SCHUTZWERK @ German OWASP Day 2025

On November 25-26, 2025, the GermanOWASPDay takes place at the Radisson Blu Conference Hotel in Düsseldorf. SCHUTZWERK has been a regular sponsor of this independent conference for application security since 2016, bringing together security experts, developers, and IT decision-makers.

Tickets are still available. More information and registration: god.owasp.de/2025

The Conference

The first day (November 25) is designed as a training day. Two workshops run in parallel in the morning: “Leveraging Browser Features for Proactive Defense” by Javan Rasokat and the “Workshop Cyber Resilience Act” by Michael Helwig. In the afternoon, the German Chapter Meeting takes place, alongside the workshop “Threat Modeling with AI” by Georges Bolssens. The day concludes with a networking event.

On the second day (November 26), Eva Wolfangel opens the conference with her keynote “Code Dark Age”. Subsequently, two parallel tracks run with talks on current topics in application security: from Vulnerability Detection to PDF attacks to Passkeys and AI Security. The complete program is available at god.owasp.de/2025/#programm .

The conference offers vendor-neutral content without marketing presentations, from the cybersecurity community for the cybersecurity community. Like all OWASP activities, it is made possible by the volunteer commitment of its members.

OWASP: From Classic Web Risks to AI Security

The OpenWorldwideApplicationSecurityProject(OWASP)Foundation is a non-profit organization dedicated to improving software security. Since its founding, OWASP has made all resources available free and openly – a philosophy that makes security knowledge accessible to organizations of all sizes.

OWASP became known primarily through the OWASPTop10 , the regularly updated list of the ten most critical security risks for web applications. On November 6, 2025, the ReleaseCandidateofthe2025version was published with two new categories: “Software Supply Chain Failures” reflects the growing importance of supply chain security, while “Mishandling of Exceptional Conditions” focuses on error handling. Coverage has been significantly expanded: from about 30 CWEs in 2017 to 589 CWEs in 2025, based on the analysis of 2.8 million applications.

OWASP’s evolution is also evident in newer projects. With the OWASPAIExchange and the OWASPTop10forLargeLanguageModels , the organization addresses modern threats in the AI domain – from Prompt Injection to Training Data Poisoning. The WebSecurityTestingGuide continues to provide structured testing methods for classic web applications.

SCHUTZWERK uses OWASP methods and knowledge in PenetrationTests and WebApplicationSecurityAssessments , among others. Our support for the German OWASP Day is based on the conviction that security knowledge should be openly accessible and that exchange between practitioners in the community is valuable for collaboratively advancing cybersecurity.

We’ll see you in Düsseldorf!