Creating AppSec Talent (next 100k professionals)


Given the massive skills shortage in the AppSec industry, we need innovative solutions if we are going to create another 100,000 AppSec professionals worldwide. This Working Session will discuss and evaluate ways of creating and growing AppSec talent.


  • Identify gaps in our current meta staffing for AppSec.
  • How to scale AppSec training
  • The Role of security champions in creating the next generation of security professionals
  • Define audiences for future security professionals: Which industries should we approach to promote the idea of becoming security professionals (Developers, engineers, craftsmen, AI specialists, lawyers)? What level of career should we try to capture (early/mid/advanced)?
  • What is the role of early careerists?
  • What can be done at university/college level?
  • Should we capture people attending bootcamps and other non-traditional educational pathways?
    • ‘Ethical Hacking’ and ‘Bug Bounties’ have a tool to excite new members
  • How should OWASP work to reach these people?


  • Road map for reaching new AppSec Professionals.


The target audience for this Working Session is:

  • AppSec Team leads
  • Recruitment agencies
  • Universities
  • Bug Bounty companies/programmes

Working materials

  • Draft roadmap (please add as much information as possible before the sessions)


… add content …

Related Working Session(s)

Back to list of all Working Sessions and Tracks

Edit this page here