OWASP 2025 Global AppSec EU

OWASP 2025 Global AppSec EU

arrow_back View All Dates

8:15am CEST

Coffee/Tea Area 1 Registration

8:30am CEST

Speaker Ready Room Room 119

9:00am CEST

Keynote: Outside the Ivory Tower: Connecting Practice and Science Room 116+117Kate Labunets OWASP Member Lounge Room 111

10:00am CEST

AM Break with Exhibitors Area 1 Bob the Breaker CTF - The Reunion. The No-code/Low-code Hacking Saga Continues. Room 118NoKod Security • NoKod Security

10:30am CEST

Beyond the Rules: The Past, Present, and Future of OWASP CRS Room 131-132Felipe Zipitria Doors of (AI)pportunity: The Front and Backdoors of LLMs Room 113Kasimir Schulz • Kenneth Yeung A completely pluggable DevSecOps programme, for free, using community resources Room 116+117Spyros Gasteratos Think Before You Prompt: Securing Large Language Models from a Code Perspective Room 114Yaron Avital • Tomer Segev LLMs vs. SAST: How AI Delivers Accurate Vulnerability Detection and Reduces False Positives Room 115Jonathan Santilli • Kirill Efimov

10:45am CEST

GenAI Security Project Getting down to business: practical & tactical Project Management Room 133-134 OWASP KubeFIM Advanced Threat Detection & Security Automation Room 133-134Abhijit Chatterjee

11:00am CEST

OWASP Nettacker Room 131-132Sam Stepanyan Level Up Your AppSec Game: OWASP SAMM's Roadmap to Security Excellence Room 133-134Sebastien Deleersnyder OWASP Certified Secure Developer Open Call Room 133-134Shruti Kulkarni

11:30am CEST

Navigating Agentic AI Security Risks: OWASP’s GenAI Guidance for Securing Autonomous AI Agents Room 131-132John Sotiropoulos Restless Guests: From Subscription to Backdoor Intruder Room 113Simon Maxwell-Stewart Introducing the 5.0 release of the ASVS Room 116+117Elar Lang Surviving prioritisation when CVE stands for “Customer Very Enthusiastic" Room 114Irene Michlin Security Champion Worst Practices Room 115Tanya Janca

1:15pm CEST

OWASP Cornucopia: Scaling secure design & requirement gathering activities Room 131-132Johan Sydseter - The guy with the long hair, not the long beard Abusing misconfigurations in CI/CD to hijack apps and clouds Room 113Håkon Nikolai Stange Sørum • Karim El-Melhaoui Scaling Threat Modeling with a Developer-Centric Approach Room 116+117Andrew Hainault • Andrea Scaduto Signing is Sassy, but CI/CD Security Pays the Bills Room 114Patricia R. • Chris Snowden Scale Security Programs with Scorecarding Room 115Rami McCarthy OWASP ASVS Nuclei Room 133-134AmirHossein Raeisi • Hamed Salimian OWASP DefectDojo Room 133-134Matt Tesauro

1:45pm CEST

OWASP Top 10 for Business Logic Abuse Room 131-132Ivan Novikov

2:15pm CEST

OWASP Security Champions Guide Project Room 131-132Aleksandra Kornecka Compromised at the Source: Supply Chain Risks in Open-Source AI Room 113Tal Folkman Transaction authorization pitfalls – How to improve current financial, payment, and e-commerce apps? Room 116+117Wojciech Dworakowski GenAI Security - Insights and Current Gaps in OS LLM Vulnerability scanners and Guardrails Room 114Roman Vainshtein Metrics That Matter: Driving AppSec Success with Data-Driven Insights Room 115David Andersson Let's Play! OWASP Cumulus Room 133-134Christoph Niehoff OWASP Juice Shop Demo: Your vitamin shot for security awareness & education Room 133-134Björn Kimminich

2:45pm CEST

OWASP Top 10 for CI/CD Security: Evolution Since the Top 10 Project’s Inception Room 131-132Omer Gil

3:00pm CEST

PM Break with Exhibitors Area 1

3:30pm CEST

When Regulation Backfires: How a Vulnerable Plugin Led to an XSS Pandemic Room 113Eilon Cohen • Ori Ron LLM-Powered private Threat Modeling Room 116+117Murat Zhumagali Know Thy Judge: Uncovering Vulnerabilities of AI Evaluators Room 114Francisco Girbal Eiras • Eliott Zemour • Dan Ross An AppSec Tale: From Zero to Champions Room 115Even Tillerli • Nicole Silva

3:35pm CEST

OWASP DefectDojo - What's next? Room 131-132Matt Tesauro

4:30pm CEST

Closing Ceremony and Raffle Room 116+117