Philippe De Ryck helps developers protect companies through better web security. As the founder of Pragmatic Web Security, he travels the world to train developers on web security and security engineering. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape. Google recognizes Philippe as a Google Developer Expert for his work on security in Angular applications.

Steven Wierckx is a software and security tester with 15 years of experience in programming, security testing, source code review, test automation, functional and technical analysis, development, and database design, Steven shares his passion for web application security through writing and training on testing software for security problems, secure coding, security awareness, security testing, and threat modeling. He is the project leader for the OWASP Threat Modeling Project and organizes the BruCON student CTF. Last year, he spoke at Hack in the Box Amsterdam, hosted a workshop at BruCON and delivered threat modeling trainings at OWASP AppSec USA and O’Reilly Security New York.

Pascal Schulz is an IT security engineer at Dynatrace Austria, the world's leading provider of application performance management solutions. After completing his master's degree in "Secure Information Systems" in Hagenberg, Pascal was involved in the foundation of the Dynatrace security team. Currently, he focuses on managing and executing penetration tests, both internally and externally. Additionally, Pascal engages in automating security checks and he trains employees continuously.

Laura Kovacs is a full professor in computer science at the TU Wien, leading the automated program reasoning (APRe) research group. She also holds a part-time professorship at the Chalmers University of Technology, Gothenburg, Sweden.

In her research, Laura Kovacs deals with the design of new theories, technologies, and tools for automating software analysis and verification. Her work combines and develops methods in symbolic summation, computer algebra and automated theorem proving in support of rigorous system engineering. She is the co-developer of the award-winner Vampire theorem prover. She is a Wallenberg Academy Fellow of the Swedish Wallenberg Foundation and an ERC Grantee (ERC Starting and Proof of Concept Grants).

Anja is a ethnographer with focus on the human in technology. The goal is to make the technology work for humans by understanding their needs and behavior in everyday life. By understanding the human we can develop product and systems with meaning for the individual.

Sarah Fabricius is a UX'er that focuses on conducting user studies and tests of new technology, prototypes and design that helps bridge the gap between technology and the user.

Product Manager and Marketer that has been helping build and grow developer tools for 15 years. From dependency management and source code to package management and everything in between. Remote, dogfooding and open source and inner source fan.

Reinhard Kugler is senior security consultant at SBA Research. His main focus is software security, and additionally he has a background in electronics. His current work in IoT security is to provide professional services for customers, to assess hardware systems in a limited timeframe and to contribute to research projects in the field of industrial systems.

David Gnedt is senior security consultant at SBA Research. His main focus is system security with special focus on software and embedded device security. He frequently conducts penetration tests and security assessments. His current work in IoT security is to provide professional services for customers, to assess hardware systems in a limited timeframe and to contribute to research projects in the field of industrial systems.

Dr. Lukas Feiler, SSCP, CIPP/E, has more than eight years of experience in IP/IT and is a partner and head of the IP and IT team at Baker McKenzie • Diwok Hermann Petsche Rechtsanwälte LLP & Co KG in Vienna. He is a lecturer for data protection law at the University of Vienna Law School and for IT compliance at the University of Applied Science Wiener Neustadt. Prior to joining the Firm, Lukas was an associate at the Austrian headquarter of an international law firm, vice director at the European Center for E-Commerce and Internet Law, and an intern at the European Commission, DG Information Society & Media. Having worked at IT companies in Vienna, Leeds, and New York, he has experience as a system and network administrator. In April 2014, Lukas has been named as Cyber Security Lawyer of the Year for Austria in the 2014 Finance Monthly Law Awards. In 2011, he received the Jus-Top-League Award from Die Presse and the Academy for Law, Taxes & Business as one of the five most promising up-and-coming lawyers.

Andreas Falk has been working in enterprise application development projects for more than twenty years. Currently, he is working as a managing consultant for Novatec Consulting located in Germany.
In various projects, he has since been around as consultant, architect, coach, developer, and tester. His focus is on the agile development of cloud-native enterprise java applications using the complete Spring platform. As a member of the Open Web Application Security Project (OWASP), he likes to have a closer look at all aspects of application security as well. Andreas is also a frequent speaker at conferences like Spring I/O, CloudFoundry Summit, Devoxx, and OWASP AppSec.

Tonimir Kišasondi is the founder of Oru (www.oru.hr), a boutique information security consultancy from Varaždin, Croatia. In his spare time, he’s involved with the OWASP project where he leads the Croatia chapter and contributes to various open source tools. His professional and research area of interest is security architecture, application security, security testing/analysis and applied cryptography.

Silvie Schmidt is a lecturer & researcher at the Competence Centre for IT-Security at the FH Campus Wien. She is currently leading the project ELVIS - Embedded Lab Vienna for IoT & Security - which will be established permanently. Her research field contains: IoT-Security, cryptography on constrained devices, secure software development, IoT penetration testing (Campus Cyber Security Team).

Thomas and Lena are security researchers working at Synacktiv. They are mostly interested in web technologies security and they had the possibility to practice it during several years of penetration testing and red team engagements.

I am passionate about mobile app development and IT security, and I've been lucky enough to combine both of them in my daily job for the past 6 years. Currently I am working at Build38, where we develop tools that enable mobile app developers to build their dream apps in a secure manner.

Alexander Reelsen is a Developer & Advocate, Dad, works since 2013 distributed at Elastic, is interested in search, scale, JVM, crystallang, serverless and Basketball.

Thorsten completed his PhD in 2016 at the Institute of Science and Technology Austria in formal methods and has been working at the Austrian Institute of Technology as a Research Engineer since. At AIT he works on model-based test case generation and threat-modelling. He gives a lecture related to test engineering at the FH Campus.

Christoph received his M.Sc. in System and Software Engineering at the University of Applied Sciences Regensburg in 2013. His main research area is safety and security co-engineering. Before he joined AIT he worked at OSRAM OS, LAS3 and IT Speicher. He is member of the Austrian mirror committees for ISO/TC 22 Road vehicles and IEC TC 56 Dependability. He is involved in tasks regarding safety&security co-analysis, co-design and co-assurance in multiple European and Austrian projects in the domain of transportation, manufacturing and agriculture and gives a lecture related to model-based safety engineering at the FH Campus.

Dr. Marcel Medwed received a PhD from TU Graz in 2010. He worked two years as a post-doctoral researcher at UC Louvain. Marcel joined NXP in 2012 as crypto library architect for a smart card platform for banking and e-government applications. In 2014, he joined the security concepts team in NXP’s competence center crypto and security (CCCS) where he holds the title of Senior Principal and works as Cryptographer and Security Architect. In this group he worked amongst others on topics like leakage resilient cryptography, memory safety and platform security. He is the author of more than 30 journal and conference papers and filed 7 patents in the area of cryptography and implementation security.

Dimitrij Klesev is a Senior DevOps Engineer in the IT-Consultants Tech Team of WhizUs GmbH. His primary focus are distributed systems, such as Kubernetes, but also IT security relevant topics. Together with the ÖBB operations team, he implements various on-premise and cloud kubernetes setups from concept to production.

Ronald Wimmer is an Operations Engineer at the OEBB BCC GmbH. He is primarily dealing with Linux systems, Load Balancers, and Identity Management. He has been dealing with containerization for a long time. Together with his colleagues of the ManagedServices team as well as profound support form the experts of WhizUs GmbH he is walking down the road to Kubernetes@OEBB.

Peter Panholzer is founder, general manager and principal OT security consultant at Limes Security. He has studied secure information systems at the University of applied Sciences Upper Austria, Campus Hagenberg and received his Master in 2012 for the thesis "Analyzing Secure Software Development Models". He was security consultant at the Siemens CERT in Munich for several years, focusing on security analysis of industrial products and research and development in the field of secure product development processes. He is co-author of the official CMMI addition "Security by Design with CMMI for Development, Version 1.3" and gave several talks about the topic on conferences such as SEPG North America. Currently he is supporting several vendors of automation components in introducing secure development practices in their general product development processes, mainly based on the IEC 62443-4-1.

Lucas v. Stockhausen has over 20 years of experience in IT starting as a Developer and over 10 years' experience in Application Security with a deep knowledge of Static, Dynamic and Interactive Application security Testing as well as RASP technologies. As Product Manager and Senior Application Security Strategist, Lucas has a deep understanding on how Companies implement these solutions including processes like BSIMM and OpenSAMM.

Stefan Jakoubi is head of Professional Services at SBA Research. He has been working in the area of information security for more than 13 years and acts as a security architect for customers and research partners. His main focus lies on balancing the interplay between business requirements and adequate security measures in order to support managers in meeting their due care responsibilities.

Johanna received a bachelor’s degree in Electrical Engineering and Information Technology and a master’s degree in Automation Engineering, both with distinction from the TU Wien. For her master thesis on Header Compression of IPsec in Powerline Networks, she received the diploma prize of the city of Vienna. During her studies, she spent a semester at the Czech Technical University in Prague. In 2016, she obtained a PhD degree with a thesis focusing on side channels and their practical exploitation in attacks; therefore, she is entitled for a promotio sub auspiciis praesidentis (with highest distinctions and awarded by the Austrian president). Besides, she studies law at the University of Vienna. Johanna teaches graduate courses on network and cloud security at University of Applied Sciences FH Technikum as well as FH Campus Wien.