Sched.com Conference Mobile Apps
OWASP Global AppSec EU 2026 Vienna
OWASP Global AppSec EU 2026 Vienna
Sign up
or
log in
to add sessions to your schedule and sync them to your phone or calendar.
About
Schedule
Venue Map
Search
Menu
About
Schedule
Venue Map
Search
Share your event
Share via
or Copy link
Copy
Event Schedule
My Schedule
0
View
Simple
Expanded
Grid
By Venue
View
Simple
Expanded
Grid
By Venue
arrow_back
View All Dates
Friday
, June 26
Expo Hall X1
8:30am •
Coffee/tea
10:00am •
AM Break in Expo Hall
12:15pm •
Lunch in Expo Hall
3:00pm •
PM Break in Expo Hall
Hall D (Level -2)
9:00am •
Opening Remarks
9:15am •
Keynote: We Live in the Future: The Death and Rebirth of Application Security
10:30am •
From ASVS to APVS: What Changes When You Treat Privacy as a System Property?
11:30am •
Phishing for Passkeys - An Analysis of WebAuthn and CTAP
1:15pm •
AI-Generated Code vs Human Code. Who Really Writes More Vulnerabilities
2:15pm •
Teaching AI Agents Like Guide Dogs: A Progressive Trust Framework
3:30pm •
Why IAM Remains a Challenge and What We Can Do About It
Hall G1 (Level -2)
10:30am •
DOMination - Abusing the Permission Model in Web Extensions
11:30am •
Q-Day is Cancelled: Practical Strategies to Defeat 'Harvest Now, Decrypt Later'
1:15pm •
The OG OWASP Top 10 Might Be Back Thanks to Agentic Browsers
2:15pm •
How to (Not) Isolate Untrusted Code in Scripting Languages
3:30pm •
The TPM and You - How (and why) to actually make use of your TPM
Hall G2 (Level -2)
10:30am •
Your Localhost Is Lying to You: Trust Boundary Failures in Enterprise SSO
11:30am •
Effort is All You Need: Testing LLM Applications in the Real World
1:15pm •
What Our Pen Tests Never Found — And How Attackers Did
2:15pm •
Trust No History: Why Every "Remembered" Interaction is a Potential Backdoor
3:30pm •
Rewriting DAST Playbook: AI Agents and the Future of Web App Security
Hall K1 (Level -2)
10:30am •
When AI Attacks AI: Inside the Self-Propagating Botnet Built on Compromised AI Infrastructure
11:30am •
Infrastructure Doesn’t Lie: Using Infrastructure Signals to Detect Shadow AI Built Applications
2:15pm •
Marketplace Takeover: One Bug Away from Pwning 10 Million Developer Machines
3:30pm •
From Safety to Policy: Enforcing Organizational Rules in LLMs and AI Agents
Hall K2 (Level -2)
10:30am •
Keep It Between Us: Manipulating Humans for Better AppSec (Ethically)
11:30am •
Enforcing Application Security Policies at Scale: Lessons from an Enterprise Rollout
1:15pm •
Security Champions: Lessons from Opposite Trenches
2:15pm •
Using CTFs as a Community of Practice Content Machine
3:30pm •
Insecurity as Code: How Modern Software Scaled the Attack Surface
Room -2.33 (Level -2)
10:30am •
OWASP CycloneDX Sunshine: see CycloneDX SBOMs come to life & chat with them (Workshop)
10:30am •
OWASP Certified Secure-Software Developer (Call for Contributors)
10:30am •
Hands-On AI Security Assessment with OWASP AISVS (Workshop)
1:15pm •
CHAMELEON-REN: Advancing the OWASP Web Application Honeypot Project with Adaptive, Education-Sector (Workshop)
1:15pm •
Finding strange things in binaries (Workshop)
1:15pm •
Let's Play: OWASP Cumulus (Workshop)
3:15pm •
Shaping International Security Standards: Get Involved with OWASP's ISO Working Group (Call for Contributors)
3:15pm •
From Maturity to Mastery: Accelerating Software Security with OWASP SAMM (Workshop)
3:15pm •
Hack Your Own Dockerfiles (Before Someone Else Does): Hands-On Container Security with OWASP DockSec (Workshop)
Room -2.82 (Level 2)
10:30am •
When Museums Get Hacked: OWASP Top 10 Lessons from Heists
11:00am •
From Maturity to Mastery: Accelerating Software Security with OWASP SAMM
11:30am •
Using OWASP SAMM and OWASP DSOMM together in practice
1:15pm •
OWASP Mobile Application Security (MAS) Project Updates
1:45pm •
Cloud Native Web Application Firewalls - How OWASP Coraza is coming to Kubernetes world
2:15pm •
Updates on the OWASP Automated Threats Project
2:45pm •
OWASP Nettacker Project
3:30pm •
OWASP GenAI Security Project (Placeholder)
Room -2.92 (Level -2)
10:05am •
From Prompts to Payloads: Exploiting the AI-AppSec Intersection
10:05am •
Cybersecurity Awareness Card Game : Let's Play
10:05am •
Hunting Critical CVEs: A Hands-On, Pick-Your-Own Exploitation POD
10:05am •
DDoS your friends
12:15pm •
OWASP JuiceShop: Come and pwn me
12:15pm •
Teaching Security Concepts Using Physical Analogies
12:15pm •
AI for Code Security in Modern Codebases
12:15pm •
Context & Cringe - Application Privacy through Play
2:30pm •
The Old But Unforgettable Key
2:30pm •
“2001: Agentic Odyssey” When threat modelling meets HAL, agentic AI, testing and safety engineering
2:30pm •
Hands-On: Building Security Guardrails for AI-Generated Code
TBA
10:00am •
Bob the Breaker: Welcome to the Jungle! (Sponosored by Nokod Security)
Filter By Date
Jun 22
-
26, 2026
Monday
, June 22
Tuesday
, June 23
Wednesday
, June 24
Thursday
, June 25
Friday
, June 26
Filter By Venue
Vienna, Austria
All
Expo Hall X1
Foyer D (Level -2)
Hall D (Level -2)
Hall G1 (Level -2)
Hall G2 (Level -2)
Hall K1 (Level -2)
Hall K2 (Level -2)
Room -2.11 (Level -2)
Room -2.15 (Level -2)
Room -2.33 (Level -2)
Room -2.82 (Level 2)
Room -2.92 (Level -2)
TBA
Terrace G of Austria Center
Filter By Type
1-Day Training
2-Day Training
3-Day Training
Bonus Track
Deployment and Maintenance
Implementation
Keynote
Meals Provided by OWASP
Meeting
MobileAppSecCon
Planning and Design
PODS (Hands-on Activities)
Process and Culture
Project Demo Lab (Hands-on)
Project Showcase (Lightning Talks)
Project User Day
Sponsored Happy Hour
Testing
Audience
Advanced
All
AppSec Engineers
Beginner
Developers
Intermediate
Introductory and Overview
Private Meeting
Security Champions
Students and newcomers in AppSec
Subject
AI
CRA
Dependancies
DevSecOps
Gamification
Kubernetes
Mobile Security
Network Security
Pentesting
SBOM
SSDLC
Standards
Threat Modeling
WAF
Share Modal
Share this link via
Or copy link
Copy
Filter sessions
Apply filters to sessions.
Filtered by
Date
-
Clear filter
close
Dates
Monday
, June 22
Tuesday
, June 23
Wednesday
, June 24
Thursday
, June 25
Friday
, June 26
Session Type
1-Day Training
2-Day Training
3-Day Training
Bonus Track
Deployment and Maintenance
Implementation
Keynote
Meals Provided by OWASP
Meeting
MobileAppSecCon
Planning and Design
PODS (Hands-on Activities)
Process and Culture
Project Demo Lab (Hands-on)
Project Showcase (Lightning Talks)
Project User Day
Sponsored Happy Hour
Testing
Other Filters
Audience
Advanced
All
AppSec Engineers
Beginner
Developers
Intermediate
Introductory and Overview
Private Meeting
Security Champions
Students and newcomers in AppSec
Subject
AI
CRA
Dependancies
DevSecOps
Gamification
Kubernetes
Mobile Security
Network Security
Pentesting
SBOM
SSDLC
Standards
Threat Modeling
WAF
