Wednesday, September 23, 2026 · Porto, Portugal · 6 half-day sessions
Kick off AppSec Days Portugal with a full day of hands-on security training. Six expert-led workshops run in parallel across two time slots, covering offensive techniques, defensive strategies, and security program building. Each session is four hours of focused, practical learning.
Deep-dive into the OWASP Top 10 for LLMs with hands-on labs covering Prompt Injection, Sensitive Data Disclosure, Excessive Agency, Improper Output Handling, and RAG Poisoning.
Master the art of anticipating threats before attackers do. Hands-on STRIDE and PASTA exercises, storytelling-based delivery, and practical tools you can apply the moment you leave the room.
Hack the world's most beginner-friendly vulnerable app, then go behind the scenes to see how it's built, tested, and maintained as an open source project. Led by the creator himself.
From BLE protocol fundamentals to real-world attacks — sniffing, GATT enumeration, replay attacks, MitM, and downgrade exploits. Get hands-on with the tools used by professional IoT security researchers.
Design and launch a Security Champions Program that actually sticks. Covers motivation theory, personality types, gamification, OKRs, and a practical exercise where you build your own program.
Real-world Android and iOS security flaws from years of pentesting. Vulnerability chains, mobile API attacks, XSS, SQLi, RCE — all with case studies from real engagements. All action, no fluff.
Each workshop is limited in capacity. Training tickets are separate from the main conference ticket.
Contact the Team