Trainings

This introductory training provides a structured overview of modern Application Security and the Secure Software Development Lifecycle (SSDLC). Rather than focusing on a single technology or vulnerability category, the course explores how cloud-native architectures, APIs, AI-assisted development, software supply chain risks, and evolving regulatory requirements have transformed the security landscape. Participants gain a practical understanding of how security activities, processes, and tools fit together to create an effective application security program.

The training covers the core building blocks of contemporary AppSec, including threat landscapes, compliance considerations, secure architecture principles, security-by-design practices, threat modeling, DevSecOps tooling, vulnerability management, and SSDLC governance. Through discussions and practical exercises, participants learn how to identify and address security risks early in the development lifecycle, evaluate where security tools provide value, and understand how AI can support and automate security activities. A hands-on threat modeling exercise helps attendees apply security-by-design concepts to realistic scenarios and better understand risk-driven decision-making.

By the end of the session, participants will have a clear understanding of how modern application security programs operate, how to build and tailor an SSDLC to their organization's needs, and how to scale security initiatives through governance, security champions, and culture. The training emphasizes practical, adaptable approaches rather than one-size-fits-all solutions, making it valuable for developers, architects, DevOps engineers, technical leads, and security practitioners seeking a strong foundation in Application Security.

Requirements: Laptop with internet access

Michael Helwig is a cybersecurity strategist and expert working on a wide range of product and cybersecurity topics with a background in secure software development. He is the co-founder of a security consulting firm that helps clients across industries implement product security programs, adopt DevSecOps, and achieve compliance with various standards.

This is a hands-on workshop that demonstrates how organizations can build scalable, sustainable threat modeling programs using OWASP Precogly, an open-source platform designed for modern security teams. The training explores how to move beyond isolated threat modeling exercises and establish repeatable workflows that integrate with development processes, governance requirements, and organizational security practices. Participants will gain practical experience creating threat models, managing reusable security knowledge through library packs, mapping controls to compliance frameworks, and adopting a "threat model as code" approach that supports collaboration and continuous improvement.

A distinguishing feature of the workshop is its focus on AI-enabled threat modeling. Precogly was built with a fully documented API-first architecture, enabling teams to develop their own AI agents to automate activities such as architecture analysis, context generation, diagram conversion, ticket synchronization, and threat discovery. Through guided labs, attendees will install and configure Precogly, build and analyze a threat model, create custom libraries tailored to their technology stack, and experiment with AI-driven automation patterns that can accelerate security reviews and improve coverage.

By the end of the session, participants will understand not only how to use the platform, but also how to operationalize threat modeling at scale. They will leave with a working local deployment, practical implementation examples, reusable artifacts, and a clear framework for introducing or expanding a threat modeling program that is collaborative, compliance-aware, and ready for the next generation of AI-assisted security workflows.

Requirements:

  • Laptop with Docker Desktop (or Docker Engine + Docker Compose), Git, and a modern browser installed and verified working before the workshop.
  • Local admin/sudo rights required.
  • Familiarity with STRIDE or a comparable threat modeling methodology.
  • Experience creating at least one threat model, even informally.
  • A pre-flight check script and setup instructions will be sent to confirmed participants one week before the workshop.

Vikramaditya Narayan is the creator of OWASP Precogly, an open-source, enterprise-grade threat modeling platform built for compliance-aware security teams. He leads the Bangalore chapter of Threat Modeling Connect and has spoken at ThreatModCon DC on emergent risks in multi-agentic systems. Other recent and upcoming engagements include the OWASP 25th Anniversary Virtual Event and OWASP Vienna (June 2026). Vikramaditya holds an MS from Carnegie Mellon and is a Certified Threat Modeling Professional.

This workshop introduces participants to offensive and defensive security concepts in Operational Technology (OT) and Industrial Control Systems (ICS) environments. Using a fully isolated lab environment, attendees learn how attackers discover, access, manipulate, and disrupt industrial processes by exploiting common weaknesses in protocols such as Modbus, DNP3, and S7comm. Through guided exercises based on realistic water treatment plant simulations, participants gain practical experience mapping OT networks, collecting operational data, understanding insecure-by-design protocols, and observing how seemingly simple actions can create real-world physical consequences.

The workshop combines attack simulation using MITRE Caldera with detection and monitoring using Suricata, Zeek, and ATT&CK for ICS. Participants perform reconnaissance, identify exposed assets, retrieve sensitive operational information, manipulate control system parameters, and observe the impact on simulated industrial processes. Alongside these offensive exercises, they learn how defenders monitor OT environments, investigate attack activity, map techniques to the MITRE ATT&CK for ICS framework, and identify critical detection gaps that can allow low-noise attacks to remain unnoticed.

By the end of the session, attendees will understand how modern OT attacks unfold across multiple stages, how common industrial protocols and devices can be abused, and how security teams can improve visibility and resilience in critical infrastructure environments. The workshop demonstrates seven of the OWASP OT Top 10 risks in a controlled setting and provides participants with practical skills, lab resources, and a deeper understanding of both attacker techniques and defensive strategies in industrial control systems.

Requirements:

  • Working personal laptop with Windows 11 64-bit, macOS, or Debian-based Linux installed as the host operating system.
  • No netbooks, Chromebooks, tablets, or corporate laptops with restrictive policies enabled.
  • Minimum 100 GB free disk space and 16 GB RAM preferred.
  • Antivirus and firewall disabled.
  • Administrator privileges.
  • Virtualization technology enabled in BIOS. If VT is disabled, the BIOS password is needed.
  • Working USB port with file-transfer access allowed.
  • Wi-Fi enabled.
  • No VPN installed.
  • Ability to connect to wireless and wired networks.
  • Ability to read PDF files.
  • Latest display drivers installed.
  • Latest VirtualBox installed. Apple Silicon (M1/M2/M3/M4) users need VMware Fusion or UTM instead; VirtualBox on ARM is still limited.

Thomas Blessen is an Independent Security Researcher with 14+ years of experience in Red Teaming and full-spectrum security assessments. His expertise spans AppSec, IoT/OT, Mainframes, SAP, Cloud, and Physical Covert Entry. He has secured global enterprises across Telecom, SWIFT, and financial environments.

Blessen holds a B.Tech in IT and elite certifications including SANS GPEN, CRTO, OSCP, CRTP, and CREST. A prolific bug hunter, he is featured in the Hall of Fame for Oracle, Sony, and Splunk. He is a key contributor to community projects like the OWASP MSTG, OWASP Top 10 API, and Seclists. His research and trainings have been featured at premier global stages including Hack In The Box, CanSecWest, HITCON, and various OWASP AppSec Summits. Beyond the work, he is a dedicated drummer and percussionist.

Hacking a Smart Pizza Place with the OWASP AI Exchange - PwnzzAI! is a highly interactive workshop that introduces participants to the security challenges of modern AI systems through hands-on attack and defense exercises. Using the OWASP AI Exchange framework and PwnzzAI, an intentionally vulnerable AI application built for education and testing, attendees explore how AI-powered applications, large language models (LLMs), and machine learning systems are designed, how they can be compromised, and how those risks can be mitigated in real-world deployments. The workshop focuses on practical exploitation rather than theory, giving participants direct experience with the most significant threats facing AI applications today.

Throughout a series of guided labs, participants investigate vulnerabilities such as prompt injection, sensitive data leakage, model and data poisoning, AI supply chain attacks, vector database weaknesses, excessive agent behavior, system prompt exposure, misinformation, and resource abuse. By attacking and analyzing a deliberately insecure AI environment, attendees gain a deeper understanding of how these threats manifest in practice and how adversaries can manipulate AI systems and their supporting infrastructure.

By the end of the workshop, participants will be able to identify major AI security risks, understand common attack strategies against AI applications, and successfully execute practical proof-of-concept attacks in a controlled environment. The training is designed to provide hands-on experience with the OWASP AI Exchange threat landscape, helping security professionals, developers, and AI practitioners better assess and secure AI-powered systems.

Requirements:

To make the most of the workshop, participants should have basic familiarity with Python, including working with functions and classes, making API requests, and executing database queries. A foundational, non-deep technical understanding of AI and LLM concepts, such as prompt structures, AI supply chain and retrieval-augmented generation (RAG), is also expected, along with general awareness of common software security vulnerabilities such as XSS and SQL injection. Without this background, participants may still be able to complete some challenges but may not fully understand the underlying technical root causes.

Participants should bring a laptop with Docker installed and working. Since pulling the PwnzzAI Docker image and the required AI models can take 10-20 minutes, attendees are strongly recommended to complete this step before the workshop to ensure a smooth and hands-on experience.

Workshop Access Options

Participants can choose one of two ways to complete the hands-on exercises.

Option 1: Use the Hosted Workshop Environment

The lab will be deployed on a public server and can be accessed directly through a web browser. No installation is required.

  • A shared API key for commercial models will be provided during the workshop.
  • Open-source models running on Ollama will also be available through the hosted environment.
  • This is the recommended option for participants who want to focus on the exercises without spending time on setup and configuration.
Option 2: Run Your Own Local Instance

Participants who prefer to explore the platform locally can deploy PwnzzAI using Docker and choose between two LLM backends.

Option 2A: Commercial Models
  • An API key for OpenAI, Claude or Gemini is required.
  • Model inference is performed by cloud models, so local hardware requirements are modest.

Recommended specifications:

  • CPU: 4 cores or more
  • RAM: 8-16 GB
  • Disk: 30 GB free space for Docker images
Option 2B: Ollama with Free Open-Source Models

The lab supports local execution using:

  • Mistral 7B
  • Llama 3.2 1B

Because the models run locally, additional system resources are recommended.

Recommended specifications:

  • CPU: 8 cores or more
  • RAM: 32 GB minimum
  • Disk: 50-100 GB free SSD space for Docker images and model files
  • Optional (recommended): NVIDIA GPU with 12 GB or more VRAM

Behnaz Karimi is a Senior Cybersecurity Engineer specializing in AI security and a Co-Lead/Author and AI Red Teaming Lead at OWASP AI Exchange. She has spoken at Global AppSec Barcelona, OWASP Germany, and served as a panelist on AI Governance at ISACA Conference 2025 and ISDFS Boston. She also supports EU AI Act-related efforts, aligning AI security practices with regulatory requirements. With 17+ years of experience, she has worked across automotive and enterprise sectors with expertise in secure AI, threat modeling, and adversarial resilience.

Maryam Mouzarani is a Cybersecurity Engineer with over 10 years of experience in application security, penetration testing, and software vulnerability research. She holds a PhD in Computer Engineering, specializing in software vulnerability analysis, and has authored several publications in this field. Currently, she serves as an AI Red Team Engineer and Test Team Lead at Applause. She is the creator of PwnzzAI and currently leads the OWASP PwnzzAI project. In addition to her industry expertise, Maryam has more than five years of teaching experience and has designed and delivered a range of academic and professional training courses in cybersecurity and related disciplines.

Talks

AI is creating real breakthroughs, but also an ocean of slop, hype, fear, and confusion. Engineers are declared obsolete. Agentic AI is treated as magic. Security teams are asked to protect systems that are changing faster than their risk models. No wonder many of us feel dazed.

This keynote offers a free therapy session for the AI-overwhelmed, including a grounded path through the chaos from your therapist. What are the truths we can rely on? Which AI risks matter most? How do we scope security concerns without drowning in them? And what about our careers?

Bring your questions. There will be tissues.

Rob van der Veer is a global leader in AI security. He has over 34 years of experience in AI, made substantial contributions to various international AI standards (ISO, AI Act), and founded the OWASP AI Exchange flagship project and MOSAIC: unique collaborations between the security community and standardisation institutes. As Chief AI Officer at Software Improvement Group, Rob is an advisor to governments, enterprises, and institutions worldwide.