Ends in 3 days, 22 hours

Web applications leaders, software engineers, and researchers from all over the world gather at Global AppSec conferences to drive visibility and evolution in the safety and security of the world’s software. The conference will be held September 26 and 27 in Amsterdam.  Hands on training will be offered September 23, 24, and 25.  

CfP Opens May 27, 2019
Review committee Announced June 7, 2019
CfP Closes June 30, 2019
Notification of submitters July 31, 2019
Program announced  August 15, 2019


  • Our Journey for Rolling out MFA
  • Building a TLS Service
  • Auth Plugins
  • Open Source Security Building Blocks
  • Scaling Security /Incident Response: Account Takeover
  • Scaling Security /Incident Response:Fraud
  • Data Driven Security
  • Enabling the User to be Secure by Default
  • Enabling Developers to remain Secure Throughout the SDLC
  • Bringing Teams up to Speed in DevSecOPs Environments
  • How Does Your Org Enable the Next Generation of Security Research

 Of course we love surprises so if your talk falls outside of the examples given, feel free to submit!


The program committee will review your submission based on a descriptive abstract and detailed outline of your presentation. Please review your proposal thoroughly as accepted abstracts and bios will be published on our site as submitted.

Successful applications will:

  • Take audience into account, OWASP has a diverse audience with more than half of the audience consisting of mid career security professionals and the remainder consisting of developers and entry level or advanced security professionals. While our Audience does cover Builders, Breakers, and Defenders, OWASP tends towards defenders. 
  • Remember that well-trod concepts should advance the topic, address the content from a new angle, or introduce new applications for the content. We are not adverse to accepting talks that have been presented elsewhere first, but we do ask that you share if your talk has been previously presented. 
  • Be well written. Your Abstract is the only long-form marketing for your specific talk to our audience. It should be written so that attendees can clearly understand what you will be discussing and what they will get out of your talk. Your detailed outline is your chance to sway our judges. Write this as thoroughly as possible so that the committee understands all you bring to the table.
  • Be applicable. While there is a place for talks about the distant future, talks which will allow the audience to immediately implement or share concepts, changes, or processes with colleagues are more interesting to our judges and audience and will comprise the majority of accepted presentations. 
  • Conform to the blind protocol. Submissions that identify the author will automatically be disqualified. Please leave your name out of any materials or fields not directly requesting this information.


You must fill out and agree to the OWASP Speaker Agreement. OWASP values vendor neutrality. You must use the OWASP presentation template and you’re not allowed to place marketing pitches in your slides. All presentation slides will be published on the conference website after the conference. Please make sure that any pictures and other materials in your slides don’t violate any copyrights. You are solely liable for copyright violations. You may choose any CC license for your slides, including CC0. OWASP does suggest open licenses.