-
Will Machine Learning Replace The WAF?
- John Graham-Cumming
-
AI Package Hallucination: Spreading
Malicious Packages Using Generative AI
- Bar Lanyado
-
OWASP ModSecurity
- Ervin Hegedüs
-
Paved Roads To Express RBAC In Threat Models
- Eden Yardeni
-
A Race To The Bottom:
Database Transactions Undermining Your AppSec
- Viktor Chuchurski
-
Tracking And Hacking Your Career
- Leif Dreizler & Misha Yalavarthy
-
OWASP IoT Security Testing Guide (ISTG)
- Luca Pascal Rotsch
-
Back To The Future: Old Tricks
Invading A New Attack Surface
- Uriya Elkayam
-
OWASP Mobile Application Security (MAS)
- Sven Schleier & Carlos Holguera
-
From Zero To Hero: Rollout Your Hardcoded Secrets Detection
And Prevention With Minimal Effort And Maximum Impact!
- Yassine Ilmi & Arbër Salihi
-
Modern Appsec vs. GenAI Application:
Is Your Appsec Ready?
- Balachandra Shanabhag
-
Security Champions And Experiments:
Building Blocks For Cultural Change
- Mads Andersen
-
Gridlock: The Dual-Edged Sword Of
EV And Solar APIs In Grid Security
- Vangelis Stykas
-
OWASP DefectDojo
- Matt Tesauro
-
OWASP Privacy Toolkit:
Bringing Privacy Awareness In The Digital Age
- Stefano Di Paola & Martino Lessio
-
Start Covering Your Bases And
Stop Chasing APT Headlines
- Avishay Zawoznik
-
Cryptographic Governance:
Software Supply Chain Security With CBOM
- Nicklas Körtge
-
OWASP Open Common Requirement Enumeration (OpenCRE)
- Spyros Gasteratos & Paola Garcia Cardenas
-
Hacker Traction Through GitHub Actions:
Is Your (Open Source) Project Safe?
- Stephen Giguere
-
OWASP Low-Code/No-Code Top 10 (LCNC)
- Michael Bargury
-
API Security By Design
- Jose Haro Peralta
-
Transitive Vulnerabilities
Exploit In Real-life
- Liad Cohen & Eyal Paz
-
Maturing SDLC At A Fortune 500 Company
Based On OWASP SAMM: Successes And Pitfalls
- Jasyn Voshell
-
Leaders Meeting
- OWASP Leaders
-
In The Same Site We Trust:
Navigating The Landscape Of Client-
Side Request Hijacking On The Web
- Soheil Khodayari
-
Automating Security Test Cases Based On ASVS
- Aram Hovsepyan
-
DOM Jungle - Can We Trust The UI?
- Gal Weizman
-
What Makes Them Happy? Leveraging Psychological Needs
For Building A Security Culture Amongst Developers
- Juliane Reimann
-
Trust Cards For AI
- Isabel Praça
-
AI Is Just Software,
What Could Possibly Go Wrong?
- Rob Van Der Veer
-
Malice In Chains: Supply Chain
Attacks Using Machine Learning Models
- Tom Bonner & Marta Janus
-
OWASP Coraza
Web Application Firewalls Revisited
- José Carlos Chávez
-
Traceability In Cyber Security:
Lessons Learned From The Medical Sector
- Dr Konstantinos Papapanagiotou
-
What Can Traditional Web App Security
Learn From Browser Wallet Extensions?
- Gal Weizman
-
Winning Buy-In: Mastering The Art Of
Communicating Security To Management
- Ida Hameete
-
OWASP Dependency Track
Fortifying The Supply Chain
- Aravind Parappil & Vinod Anandan
-
From Theory To Practice: Navigating The
Challenges Of Vulnerability Research
- Raphael Silva
-
OWASP Cornucopia
- Johan Sydseter
-
I Can’t Cope! How OWASP Is Helping
To Manage Vulnerability Overload
- Anthony Harrison
-
Cloud-Squatting: The Never-ending Misery
Of Deleted And Forgotten Cloud Assets
- Abdullah Al-Sultani
-
5 AppSec Stories,
And What We Can Learn From Them
- Paul Molin
-
Exploiting Client-Side Path Traversal:
CSRF Is Dead, Long Live CSRF
- Maxence Schmitt
-
OWASP Software Assurance Maturity Model (SAMM)
Interactive Introduction And Update
- Seba Deleersnyder & Bart De Win
-
Assessing 3rd Party Libraries More
Easily With Security Scorecards
- Niels Tanis
-
XZ Backdoor: Navigating The Complexities Of
Supply Chain Attacks Detected By Accident
- Yoad Fekete
-
Harnessing Nature's Wisdom: Growing A Security
Champion Program Into A Security Powerhouse
- Bonnie Viteri
-
OWASP Dep-scan
- Prabhu Subramanian
-
How (Not) To Implement Secure Digital Identity:
Case Study Of Poland's Digital ID System
- Szymon Chadam
-
OWASP Developer Guide
- Shruti Kulkarni
-
Designing Security And Privacy:
A Developer's Guide To Threat Modeling With OWASP SAMM
- Seba Deleersnyder
-
Dawn Of The Dead:
The Tale Of The Resurrected Domains
- Pedro Fortuna
-
Building An Effective
Application Penetration Testing Team
- Ryan Armstrong
-
OWASP SamuraiWTF
- Kevin Johnson
-
OWASP Top-25 Parameters
- Lütfü Mert Ceylan
-
Token It Up A Notch:
Elevating Payment Security
- Yadi Abdalhalim & Jovon Itwaru
-
Securing The Gateway And Mitigating
Risks In LLM API Integration
- Ayush Agarwal & Avneesh Hota
-
'The Rise And Fall' Of ModSecurity
And The OWASP Core Rule Set
- Davide Ariu
-
Build Strong Defenses By
Participating In Standards!
- Daniel Ehrenberg
-
OWASP API Security Project
- Paulo Silva & Erez Yalon
-
Deterministic GenAI Outputs With Provenance
- Dinis Cruz
-
Closing Ceremony And Raffle
- OWASP Board