capability of dynamically switching web server profiles to mimic popular platforms like WordPress and Drupal for example.

• Utilise an alternative approach to using mlogc log output pushed into Logstash/ELK for visualisation and threat intelligence formats with MiSP via JSON format.

• Creation of a publicly available dataset within an AWS S3 bucket of JSON to store web threat intelligence in. a searchable JSON format feed, allowing the use of tools like JSON Crack for pattern recognition.

The intention is to be able to deploy these enhanced honeypots within key locations in the Internet community can distribute within their own networks. With enough honeypots globally distributed, we will be in a position to aggregate attack techniques to better understand and protect against the techniques used by attackers. With this information, we will be in a position to create educational information, such as rules and strategies, that application writers can use to ensure that any detected bugs and vulnerabilities are closed.
Overall having an open rich standard format-based quality dataset with real threat intelligence-based information based on the lure for scanning detected “fake” vulnerabilities by industry standard tools (which can easily be dynamically changed or updated) available to the global security community, allows for better web application security and to be able predict evolving cyber threats.

In this 100% slide-free demo session you will embark on a journey through the popular OWASP Juice Shop vulnerable web application!

You will experience firsthand how easy it is to set up, get started, and solve your first hacking & coding challenges. In a quick mob-hacking session, you will gain your first points on Juice Shop's extensive score board!

The demo also includes a glimpse into Juice Shop's CTF tool and its multi-user hosting environment MultiJuicer! You will witness how fast a CTF event can be launched with OWASP Juice Shop, how great documentation really makes a difference, and even how to make
the application look like an in-house app of your own company.

Due to the nature of this small group demo session, you are welcome to ask questions during and between the different topics - ad libitum! There is time for clarification and dipping into special topics.

If time permits, this session can also cover interesting behind-the-scenes topics, such as cheat detection, start-up validations, webhook integrations, and a pro-level Grafana dashboard for observability!

Even if you know and have used OWASP Juice Shop yourself already, there's no chance you've already seen everything that will be covered in this session!

Threat modeling is a cornerstone of cybersecurity, yet it remains manual, complex, and inaccessible to many teams. While AI-powered threat modeling holds immense promise, it faces challenges such as hallucinations, lack of structured outputs, low accuracy, and limited trustworthiness.

The critical gap lies in the availability of specialized datasets. We aim to enhance LLMs’ ability to identify threats and recommend effective controls by generating open-source curated datasets of real-world threat models with the OWASP Threat Library. This session explores the transformative potential of crowdsourced data to fine-tune LLMs, driving a significant leap forward for the cybersecurity community and industry - all under the wings of an OWASP Project.

This session will delve into the convergence of ransomware and Artificial Intelligence/Machine Learning (AI/ML) systems, providing attendees with a comprehensive understanding of the evolving ransomware landscape in AI environments. The presentation will cover:

The progression of ransomware from traditional attacks to AI-driven variants.
Vulnerabilities in AI/ML systems, such as supply chains, models, and training pipelines, that adversaries can exploit for ransomware attacks.
Real-world examples of potential ransomware exploits in predictive AI (e.g., OWASP ML06: 2023 ML Supply Chain Attacks) and generative AI (e.g., OWASP LLM06: Excessive Agency).
Practical strategies and AI-driven solutions to detect, protect against, and mitigate ransomware threats.

Attendees will gain actionable insights into adapting traditional ransomware defenses to safeguard modern AI infrastructures and explore open challenges in standardizing defenses for AI/ML systems. The session will also provide references to OWASP frameworks and insights from the OWASP AI Exchange.

Kubernetes has been put to great use by a wide variety of organizations to manage their workloads, as it hides away a lot of the complexity of managing and scheduling containers. But with each added layer of abstraction, there can be new places for attackers to hide in darkened corners.

This talk will examine how attackers can (ab)use little known features of Kubernetes and the components that are commonly deployed as part of cloud-native containerized workloads to persist in compromised systems, sometimes for years at a time. We'll also pinpoint places where, if you don't detect the initial attack, it might be very difficult to spot the attacker lurking in your cluster.

  rorym@mccune.org.uk
 linkedin.com/in/rorym/
 raesene.github.io (blog)
 datadoghq.com (company)
 infosec.exchange/@raesene (Mastodon)
 bsky.app/profile/m... (Bluesky )

In the security industry, we often take well-established development practices, such as the DevOps infinity loop, add a layer of security, and label it "DevSecOps." However, this approach frequently overlooks a critical issue: layering complex security processes onto efficient development processes can create inefficiency. In this talk, I argue that true innovation in security comes not from tooling or automation alone, but from mastering the underlying process first. By drawing an analogy to simple machines — where incremental improvements led to the evolution of tools like levers, wheels, and pulleys — I will illustrate how optimizing foundational processes leads to scalable, effective security practices. Attendees will leave with practical insights on reducing inefficiencies and fostering consistent improvement in their security workflows.

When exploring the use of Large Language Models (LLMs) in application security, a new frontier emerges for Web Application Firewalls (WAFs). Traditionally, WAFs operate on structured rules to detect and block application attacks, but what if we could leverage the unique capabilities of an LLM? In this talk, we will delve into the potential of using LLMs as WAFs, evaluating their strengths, challenges, and implications.

During this talk attendees will learn how existing applications may need to evolve to align with LLM capabilities, as well as discussing how LLMs can not only help detect threats and reduce false positives but also adapt better to zero-day vulnerabilities.

Through live demonstrations and a practical breakdown of potential architectures, this talk will equip attendees with actionable insights into how LLMs can transform application security while addressing the challenges they bring to the table.

As Large Language Models (LLMs) become an integral part of modern applications, they not only enable new functionalities but also introduce unique security vulnerabilities. In this collaborative talk, we bring together two perspectives: a builder who has experience developing and defending LLM-integrated apps, and a penetration tester who specialises in AI red teaming. Together, we’ll dissect the evolving landscape of AI security.

On the defensive side, we’ll explore strategies like prompt injection prevention, input validation frameworks, and continuous testing to protect AI systems from adversarial attacks. From the offensive perspective, we’ll showcase how techniques like data poisoning and prompt manipulation are used to exploit vulnerabilities, as well as the risks tied to generative misuse that can lead to data leaks or unauthorised actions.

Through live demonstrations and real-world case studies, participants will witness both the attack and defence in action, gaining practical insights into securing AI-driven applications. Whether you’re developing AI apps or testing them for weaknesses, you’ll leave this session equipped with actionable knowledge on the latest methods for protecting LLM systems. This collaborative session offers a comprehensive look into AI security, combining the expertise of two professionals with distinct backgrounds - builder and breaker.

So TypeScript has become the de facto industry standard for developing web applications these days and promising type security, but do developers properly understand the role it plays in securing applications and does the type safety promise hold true in face of real-world security threats?

Developers often mistake dev-time vs runtime security as well as confuse test cases for security guard rails. Can TypeScript actually provide you with code security benefits? In this session we will explore insecure TypeScript patterns, learn how HTTP parameter pollution vulnerabilities impact TypeScript code bases and witness first-hand how attackers employ prototype pollution attacks that cripple codebases even when developers use schema validation libraries like Zod. Through hands-on coding we’ll hack a TypeScript application and learn security best practices.

The exponentially growing number of software security vulnerabilities and data breaches highlights a persistent gap between the implementation of the secure development lifecycle and particularly secure coding practices and their intended outcomes. Despite significant financial investments in application security and the advancements in secure software development methodologies, the effectiveness of these practices remains inconsistent. Our session is based on a multi-phase and multi-year research, conducted in two global enterprise software companies and explores how a combination of developers' security education, organizational security climate, and metrics can enhance secure coding performance and reduce software vulnerabilities.

In December 2004, Steve Lipner introduced to the world the trustworthy computing security development lifecycle. A framework which included three main pillars: Requirements for repeatable secure development processes, requirements for engineers secure coding education and requirements for measurements and accountability for software security. Guided by this three-pillar framework , our research emphasizes the under-addressed areas of developer education and organizational accountability and measurements.

Through a series of three studies, conducted in two global software companies and led by the University of Haifa in Israel, this session will present the results of an academic research that made an attempt to identify the root cause for the ever increasing number of software security vulnerabilities and investigates the effectiveness of secure coding training, the impact of organizational security climate interventions, and the correlation between security climate and secure coding performance in order to evaluate whether the later two, which were prominently left in the shades, could provide a solution to the problem.

The first study evaluates the efficacy of secure coding training programs, revealing that while training improves knowledge, it fails to significantly to reduce newly introduced vulnerabilities. The second study demonstrates that targeted organizational interventions, including leadership communication and process improvements, significantly enhance organizational security climate. The final study found significant correlation between positive security climate and secure coding performance improvement, evidenced by a higher ratio of mitigated vulnerabilities.

This research provides actionable insights for both academia and industry. It underscores the importance of integrating secure coding education with organizational climate improvements to achieve measurable security outcomes. The findings offer a comprehensive approach to reducing cyber security risks while advocating for a dual focus on technical skills and cultural transformation within software development environments.

In this session, we will expose a major data leakage vulnerability in Microsoft Fabric (Power BI) that has already affected tens of thousands of reports, putting thousands of enterprises and organizations at risk. We’ll demonstrate how a Power BI report viewer, especially for reports published to the web, can access unintended data by manipulating API requests to reveal the underlying data model.

We will also showcase PBAnalyzer, an open-source tool to help organizations identify their exposure, and unveil a new attack vector: DAX Injection. This vulnerability stems from improper handling of variables in DAX queries, which we will demonstrate using a Power Automate flow that leaks sensitive data to an external anonymous user.

The session will conclude with actionable steps to secure Power BI reports and prevent unnecessary data exposure.

You have probably heard of success stories using Open Policy Agent for all kinds of authorization problems that focus on the technical merits and challenges. While it is relatively easy to get started when you look at single applications, the game changes as soon as you want to introduce authorization as a platform capability for thousands of applications maintained by hundreds of teams.

We will talk about how Zalando adopted Open Policy Agent and Styra DAS to provide this capability and will shed some light on how we enable enough governance to stay compliant, how to use organisational scale in our favour and how to balance central platform concerns with decentral application concerns.

We’ll touch on the technical integration points in our Platform via OSS Skipper, observability via OpenTelemetry and Styra DAS. We will also talk about the developer experience, the leverage we gain as security teams and how we structure our policies to enable complex business cases across multiple applications.

GraphQL’s capability to fetch precisely what’s needed and nothing more, its efficient handling of real-time data, and its ease of integration with modern architectures make it a compelling choice for modern web and mobile applications. As developers seek more efficiency and better performance from their applications, GraphQL is increasingly becoming the go-to technology for API development. However, building and maintaining GraphQL applications requires careful consideration of security.

In this talk, security engineers will strengthen their GraphQL security skills by learning key techniques such as complexity management, batching, aliasing, sanitization, and depth limit enforcement. They will also learn to implement customizable middleware with their development team, like GraphQL Armor, for various GraphQL server engines.

Participants will explore different techniques and packages, and apply them to enhance the safety of their GraphQL applications. By the end of the talk, attendees will be equipped with practical knowledge to build secure and efficient GraphQL APIs.

In 2022 we launched OWASP Domain Protect, a tool using serverless functions to automate scans of an enterprise’s DNS environments in AWS, GCP and Cloudflare, test for subdomains vulnerable to takeover, and create Slack and email alerts.

Since then, new features have been added, including a migration of OWASP Domain Protect to a public Terraform Module hosted on the Terraform and OpenTofu Registries. This approach makes it very straightforward for users to incorporate OWASP Domain Protect to their own cloud infrastructure, and easy to keep it updated.

In this presentation, I’ll review the basics of subdomain takeover, describe the system architecture of Domain Protect, detail recent improvements, and give a live demonstration of vulnerable domain detection followed by automated takeover.