Home
Talks
CFP Guide
What is BSides?
About
Contact
Light
← All talks
Topic
OWASP talks at BSides
53 talks tagged
OWASP
from 35 chapters of BSides events worldwide.
Related topics
Technical
Talk
Intro
Demo
Red
Tooling
44:22
SWF Seeking Lazy Admin for Cross-Domain Action
Seth Art
BSides DC
· 2014
Technical
OWASP
Web AppSec
Talk
Open →
2014-10
25:25
Web Apps: APIs’ Nightmare
BSides Ahmedabad
Technical
OWASP
Web AppSec
Intro
Talk
Open →
2024-05
38:30
OWASP Top 10 Like I'm Five: From A Bug Bounty Hunter's Perspective
Dávid Schütz
BSides Budabest
· 2019
Technical
OWASP
Web AppSec
Intro
Talk
Open →
2019-06
47:05
OWASP Amass Beyond Subdomain Enumeration
Jeff Foley
Anthony Rhodes
BSidesROC
· 2019
Technical
OSINT
OWASP
Threat Intel
Talk
Open →
2019-03
24:37
A Less Known Attack Vector: Second Order IDOR Attacks
Ozgur Alp
BSides Athens
· 2020
Technical
OWASP
Web AppSec
Red
Talk
Open →
2020-06
40:29
Fixing XSS with Content Security Policy
Ksenia Dmitrieva
BSides DC
· 2015
Technical
OWASP
Web AppSec
Talk
Open →
2015-12
20:52
Appsec requirements with OWASP ASVS
Erlend Andreas Gjære
BSides Oslo
· 2019
Technical
OWASP
Talk
Open →
2019-06
27:11
Hacking with a Heads Up Display
David Scrobonia
BSidesSF
· 2019
Technical
Tooling
OWASP
Web AppSec
Talk
Open →
2019-03
41:38
Web Application Exploit 101: Breaking Access Control and Business Logic
Tomohisa Ishikawa
BSides Philly
· 2017
Technical
OWASP
Web AppSec
Red
Talk
Open →
2017-08
26:54
Introduction to OWASP Juice Shop
Tim Corless-Carter
BSides Manchester
· 2019
Technical
OWASP
Vulnerability Research
Web AppSec
Intro
Red
Demo
Open →
2019-09
19:28
XXE for Dummies
Brian Myers
BSides PDX
· 2019
Technical
OWASP
Web AppSec
Intro
Demo
Talk
Open →
2019-11
29:43
BOLA, IDOR, MA, BFLA: Welcome to the OWASP API Top 10
Adam Fisher
BSides SLC
· 2020
Technical
OWASP
Web AppSec
Case Studies and Incidents Analysis
Talk
Open →
2020-03
24:15
OWASP Top 10 in GraphQL: An API Adventure
Danielle Rosenfeld-Lovell
BSides Canberra
· 2024
Technical
OWASP
Web AppSec
Talk
Open →
2024-12
22:54
Introducing The OWASP Nettacker Project
Sam Stepanyan
BSides Athens
· 2020
Technical
Tooling
OWASP
Demo
Talk
Open →
2020-06
25:13
[In]secure Deserialization, and how [not] to do it
Alexei Kojenov
BSides PDX
· 2019
Technical
OWASP
Vulnerability Research
Web AppSec
Intermediary
Demo
Talk
Open →
2019-11
48:45
Quines: A Self Producing Syndrome
Gopika Subramanian
BSides Delhi
· 2020
Technical
OWASP
Web AppSec
Talk
Open →
2020-11
25:03
Hacking Secure Coding into Highschool Education
Or Sahar
Yariv Tal
BSides TLV
· 2024
Community
OWASP
Intro
Talk
Open →
2024-08
47:04
Intro to API Hacking
Jamy Casteel
BSides Dallas/Fort Worth
· 2022
Technical
OWASP
Web AppSec
Intro
Red
Talk
Open →
2022-11
28:17
How to Shield an IoT Product from the OWASP IoT Top 10
Pablo Endres
BSides Munich
· 2020
Technical
OWASP
Talk
Open →
2020-09
13:51
OWASP Honeypot Threat Intelligence Project
Kartik Adak
BSides London
· 2025
Research
OWASP
Web AppSec
Technical Deep-dives
Talk
Open →
2025-02
48:53
A Bug Hunter's Way of Assessing Web App Security
Saurabh Singh
BSidesROC
· 2025
Technical
OWASP
Web AppSec
Red
Talk
Open →
2025-03
35:27
How To Shield An IoT Product From The OWASP IoT Top 10
Pablo Endres
BSides Luxembourg
· 2019
Technical
OWASP
Talk
Open →
2019-11
31:30
Bugs Are Shallow: Finding Vulnerabilities In Top GitHub Projects
Laurence Tennant
BSides London
Research
Technical
OWASP
Vulnerability Research
Web AppSec
Red
Empirical Research
Methodology
+1
Open →
2024-02
37:36
OWASP API Security Top 10 – How APIs are Hacked
Frank Ully
BSides Munich
· 2020
Technical
OWASP
Web AppSec
Intro
Talk
Open →
2020-09
43:43
Attacking OWASP: Exploiting the Top 10
David Coursey
BSides Augusta
· 2015
Technical
OWASP
Talk
Open →
2015-09
30:30
T1 03 OWASP ASVS - Panagiotis Yialouris
Panagiotis Yialouris
BSides Athens
· 2016
Technical
OWASP
Talk
Open →
2016-07
58:18
Tim Tomes - Web Application Authorization: Taming the Perfect Storm
Tim Tomes
BSides Augusta
· 2025
Technical
OWASP
Web AppSec
Talk
Open →
2025-10
24:28
Injections... again?
Márk Módly
BSides Budabest
· 2022
Technical
OWASP
Talk
Open →
2023-06
55:47
Web AppSec 101
Andrii Kudiurov
BSides Ukraine
· 2018
Technical
OWASP
Web AppSec
Intro
Blue
Talk
Open →
2018-05
1:15:24
Attacking & Defending Android Apps Training
Romansh Yadav
BSides Athens
· 2021
Technical
OWASP
Workshop
Open →
2021-06
41:26
Using The OWASP Top 10 To Save The Astronauts From HAL
Nick Dunn
BSides London
· 2025
Technical
OWASP
Talk
Open →
2025-02
39:08
Building A Modern, Scalable and Effective Application Security Program
Abdessamad Temmar
BSides Prishtina
· 2024
Technical
AI Security
DevSecOps
OWASP
Threat Modeling
Case Studies and Incidents Analysis
Talk
Open →
2024-09
56:51
Hacking the OWASP Top 10: An Intro to Web Application Security
Greg Sternberg
BSides Denver
· 2020
Technical
OWASP
Web AppSec
Intro
Talk
Open →
2020-10
25:57
OWASP Nettacker Project Presentation
Sam Stepanyan
BSides Athens
· 2022
Technical
OWASP
Vulnerability Research
Intro
Red
Demo
Talk
Open →
2022-06
34:49
Hardik Parekh - Navigating DevOps Security Journey at Scale
Hardik Parekh
BSides Philly
· 2020
Technical
DevSecOps
OWASP
Talk
Open →
2020-12
39:47
Building AppSec In
Seth Law
BSides SLC
· 2015
Technical
OWASP
Web AppSec
Talk
Open →
2015-04
51:12
REST is the Sweet Sauce of Labor
Kevin Cody
BSides Peru
· 2018
Technical
OWASP
Web AppSec
Demo
Talk
Open →
2018-06
15:37
Removing Damn Vulnerable Code by Dan Conn
Dan Conn
BSides Lancashire
Technical
OWASP
Web AppSec
Intro
Talk
Open →
2023-04
35:50
Hacking Basics with Women Hackers
Mrigakshi Goel
Payal Sondhi
Lalithya Malyala
BSides Vancouver
· 2022
Technical
OWASP
Vulnerability Research
Web AppSec
Intro
Red
Demo
Talk
Open →
2022-07
17:04
API Security From The Lens Of An AppSec Engineer by Abhinav Khanna
Abhinav Khanna
BSides Dundee
Technical
OWASP
Web AppSec
Talk
Open →
2022-08
30:13
Building Secure Software with the OWASP SAMM
August Johnson
BSides KC
· 2019
Technical
OWASP
Talk
Open →
2019-06
44:41
Using OWASP Nettacker For Recon And Vulnerability Scanning by Sam Stepanyan
Sam Stepanyan
BSides Dublin
· 2022
Technical
OWASP
Talk
Open →
2022-05
50:44
Mirror Mirror — Reflected PDF Attacks Using SQL Injection
Shawn Asmus
Kristov Widak
BSides Las Vegas
· 2012
Technical
OWASP
Web AppSec
Red
Talk
Open →
2017-03
42:34
Examining Access Control Vulnerabilities in GraphQL: A Field Case Study
Bogdan Tiron
BSides Galway
Technical
OWASP
Web AppSec
Red
Case Studies and Incidents Analysis
Talk
Open →
2025-03
43:49
Navigating DevOps Security Journey at Scale with OWASP SAMM 2.0
Hardik Parekh
BSides Porto
· 2020
Technical
DevSecOps
OWASP
Talk
Open →
2020-11
28:09
Injection Attacks: Defending an Application Takedown
Andy Nelson
BSides KC
· 2018
Technical
OWASP
Web AppSec
Intro
Talk
Open →
2018-06
51:53
Securing Agentic AI: Threat Trends, OWASP Top 10 patterns and a FinBot CTF demo
Venkata Sai Kishore Modalavalasa
BSides Göteborg 2026
Technical
AI Security
OWASP
Intermediary
Blue
Technical Deep-dives
Demo
Talk
Open →
2026-03
19:49
It’s time to uplift developer security maturity and erase common mistakes
Erica Wass
BSides Sydney
· 2023
Career
Technical
Career & Soft Skills
DevSecOps
OWASP
Talk
Open →
2023-08
19:28
The Halcyon Project: Applying DevSecOps to a Vulnerable App
James Clapperton
BSides Belfast
· 2025
Technical
DevSecOps
OWASP
Supply Chain Security
Threat Modeling
Web AppSec
Talk
Open →
2025-12
42:39
Map and Conquer: Application Security over Cloud
Pankaj Mouriya
BSides Newcastle
· 2021
Technical
Cloud IAM
OWASP
Web AppSec
Talk
Open →
2021-10
21:52
CG - Sure, Let Business Users Build Their Own. What Could Go Wrong?
Michael Bargury
BSides Las Vegas
Technical
Cloud IAM
OWASP
Web AppSec
Blue
Red
Talk
Open →
2023-10
24:39
Shift Left with DevSecOps: Scanning Every Code Change
Avinash Jain
BSides Newcastle
· 2020
Technical
DevSecOps
OWASP
Talk
Open →
2020-11
29:22
Making Security Everybody's Job
Akolade Adelaja
BSides Newcastle
Community
Technical
DevSecOps
OWASP
Intro
Talk
Open →
2023-12
