Open Web Application Security Project (OWASP)

OWASP AppSec conferences bring together industry, government, security researchers, and practitioners to discuss the state of the art in application security.

This series was launched in the United States in 2004 and Europe in 2005. Global AppSec conferences are held annually in North America, Latin America, Europe, and Asia Pacific.

p

Conference information

Days until the next conference

Day(s)

:

Hour(s)

:

Minute(s)

:

Second(s)

Location

Amsterdam RAI
Europaplein
NL-1078 GZ Amsterdam
The Netherlands

Conference program

Not available at the moment.

News

  • 17-09-2014 | SWAMP announces expert panel on Software Assurance at OWASP’s AppSec USA 2014 Show – Read more
  • 10-09-2014 | Coalfire to Sponsor the Capture the Flag Competition at OWASP AppSec USA 2014 – Read more

Amsterdam RAI Exhibition and Convention Centre

Articles

Observations from an OWASP Novice: OWASP AppSec Europe

21-07-2014 | Last month, I had the opportunity to attend OWASP AppSec Europe in Cambridge. The conference was split into two parts. The first two days consisted of training courses and project summits, where the different OWASP project teams met to discuss problems and further proceedings, and the last two days were conference and research presentations. Read more

OWASP AppSec 2013

25-11-2013 | Last week I attended the OWASP AppSecUSA conference in New York City. OWASP AppSecUSA as the name implies focused on application security. I only had the opportunity to attend the last two days of the conference, but there was training and other events earlier in the week. Overall I came away from the conference with a positive experience. Read more

OWASP AppSec Research EU 2013 – Hamburg

30-08-2013 | I was lucky to be able to attend OWASP’s AppSec EU Research conference in Hamburg, Germany. I’ve been to the one in Dublin and looked forward to the German edition. With 400+ attendees I thought that the conference was surprisingly well attended. And rightfully so. The people organising it were doing a fantastic job. Everything seemed to work smoothly and although I volunteered I was able to see a good bunch of talks. Read more

Rediscovering our way: OWASP AppSec Ireland 2012

20-09-2012 | As the sun sets over the Irish Sea just outside my window, I feel hopeful that OWASP is finding its way and there is a bright future for security. A few points then, and a clarification on that comment about OWASP finding its way.

First, Jim Manico who is one of the smartest AppSec people I can name, loves to teach people how to develop more securely and his genuine excitement over OWASP’s push to return to teaching secure development was a beacon for me. Read more

Available videos

OWASP AppSecUSA 2011: Ghosts of XSS past, present and future

OWASP AppSecUSA 2011: Ghosts of XSS past, present and future

This talk will discuss the past methods used for XSS defence that were only partially effective. Learning from these lessons, will also discuss present day defensive methodologies that are effective, but place an undue burden on the developer.

Secure code reviews magic or art? A simplified approach to secure code reviews

Secure code reviews magic or art? A simplified approach to secure code reviews

This presentation will delve into the science and process behind secure code review and will continue to discuss a simplified approach to secure code review

OWASP AppSecUSA 2012: Bug bounty programs

OWASP AppSecUSA 2012: Bug bounty programs

A panel discussion with Michael Coates (Mozilla), Chris Evans (Google), Jeremiah Grossman (WhiteHat Security), Adam Mein (Google), Alex Rice (Facebook)

OWASP AppSecUSA 2011:How NOT to implement cryptography for the OWASP Top 10 (Reloaded)

OWASP AppSecUSA 2011:How NOT to implement cryptography for the OWASP Top 10 (Reloaded)

The talk uses fresh examples of application cryptography successes and failures, and also incorporates the new OWASP ESAPI.

OWASP AppSecUSA 2011: Simplifying threat modelling

OWASP AppSecUSA 2011: Simplifying threat modelling

Architects and developers often perceive threat modeling as being too difficult. During this talk, we’ll attempt to bust these myths and show how organizations can incrementally obtain better results.