Loading…
Venue: Room -2.15 (Level -2) clear filter
Monday, June 22
 

9:00am CEST

3-Day Training:AI Whiteboard Hacking aka Hands-on Threat Modeling Training
Monday June 22, 2026 9:00am - 5:00pm CEST
Room -2.15 (Level -2)
To register, please purchase your training ticket here. Training and conference are two separate ticket purchases.

3-Day Training: June 22-24, 2026
Level: Beginner
Trainer: Steven Wierckx

Download the complete training outline: AI Whiteboard Hacking Training Details

Testimonial: "After years evaluating security trainings at Black Hat, including Toreon's Whiteboard Hacking sessions, I can say this AI threat modeling course stands out. The hands-on approach and flow are exceptional - it's a must-attend."
- Daniel Cuthbert, Global Head of Cyber Security Research, Black Hat Review Board Member

In today's rapidly evolving AI landscape, security threats like prompt injection and data poisoning pose significant risks to AI systems. Our 3-day AI Whiteboard Hacking training equips you with practical skills to identify, assess, and mitigate AI-specific security threats using our proven DICE methodology. Through hands-on exercises and real-world scenarios, you'll learn to build secure AI systems while ensuring compliance with regulations like the EU AI Act.

The training concludes with an engaging red team/blue team wargame where you'll put theory into practice by attacking and defending a rogue AI research assistant. Upon completion, you'll earn the AI Threat Modeling Practitioner Certificate and gain access to a year-long subscription featuring quarterly masterclasses, expert Q&A sessions, and continuously updated resources.

Led by Sebastien Deleersnyder, co-founder and CTO of Toreon, and Black Hat trainer, this training combines technical expertise with practical insights gained from real-world projects across government, finance, healthcare, and technology sectors.

Quick Overview:
·       Target Audience: AI Engineers, Software Engineers, Solution Architects, Security Professionals
·       Prerequisites: Basic understanding of AI concepts (pre-training materials provided)
·       Certification: AI Threat Modeling Practitioner Certificate
·       Bonus: 1-year AI Threat Modeling Subscription included

Our lineup of the hands-on exercises from the training that let you put AI security concepts into practice:

Day 1: Foundations & Methodology
·       "AI Security Headlines from the Future" - Explore potential security scenarios
·       "Diagramming the AI Assistant Infrastructure" - Map out real AI system components
Speakers
avatar for Steven Wierckx

Steven Wierckx

Product Security Practice Lead, Toreon

I’m an SDLC security specialist with 20+ years of experience in training, programming, security testing, code review, test automation, analysis, development, and database design. I have guided organizations in achieving SDLC compliance for FDA MDR and ISO 27001. I’m passionate... Read More →
Monday June 22, 2026 9:00am - 5:00pm CEST
Room -2.15 (Level -2)
  3-Day Training
 
Tuesday, June 23
 

9:00am CEST

3-Day Training:AI Whiteboard Hacking aka Hands-on Threat Modeling Training
Tuesday June 23, 2026 9:00am - 5:00pm CEST
Room -2.15 (Level -2)
To register, please purchase your training ticket here. Training and conference are two separate ticket purchases.

3-Day Training: June 22-24, 2026
Level: Beginner
Trainer: Steven Wierckx

Download the complete training outline: AI Whiteboard Hacking Training Details

Testimonial: "After years evaluating security trainings at Black Hat, including Toreon's Whiteboard Hacking sessions, I can say this AI threat modeling course stands out. The hands-on approach and flow are exceptional - it's a must-attend."
- Daniel Cuthbert, Global Head of Cyber Security Research, Black Hat Review Board Member

In today's rapidly evolving AI landscape, security threats like prompt injection and data poisoning pose significant risks to AI systems. Our 3-day AI Whiteboard Hacking training equips you with practical skills to identify, assess, and mitigate AI-specific security threats using our proven DICE methodology. Through hands-on exercises and real-world scenarios, you'll learn to build secure AI systems while ensuring compliance with regulations like the EU AI Act.

The training concludes with an engaging red team/blue team wargame where you'll put theory into practice by attacking and defending a rogue AI research assistant. Upon completion, you'll earn the AI Threat Modeling Practitioner Certificate and gain access to a year-long subscription featuring quarterly masterclasses, expert Q&A sessions, and continuously updated resources.

Led by Sebastien Deleersnyder, co-founder and CTO of Toreon, and Black Hat trainer, this training combines technical expertise with practical insights gained from real-world projects across government, finance, healthcare, and technology sectors.

Quick Overview:
·       Target Audience: AI Engineers, Software Engineers, Solution Architects, Security Professionals
·       Prerequisites: Basic understanding of AI concepts (pre-training materials provided)
·       Certification: AI Threat Modeling Practitioner Certificate
·       Bonus: 1-year AI Threat Modeling Subscription included

Our lineup of the hands-on exercises from the training that let you put AI security concepts into practice:

Day 1: Foundations & Methodology
·       "AI Security Headlines from the Future" - Explore potential security scenarios
·       "Diagramming the AI Assistant Infrastructure" - Map out real AI system components
Speakers
avatar for Steven Wierckx

Steven Wierckx

Product Security Practice Lead, Toreon

I’m an SDLC security specialist with 20+ years of experience in training, programming, security testing, code review, test automation, analysis, development, and database design. I have guided organizations in achieving SDLC compliance for FDA MDR and ISO 27001. I’m passionate... Read More →
Tuesday June 23, 2026 9:00am - 5:00pm CEST
Room -2.15 (Level -2)
  3-Day Training
 
Wednesday, June 24
 

9:00am CEST

3-Day Training:AI Whiteboard Hacking aka Hands-on Threat Modeling Training
Wednesday June 24, 2026 9:00am - 5:00pm CEST
Room -2.15 (Level -2)
To register, please purchase your training ticket here. Training and conference are two separate ticket purchases.

3-Day Training: June 22-24, 2026
Level: Beginner
Trainer: Steven Wierckx

Download the complete training outline: AI Whiteboard Hacking Training Details

Testimonial: "After years evaluating security trainings at Black Hat, including Toreon's Whiteboard Hacking sessions, I can say this AI threat modeling course stands out. The hands-on approach and flow are exceptional - it's a must-attend."
- Daniel Cuthbert, Global Head of Cyber Security Research, Black Hat Review Board Member

In today's rapidly evolving AI landscape, security threats like prompt injection and data poisoning pose significant risks to AI systems. Our 3-day AI Whiteboard Hacking training equips you with practical skills to identify, assess, and mitigate AI-specific security threats using our proven DICE methodology. Through hands-on exercises and real-world scenarios, you'll learn to build secure AI systems while ensuring compliance with regulations like the EU AI Act.

The training concludes with an engaging red team/blue team wargame where you'll put theory into practice by attacking and defending a rogue AI research assistant. Upon completion, you'll earn the AI Threat Modeling Practitioner Certificate and gain access to a year-long subscription featuring quarterly masterclasses, expert Q&A sessions, and continuously updated resources.

Led by Sebastien Deleersnyder, co-founder and CTO of Toreon, and Black Hat trainer, this training combines technical expertise with practical insights gained from real-world projects across government, finance, healthcare, and technology sectors.

Quick Overview:
·       Target Audience: AI Engineers, Software Engineers, Solution Architects, Security Professionals
·       Prerequisites: Basic understanding of AI concepts (pre-training materials provided)
·       Certification: AI Threat Modeling Practitioner Certificate
·       Bonus: 1-year AI Threat Modeling Subscription included

Our lineup of the hands-on exercises from the training that let you put AI security concepts into practice:

Day 1: Foundations & Methodology
·       "AI Security Headlines from the Future" - Explore potential security scenarios
·       "Diagramming the AI Assistant Infrastructure" - Map out real AI system components
Speakers
avatar for Steven Wierckx

Steven Wierckx

Product Security Practice Lead, Toreon

I’m an SDLC security specialist with 20+ years of experience in training, programming, security testing, code review, test automation, analysis, development, and database design. I have guided organizations in achieving SDLC compliance for FDA MDR and ISO 27001. I’m passionate... Read More →
Wednesday June 24, 2026 9:00am - 5:00pm CEST
Room -2.15 (Level -2)
  3-Day Training
 
Thursday, June 25
 

10:30am CEST

Meet the Mentor
Thursday June 25, 2026 10:30am - 11:45am CEST
Room -2.15 (Level -2)
One more Global AppSec event.
You’re taking training, you’re running between sessions, you’re connecting with people over coffee or when talking to a vendor.

What if you could use the event to also meet a potential mentor, or mentee?
What if you could connect face to face with someone who may help take your career to the next level, or that you can help and make a difference with?

We are inviting you to an OWASP Global AppSec activity: Meet The Mentor! A speed-dating activity between potential mentors and mentees where you can come face to face and see if it “clicks”, start a conversation, and see if it is a match.
Speakers
avatar for Izar Tarandach

Izar Tarandach

Sr. Principal Architect, SiriusXM
Long-time security practitioner, Sr. Principal Security Architect at SiriusXM, previouslyDatadog,  at Squarespace, Bridgewater Associates to DellEMC via RSA, Autodesk, startup founder, investor and advisor. Founding member of the IEEE Center for Secure Design, holds a masters degree... Read More →
avatar for Avi Douglen

Avi Douglen

Software Security Consultant, Bounce Security
Avi Douglen is the founder and CEO at Bounce Security, a boutique consultancy specializing in software security, where he spends a lot of time with development teams of all sizes. He helps them integrate security methodologies and products into their development processes, and often... Read More →
Thursday June 25, 2026 10:30am - 11:45am CEST
Room -2.15 (Level -2)
  Bonus Track

12:00pm CEST

OWASP Threat Modeling Project Open Forum
Thursday June 25, 2026 12:00pm - 1:30pm CEST
Room -2.15 (Level -2)

Speakers
avatar for Adam Shostack

Adam Shostack

Founder, Shostack & Associates
Adam Shostack is a leading expert on threat modeling. He has decades of experience delivering security. His experience ranges across the business world from founding startups to nearly a decade at Microsoft. His accomplishments include:  Helped create the CVE. Now an Emeritus member... Read More →
avatar for Izar Tarandach

Izar Tarandach

Sr. Principal Architect, SiriusXM
Long-time security practitioner, Sr. Principal Security Architect at SiriusXM, previouslyDatadog,  at Squarespace, Bridgewater Associates to DellEMC via RSA, Autodesk, startup founder, investor and advisor. Founding member of the IEEE Center for Secure Design, holds a masters degree... Read More →
Thursday June 25, 2026 12:00pm - 1:30pm CEST
Room -2.15 (Level -2)
  Bonus Track

1:30pm CEST

Private Board Meeting
Thursday June 25, 2026 1:30pm - 2:30pm CEST
Room -2.15 (Level -2)

Thursday June 25, 2026 1:30pm - 2:30pm CEST
Room -2.15 (Level -2)
  Meeting

3:15pm CEST

OWASP Leaders Meeting
Thursday June 25, 2026 3:15pm - 4:15pm CEST
Room -2.15 (Level -2)
Calling all OWASP Leaders!  Join OWASP Foundation staff to discuss updates to Chapters, Projects, and the Foundation as a whole.  This is your chance to receive updates and ask questions!
Thursday June 25, 2026 3:15pm - 4:15pm CEST
Room -2.15 (Level -2)
  Meeting
 
Friday, June 26
 

10:00am CEST

Bob the Breaker: Welcome to the Jungle! (Sponosored by Kanopy Security)
Friday June 26, 2026 10:00am - 12:00pm CEST
Room -2.15 (Level -2)

The jungle is thick, the paths are tangled, and Bob the Breaker is already deep inside.

Behind polished apps and smooth workflows lies a wild terrain of permissions, hidden data, andnewly unleashed AI agents roaming freely through the system.

Vines of automation twist everywhere, secrets hide beneath the canopy, and Bob has beenswinging from one weak spot to the next, uncovering what was never meant to be found.

Follow Bob into the canopy, capture the flags, and out-hack the competition.

Swing by the Nokod booth Thursday June 24 (10:15, 13:00, 16:00) to catch livevulnerability demos and grab clues to help you navigate the CTF jungle
Friday June 26, 2026 10:00am - 12:00pm CEST
Room -2.15 (Level -2)
  Bonus Track

2:30pm CEST

CfP/CfTs for the Newcomer: How To Write A Good Submission
Friday June 26, 2026 2:30pm - 3:15pm CEST
Room -2.15 (Level -2)
Ready to showcase your expertise? Don’t miss the chance to submit for a Call for Trainers or Call for Papers! Join the dynamic Izar Tarandach and Avi Douglen as they take you through the submission process and reveal insider tips on what the review team is looking for when selecting papers. This is your opportunity to shine and make a lasting impact—let’s make it happen!
Speakers
avatar for Izar Tarandach

Izar Tarandach

Sr. Principal Architect, SiriusXM
Long-time security practitioner, Sr. Principal Security Architect at SiriusXM, previouslyDatadog,  at Squarespace, Bridgewater Associates to DellEMC via RSA, Autodesk, startup founder, investor and advisor. Founding member of the IEEE Center for Secure Design, holds a masters degree... Read More →
avatar for Avi Douglen

Avi Douglen

Software Security Consultant, Bounce Security
Avi Douglen is the founder and CEO at Bounce Security, a boutique consultancy specializing in software security, where he spends a lot of time with development teams of all sizes. He helps them integrate security methodologies and products into their development processes, and often... Read More →
Friday June 26, 2026 2:30pm - 3:15pm CEST
Room -2.15 (Level -2)
  Bonus Track
  • Audience All
  • about <strong style=" color: rgb(65, 65, 65); font-family: sans-serif; font-size: 14px;">Izar Tarandach</strong>&nbsp;is Sr. Principal Architect at SiriusXM and co-author of&nbsp;<em style=" font-size: 14px; font-family: sans-serif; color: rgb(65, 65, 65);">Threat Modeling: A Practical Guide for Development Teams</em>. He pioneered Continuous Threat Modeling and contributes to projects like OWASP PyTM and the CycloneDX TMBOM. A frequent speaker and podcast host, Izar focuses on making security practical, scalable, and developer-friendly.
 

Get help with the event

Contact event planner Event login
View support guides Find upcoming events
Create an event you'd love to attend!
Explore why organizers choose Sched Success stories
Event App Event scheduling Event registration Event ticketing Sched forms Call for papers Badges Conferences
© 2026. SCHED LLC - All rights reserved - Helping events since 2008
Event Planning Software Privacy Terms
Share Modal

Share this link via

Or copy link

Filter sessions
Apply filters to sessions.
Monday, June 22
Tuesday, June 23
Wednesday, June 24
Thursday, June 25
Friday, June 26
-2.66 (Level -2)
Expo Hall X1
Expo Hall X1, Booth SU4
Foyer D (Level -2)
Hall D (Level -2)
Hall G1 (Level -2)
Hall G2 (Level -2)
Hall K1 (Level -2)
Hall K2 (Level -2)
Level -2
Offsite Vendor Sponsored Event
Room -2.15 (Level -2)
Room -2.33 (Level -2)
Room -2.42 (Level -2)
Room -2.43 (Level -2)
Room -2.62 (Level 2)
Room -2.82 (Level 2)
Room -2.92 (Level -2)
Room -2.94 (Level -2)
Room: -2.14 (Level -2)
Room: -2.31 (Level -2)
Room: -2.32 (Level -2)
Room: -2.41 (Level -2)
Room: -2.77 (Level -2)
Room: -2.93 (Level -2)
Terrace G of Austria Center
  • 1-Day Training
  • 2-Day Training
  • 3-Day Training
  • Bonus Track
  • Book Signing
  • Deployment and Maintenance
  • Implementation
  • Keynote
  • Meals Provided by OWASP
  • Meeting
  • MobileAppSecCon
  • Panel Discussion
  • Planning and Design
  • PODS (Hands-on Activities)
  • Process and Culture
  • Project Demo Lab (Hands-on)
  • Project Showcase (Lightning Talks)
  • Project User Day
  • Registration
  • Sponsored Happy Hour
  • Testing
  • Audience
  • Advanced
  • All
  • AppSec Engineers
  • Beginner
  • Developers
  • Intermediate
  • Introductory and Overview
  • Private Meeting
  • Security Champions
  • Students and newcomers in AppSec
  • Subject
  • AI
  • CRA
  • DevSecOps
  • Gamification
  • Kubernetes
  • Mobile Security
  • Network Security
  • Pentesting
  • SSDLC
  • Standards
  • Threat Modeling
  • WAF