OWASP Switzerland Chapter

The OWASP community is getting together for another meetup in May 2026! Join us for some security talks 🔐, good company 🤝, and a little aperitif 🍕.

Program:
16:00 - Doors open: Grab a drink, meet old and new friends from the OWASP Switzerland community

16:30 - Hello from OWASP Switzerland

16:40 - Talk: AI-Driven Development Lifecycle (AI-DLC) (Markus Rollwagen, Senior Solutions Architect, AWS)

17:25 - (10min break)

17:35 - Talk: Using HoneyPots to protect critical Infrastructure (Giulio Grazzi, Head IT Security, SRF)

18:35 - (10min break)

18:45 - Talk: We Tried to Detect Prompt Injection in Coding Agents. Here's What Broke (Paulo Martins, Principal Security Engineer, GitLab)

19:30 - Networking & Pizza 🍕 & Aperitif🍷- Grab a bite and chat with old and new friends

Talks Details:
AI-Driven Development Lifecycle (AI-DLC) (Markus):
Software development is undergoing a fundamental shift. AWS’s AI-Driven Development Lifecycle (AI-DLC) positions AI not as a mere assistant, but as a central collaborator across the entire SDLC — from requirements to deployment. In this session, we’ll explore how AI-DLC’s three phases — Inception, Construction, and Operations — redefine team workflows, and what this means for security: how AI enforces organization-specific security standards consistently, maintains human oversight at critical decision points, and ensures traceability from requirements to deployment. We’ll discuss the security opportunities and risks this methodology introduces, and how teams can adopt AI-DLC while keeping security a first-class citizen in every “bolt.”

Using HoneyPots to protect critical Infrastructure (Giulio):
How do you protect your critical infrastructure in the days of agentic ai and very limited options on your hosts? You need to get creative and use stone age tech. I’ll give you some insights, from our journey and pitfalls you might be facing (and should be avoided :))

We Tried to Detect Prompt Injection in Coding Agents. Here's What Broke (Paulo):
As a community, we are delegating a significant part of our development workflow to agents, and as the use cases grow, the risk of prompt injection keeps increasing - to the point that it made it to the top of the OWASP LLM Top 10. In this talk, I'll explore the concept of "detect and prevent prompt injection" and why it is particularly hard to do for coding agents.

Speaker Details:
Markus Rollwagen
Senior Solutions Architect at AWS, based in Switzerland
Markus enjoys deep dive technical discussions, while keeping an eye on the big picture and the customer goals. With a software engineering background, he embraces infrastructure as code and is passionate about all things security.

Giulio Grazzi
Head IT Security, SRF
From bike messaging to networking to infosec - always maximize never max out. Currently at Schweizer Radio und Fernsehen dealing with all Infosec topics, background in networking, embedded devices and mobile security.

Paulo Martin
Principal Security Engineer, GitLab since 2021
Now focused on AI security: prompt injection, sandboxing, and keeping agentic workflows from doing things they shouldn't.

The OWASP community is getting together for another event in October 2026 at Zurich Information Security and Privacy Center of ETH Zurich. Join us for great security talks, good company, and a little Apéro. 😎

Program:
More information coming soon.

Talk Details:
TBA