Ends on


Application Security leaders, software engineers, and researchers from all over the world gather at Global AppSec conferences to drive visibility and evolution in the safety and security of the world’s software, as well as to network, collaborate, and share the newest innovations in the field. The training will take place on November 14-16, 2022, at the Hyatt Regency in San Francisco, California

Considering the ongoing international emergency regarding the COVID-19 Coronavirus, we are aware that an in-person conference may not be feasible. While we are moving forward with the planning of an in-person conference, there is a possibility we may need to make the conference virtual. We ask that you design content that could be effectively presented in either format. We will provide technical guidelines and assistance to speakers who may not be familiar with delivering virtual content should the decision be made to hold the conference virtually.


The Program Team is formally issuing a call for Trainers, opening June 21, 2022.

As with previous Global AppSec events, we would like to run a number of different training courses of varying lengths over several days surrounding the conference.

Trainers can apply to give 1, 2, or 3-day classes. Trainers are allowed to make multiple applications; one application per class. The training audience will include developers interested in security as well as security professionals. Should the event be offered with a hybrid option, 3-day courses would only be offered in person.

We are looking for training courses at all levels from someone new to the application security field to advanced topics for experienced professionals. However, all training submissions should have a focus on practical skills which are immediately applicable to an attendee’s job and have a significant hands-on element with tasks and exercises for attendees to attempt during the training. Our main priority for selecting trainings for this event is new content that has not been offered before at an OWASP training event.



CfT Opens June 21, 2022

CfT Closes July 21, 2022

Notification of submitters Week of August 8, 2022

Program announced the week of Week of August 22, 2022


The Program Team will review your submission based on a descriptive abstract and detailed outline of your class.  Including additional classroom materials will be helpful in our evaluation.

Please review your proposal thoroughly as all accepted abstracts and bios will be published on our site as submitted.

Examples of topics include, but are not limited to the following.  We encourage innovation!

  • Secure development: frameworks, best practices, secure coding, methods, processes, SDLC
  • Integrating Security into DevOps or SRE
  • Vulnerability analysis: code review, pentest, static analysis
  • Threat modeling
  • Mobile security
  • Cloud and serverless security
  • Kubernetes and Container security
  • OWASP tools or projects in practice
  • New technologies, paradigms, tools
  • Operations and software security
  • Other topics but with an emphasis on Application Security: Business Risks, Outsourcing/Offshoring, Awareness Programs, Project Management

Training should :

Be Aimed at a Specific Audience - OWASP has a diverse audience that consists of novice to advanced level practitioners in different fields. Your content should be developed to clearly connect with a specific audience.

Not be a Marketing Pitch - Submissions that double as marketing or including sales pitches within the training will not be accepted.

Have a Clearly Written Abstract - Your Abstract is the only long-form marketing for your specific talk to our audience. It should be written so that attendees can clearly understand what you will be discussing and what they will get out of your class.

Have a Detailed Outline - Detailed description of how you are structuring the course. Walk the reviewer through the training.

Be Clearly Applicable - Classes that prioritize content that attendees will be able to immediately implement preferred.

Include Hands-on training - Hands-on labs which allow attendees to connect meaningfully with content are preferred.

Demonstrate the Expertise of Trainer(s) - The submission should highlight the experience of the trainer(s) in the subject of training and in delivering professional training.


All trainers will be required to submit a trainer agreement.

The following conditions apply for those that want to provide training at the conference.

Trainer provides:

  • Class syllabus/training materials.
  • Covers travel for the instructor(s) and all course materials for students.
  • Promotion of training on all available media eg. Twitter, Linkedin
  • The trainer may brand training materials to increase their exposure.

OWASP provides:

  •  Venue
  • Catering (with limitations based on COVID19 and reasonable alternative options for attendees)
  • Registration Logistics 
  • Basic wireless internet access (if you need additional technical arrangements, it is important to let us know)
  • One night hotel per day of training

Trainer profit-share:

  1. Virtual Trainers are eligible for 50% of the session’s revenue up to a $2,500 remuneration, and then 20% of any additional session revenue. 
  2. In-person Trainers are eligible for a profit share or flat fee payment structure to yet be determined. This detail will be adjusted from previous OWASP in-person training agreements due to recovery efforts from COVID19 and program changes (ie. space limitations, hybrid format, adjusted costs, etc). 
  3. Should in-person or hybrid trainings take place, OWASP will revise training agreements for selected trainers and address compensation based on the needs of the program.

    All personal data collected during the submission process will be only for contacting submitters regarding their submission and will not be used for marketing or commercials purposes. All data collected will be deleted once the selection process is complete.

We use Submittable to accept and review our submissions.