We are excited to open the Call for PODs (Practical On-Demand activities) for OWASP Global AppSec EU 2026 – Vienna.

PODs are 2–3 hour, ongoing, asynchronous, small-group activities that run in parallel with the main conference program. They are designed to be practical, hands-on, and engaging, giving participants something to do rather than just something to listen to.

What is a POD?

A POD (Practical On-Demand) is an informal round-table style activity where participants can drop in and out freely during the session time. It must be:

• Hands-on, active, and participatory
• AppSec or AppSec-related
• Designed so that participants learn or practice concrete skill
• Shouldn’t require the participant to make a long (>15 minutes) time commitment

Formats can include, for example:

• Capture-the-flag style mini challenges
• Secure code / code review exercises
• Threat modeling or incident simulation games
• API or supply chain attack/defense labs
• Interactive secure design or architecture clinics
• Quizzes, trivia, games and other puzzle-based AppSec challenges

Pure discussion, panels, or “talks in disguise” will not be accepted. Every POD must have a strong “doing” component.

Audience and level

POD proposers should be AppSec practitioners.

POD participants can be:

• AppSec engineers
• Developers
• Security champions
• Red and blue teamers
• Students and newcomers to AppSec

Ideally, your POD should offer something for all levels – so beginners can participate and learn, while more advanced folks can still be challenged.

Format and logistics

Each POD should be designed to run for 2–3 hours in a dedicated space with:

• Round table and chairs
• Monitor with HDMI
• Wi-Fi
• Power strips

If your activity requires laptops, please design it with the understanding that not all participants may have a laptop with them, and clearly state in the description if a laptop is strongly recommended.

Pods proposers will need to be present and assisting participants for the full duration of their assigned time.

We do not provide special hardware or pre-provisioned lab environments, so please design your activity to run on common setups and public or easily accessible resources.

 REVIEW TIMELINES

 CfP IMPORTANT DATES: 

•  CfP Opens: December 17, 2025
•  CfP Closes: February 16 , 2026
•  Notification of submitters: Week of March 9, 2025
•  Program announced: Week of March 23, 2026

Keep in mind: the better your description is, the better our review will be. Please review your proposal thoroughly, as your accepted abstract and bio will be published publicly as submitted on our site. 

******************************************************

REVIEW CONSIDERATIONS

The Program Team will review your submission and give it a rating which will be used to compare it to the other submissions in your chosen track. 

Your submission *will be disqualified* if: 

-Your submission was submitted by someone who is not one of the speakers such as the marketing team or a marketing agency.

-Your submission has self-identifying elements in its abstract, outline, slides, past presentations, etc. These elements can be, but are not limited to, affiliation with well-known podcasts, headshots, company references, apart from directly identifying information like names, etc.

- OWASP strives to have a completely blind review process

-Your submission is identified as having been generated by an AI

Your submission will *NOT* be disqualified, BUT:

-If you have recently presented the same material in another conference or venue, kindly indicate so. OWASP strives to have new and novel content in its events, and we expect that any material previously presented elsewhere will have enough distinction during our events so as to separate it from previous presentations. Please be sure to indicate how this edition will be different from previous ones

-If distinct submitters from the same company submit on the same or closely related subject, we ask that you kindly coordinate before submitting, so we can guarantee the highest quality of presentation

The top scored submissions:

-Have a clear abstract that describes interesting and relevant material which we would choose to attend. This is primarily to market to attendees but obviously it needs to impress the reviewers as well.

-Have an outline that leaves no doubts about the structure of the talk and the timings 

-Tell the reviewer exactly what you will be covering. Don’t just say “we will provide our top 5 techniques for avoiding this issue. Instead, clearly set out for the reviewer what those 5 techniques will be. Don’t keep secrets from the reviewer or try to keep the reviewer in suspense, that is what the conference abstract is for!

-Demonstrate clear takeaways that attendees can immediately implement at their workplaces.

Top reasons submissions get marked down or rejected:

-No clear link to the topics listed above.

-Poorly formatted or structured submission or significant spelling and grammatical mistakes. Get someone else to review your submission or use an online tool to proofread it.

-Your submission sounds like it was created by an AI.

-Your submission makes it sounds like the answer to the challenge you raise is to buy your product. Alternatively, the submission sounds like a direct sales pitch. If you work for a vendor, we will be looking for a clear explanation of what value the submission brings, separate to your product or service.

-Your submission is full of buzzwords without clarity on what tangible value the talk brings to the attendee.

-The shorter the submission, the less time the reviewer will spend on your submission before they mark it down, due to a lack of details..

-Your submission has self-identifying details