INTRODUCTION

Application Security practitioners, software engineers, and researchers from all over the world gather at OWASP’s Global AppSec conferences to discover, present and discuss the latest developments in software security, collaborate with their peers, and share the newest innovations in the field.

The conference will take place on May 29-30, 2025, at the International Barcelona Convention Center. The event will also offer hands-on training with vetted and leading trainers from May 26-28, 2025.

 CALL FOR PRESENTATIONS (CFP) & SUBMISSION 

The Global AppSec Program Team is formally issuing a call for presentations, opening November 6, 2024, and closing January 31, 2025, at 11:59 PDT. 

What topics should you submit about?

 This year’s tracks are based on traditional OWASP tracks, but slightly changed and clarified. Speakers should focus on the following guidelines for each of the tracks below. Sessions will be scheduled for 45 minutes, with an additional expected 5-10 minute Q&A period. 

BUILDER / DEVELOPER - Show the community how to build more secure apps, how to securely use technology in our code, and how to secure our systems at scale.

BREAKER / TESTER - Show the community how to test apps for security, and how to break secure systems, how to be a better bounty hunter, and how to integrate penetration testing in the SDLC

DEFENDER / OPS - Show the community world-class application operational defense, tools and techniques enabling detection and response to attacks, automating processes and pipelines, working with bounty hunters and running a production security program. 

MANAGER / CULTURE - Show the community how to run security teams effectively, create an effective security culture, selling security to executives, or balancing the risk tradeoffs.

OWASP PROJECT SHOWCASE- If you are a project leaders and want to share updates on your OWASP project with the community, this would be the track for you!

We’ve provided a few topic suggestions below, but feel free to innovate!

• Web application security
• AI
• Mobile, Cloud, and Serverless security
• Blockchain & Internet of Things for security use
• Penetration testing & Application-level attacks
• Threat modeling, Application, and system architecture
• Security for DevOps engineers
• Privacy controls
• Planning and implementing an application security program
• Creating an AppSec team & culture
• Techniques to communicate risk and AppSec value to management - sharing what works and what doesn’t!
• How you failed. Things you did and didn’t work. Share pitfalls and failures so we all can learn from them. 

 REVIEW TIMELINES

 CfP IMPORTANT DATES: 

 CfP Opens:  November 6, 2024

 CfP Closes: January 31, 2025

 Notification of submitters: Week of February 24, 2025

 Program announced: Week of March 3, 2025

Keep in mind: the better your description is, the better our review will be. Please review your proposal thoroughly, as your accepted abstract and bio will be published publicly as submitted on our site. 

******************************************************

REVIEW CONSIDERATIONS

The Program Team will review your submission and give it a rating which will be used to compare it to the other submissions in your chosen track. 

Your submission *will be disqualified* if: 

Your submission was submitted by someone who is not one of the speakers such as the marketing team or a marketing agency.

The top scored submissions:

-Have a clear abstract that describes an interesting and relevant talk which we would choose to attend. This is primarily to market to attendees but obviously it needs to impress the reviewers as well.

-Have an outline that leaves no doubts about the structure of the talk and the timings 

-Tell the reviewer exactly what you will be covering. Don’t just say “we will provide our top 5 techniques for avoiding this issue. Instead, clearly set out for the reviewer what those 5 techniques will be. Don’t keep secrets from the reviewer or try to keep the reviewer in suspense, that is what the conference abstract is for!

-Discuss a new or novel topic that attendees couldn’t see in the recordings of previous conferences or in existing resources.

-Describe a real-life story of how you solved a problem in a real-world environment.

-Are clearly aligned with the audience in the track to which the talk is being submitted and clearly demonstrates why the submission it is relevant for the stated skill level. 

-Demonstrate clear takeaways that attendees can immediately implement at their workplaces.

Top reasons submissions get marked down or rejected:

-No clear link to the topics listed above.

-Poorly formatted or structured submission or significant spelling and grammatical mistakes. Get someone else to review your submission or use an online tool to proofread it.

-Your submission sounds like it was created by an AI.

-Your submission makes it sounds like the answer to the challenge you raise in the talk is to buy your product. Alternatively, the submission sounds like a direct sales pitch. If you work for a vendor, we will be looking for a clear explanation of what value the submission brings, separate to your product or service.

-Your submission is full of buzzwords without clarity on what tangible value the talk brings to the attendee.

-The shorter the submission, the less time the reviewer will spend on your submission before they mark it down, due to a lack of details..

-Your submission has self-identifying details

You can see some sample, high-quality submissions here:

https://docs.google.com/document/d/1m_IroyqjYwGL-8arwAxY-aDxWCH_3xda0BjNytkvaQ0/edit