OWASP Global AppSec EU 2026 Vienna

Modern codebases are large, fast-moving, and increasingly AI-assisted, making traditional code security approaches hard to scale. This hands-on POD explores how AI can augment secure coding and code review workflows—without replacing human judgment.

Participants will actively work through realistic code security scenarios drawn from modern APIs, cloud-native services, and GenAI-enabled components. Using guided exercises and optional AI prompts, attendees will identify vulnerabilities, reason about exploitability, and prioritize fixes mapped to OWASP Top 10 risks (including broken access control, injection, insecure design, and supply chain issues).

This is not a talk or a tool demo. Participants will do the work themselves through short, practical challenges. Beginners can follow structured steps, while experienced AppSec practitioners can dive into advanced issues such as logic flaws, authorization bypasses, insecure AI integrations, prompt injection risks in code, and unsafe use of AI-generated code.

The POD is drop-in friendly: participants can engage for a few minutes or stay longer to tackle deeper challenges. All techniques are applicable to real-world development environments, with or without AI tools.