Call for Presentations

CfP closes: June 21, 2026, 11:59 PM

Notification to submitters by July 13, 2026

Conference: September 24, 2026

For your submission, we require a short abstract (≥ 600 characters); if available, including a draft version of your presentation could help. Please ensure correct spelling—both the abstract and the biography will appear exactly as submitted in the program.
Presentations are 20 or 40 minutes long, plus a 5-minute Q&A session. Please indicate your preferred length in the CfP.

We welcome all topics related to application security, in particular:

• Practical technical presentations on application security
• Hot topics such as Machine Learning / AI / LLM, MCP, and their contribution to (in)security.
• Software development: supply chain risks, automated security testing, processes
• New research findings
• Updates on OWASP projects
• Client application security: browser security and mobile applications
• Server / Cloud Application Security: Containerization/Microservices, Dev(Sec)Ops
• CISO topics, organizational aspects
• Secure Software Development Lifecycle, Threat Modeling, secure architectures
• Application Security Testing: Code review, penetration testing, dynamic or static code analysis (with/without AI), fuzzing

We will publish the presentation slides on the conference website under a free license following the conference.
In addition, we plan to record the talks and subsequently publish them on the CCC Media website and the German OWASP Chapter's YouTube channel. Live streaming may also be available. If you do not wish to be recorded or streamed, please note this in the comment field of your submission. The videos will be released under a free license. The default is CC BY-SA 4.0, unless you request a different one.

You may choose either German or English as the presentation language. Please select the language in which you are absolutely confident.

The OWASP speaker agreement applies to all submitters. In a nutshell: Please do not use a company slide deck, but a neutral one or one from OWASP (typically, we receive a stylish slide deck designed specifically for our conference). Your company name and logo are welcome on a single slide. Slides that do not comply with the Speaker Agreement will not be published.

Please no “marketing pitches”; neither on the slides nor verbally. The slides must not contain any non-free content.

OWASP assumes no responsibility for compliance with respect to rights of third parties.

The top scored submissions

• has something significant to share with the audience.
• has a clear summary that describes an interesting and relevant presentation that people would love to attend. This piques the interest of both the audience and the reviewers.
• has an outline that leaves no doubt about the presentation's structure and timeline.
• clearly describes a take away for the audience. Or even what they can implement in their workplace in the near future.
• is new, and attendees cannot find it in videos from other conferences.
• describes a real-life story, such as how you solved a problem in your daily life.
• tells a story, e.g., how you failed or what worked at best mediocrely. Feel free to share pitfalls and failures so we can learn from them.
• Addresses a hot topic that is relevant in 2026.

The reasons submissions get marked down or rejected

• The submission sounds as though it was created entirely with the help of AI.
• It sounds like a sales pitch for products or services.
• Your submission contains too many buzzwords.
• The submission is short and/or vague, so reviewers reject it due to a lack of insight.
• It remains unclear what specific value the presentation offers to attendees.
• Poorly formatted or poorly structured submission, or significant spelling and grammar errors.
• You have submitted far too many presentations. More isn't always better.
• There is reason to suspect that none of the speakers submitted this themselves.

Like many conferences these days, we generally receive a large number of proposals. If yours was not accepted, it simply means that, relative to all the other submissions, it did not stand out.