Call for Papers

OWASP AppSec conferences are the premier gathering for software security leaders and researchers. It brings together the application security community to share cutting-edge ideas, initiatives and technological advancements.


OWASP AppSec conferences are true security conferences, with expected talks and presentations all around (web) application security. Non-technical talks (see below) are welcome too. Please refrain from submitting marketing talks or having sales pitches in your talk.

We are interested in all topics related to Web Application Security and OWASP, in particular:

  • Secure development: frameworks, best practices, secure coding, methods, processes, SDLC
  • Vulnerability analysis: code review, pentest, static analysis
  • Threat modelling
  • Mobile security
  • Cloud security
  • Browser security
  • HTML5 security
  • OWASP tools or projects in practice
  • New technologies, paradigms, tools
  • Privacy in web apps, Web services (REST, XML) and data storage
  • Operations and software security
  • Management topics in Application Security: Business Risks, Outsourcing/Offshoring, Awareness Programs, Project Management, Managing SDLC


By your submission you agree to the OWASP Speaker Agreement. It requires that you use an OWASP presentation template. You are welcome to include your company logo to the first and last slide. All presentation slides will be published on the conference website. Please make sure that any pictures and other materials in your slides doesn’t violate any copyrights. You are solely liable for copyright violations. You may choose any CC licence for your slides, including CC0. OWASP does suggest open licenses.

Participants and speakers are all warmly invited to attend the conference dinner on Thursday. Subject to the budget situation there’s an extra evening program for all accepted speakers.

Unfortunately we can’t cover travel expenses or costs for accommodations.

Program Committee

Your submission is subject to approval by a small core team of the program committee.

  • Bart De Win
  • Frank Breedijk
  • Lieven Desmet
  • Martin Knobloch
  • Jim Manico
  • Dirk Wetter
  • Jocelyn Aubert
  • Simon Bennetts
  • Justin Clarke
  • Antonio Fontes
  • Ferdinand Vroom
  • Konstantinos Papapanagiotou
  • Eoin Keary
  • Alex Kouzemtchenko
  • Jeremiah Grossman
  • Chris Riley
  • Boris Hemkemeir

Contact: papers2015 AT lists DOT appsec DOT eu


  • Submission of proposals by: 31 December, 2014 (11:59pm GMT) Extended to 15 January, 2015 (11:59pm GMT) CLOSED
  • Notification of acceptance: 10 February, 2015
  • Publication of program: 20 February, 2015 Now announced! Check the Talks page!
  • Conference Date: 21-22 May, 2015


To submit a proposal, please submit online (see link below) an abstract of your intended presentation (500 to 4000 characters) and a brief biography (150 to 800 characters, either included in the abstract or as an attached document). Your planned presentation time is 40 minutes (excl. ~5 minutes for discussion and change of speaker). Feel free to attach a preliminary version of your presentation if available. Any proposal submitted is subject to a democratic vote by the program committee (pc). Keep in mind: The better your description the better our picture (do not count on “fail open”). Please watch out for any mistakes as after approval by the pc we take your abstract and publish it 1:1 in our program.

All proposals for this call for papers have to be submitted through this link.

Don’t forget:
•    to enclose a signed copy of the Speaker Agreement