OWASP Global AppSec EU 2026 Vienna

OWASP Global AppSec EU 2026 Vienna

arrow_back View All Dates

10:30am CEST

Your Localhost Is Lying to You: Trust Boundary Failures in Enterprise SSO Hall G2 (Level -2)

11:30am CEST

Infrastructure Doesn’t Lie: Using Infrastructure Signals to Detect Shadow AI Built Applications Hall K1 (Level -2) Phishing for Passkeys - An Analysis of WebAuthn and CTAP Hall D (Level -2) Effort is All You Need: Testing LLM Applications in the Real World Hall G2 (Level -2)

1:15pm CEST

The OG OWASP Top 10 Might Be Back Thanks to Agentic Browsers Hall G1 (Level -2) AI-Generated Code vs Human Code. Who Really Writes More Vulnerabilities Hall D (Level -2) What Our Pen Tests Never Found — And How Attackers Did Hall G2 (Level -2) Finding strange things in binaries (Workshop) Room -2.33 (Level -2)

1:45pm CEST

Cloud Native Web Application Firewalls - How OWASP Coraza is coming to Kubernetes world Room -2.82 (Level 2)

2:15pm CEST

Marketplace Takeover: One Bug Away from Pwning 10 Million Developer Machines Hall K1 (Level -2) Teaching AI Agents Like Guide Dogs: A Progressive Trust Framework Hall D (Level -2) Using CTFs as a Community of Practice Content Machine Hall K2 (Level -2) Trust No History: Why Every "Remembered" Interaction is a Potential Backdoor Hall G2 (Level -2)

3:15pm CEST

Hack Your Own Dockerfiles (Before Someone Else Does): Hands-On Container Security with OWASP DockSec (Workshop) Room -2.33 (Level -2)

3:30pm CEST

From Safety to Policy: Enforcing Organizational Rules in LLMs and AI Agents Hall K1 (Level -2) The TPM and You - How (and why) to actually make use of your TPM Hall G1 (Level -2) Insecurity as Code: How Modern Software Scaled the Attack Surface Hall K2 (Level -2)