Philippe De Ryck helps developers protect companies through better web security. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape. As the founder of Pragmatic Web Security, Philippe delivers security training and security consulting to companies worldwide. His online course platform allows anyone to learn complex security topics at their own pace. Philippe is a Google Developer Expert and an Auth0 Ambassador for his community contributions on the security of web applications and APIs.
Steven Wierckx is a software and security tester with 15 years of experience in programming, security testing, source code review, test automation, functional and technical analysis, development, and database design, Steven shares his passion for web application security through writing and training on testing software for security problems, secure coding, security awareness, security testing, and threat modeling. He is the project leader for the OWASP Threat Modeling Project and organizes the BruCON student CTF. Last year, he spoke at Hack in the Box Amsterdam, hosted a workshop at BruCON and delivered threat modeling trainings at OWASP AppSec USA and O’Reilly Security New York.
Pascal Schulz is an IT security engineer at Dynatrace Austria, the world's leading provider of application performance management solutions. After completing his master's degree in "Secure Information Systems" in Hagenberg, Pascal was involved in the foundation of the Dynatrace security team. Currently, he focuses on managing and executing penetration tests, both internally and externally. Additionally, Pascal engages in automating security checks and he trains employees continuously. He also runs the Hacksplained YouTube channel.
Laura Kovacs is a full professor in computer science at the TU Wien, leading the automated program reasoning (APRe) research group. She also holds a part-time professorship at the Chalmers University of Technology, Gothenburg, Sweden.
In her research, Laura Kovacs deals with the design of new theories, technologies, and tools for automating software analysis and verification. Her work combines and develops methods in symbolic summation, computer algebra and automated theorem proving in support of rigorous system engineering. She is the co-developer of the award-winner Vampire theorem prover. She is a Wallenberg Academy Fellow of the Swedish Wallenberg Foundation and an ERC Grantee (ERC Starting and Proof of Concept Grants).
Anja is a ethnographer with focus on the human in technology. The goal is to make the technology work for humans by understanding their needs and behavior in everyday life. By understanding the human we can develop product and systems with meaning for the individual.
Sarah Fabricius is a UX'er that focuses on conducting user studies and tests of new technology, prototypes and design that helps bridge the gap between technology and the user.
Product Manager and Marketer that has been helping build and grow developer tools for 15 years. From dependency management and source code to package management and everything in between. Remote, dogfooding and open source and inner source fan.
Reinhard Kugler is senior security consultant at SBA Research. His main focus is software security, and additionally he has a background in electronics. His current work in IoT security is to provide professional services for customers, to assess hardware systems in a limited timeframe and to contribute to research projects in the field of industrial systems.
David Gnedt is senior security consultant at SBA Research. His main focus is system security with special focus on software and embedded device security. He frequently conducts penetration tests and security assessments. His current work in IoT security is to provide professional services for customers, to assess hardware systems in a limited timeframe and to contribute to research projects in the field of industrial systems.
Andreas Falk has been working in enterprise application development projects for more than twenty years. Currently, he is working as a managing consultant for Novatec Consulting located in Germany.
In various projects, he has since been around as consultant, architect, coach, developer, and tester. His focus is on the agile development of cloud-native enterprise java applications using the complete Spring platform. As a member of the Open Web Application Security Project (OWASP), he likes to have a closer look at all aspects of application security as well. Andreas is also a frequent speaker at conferences like Spring I/O, CloudFoundry Summit, Devoxx, and OWASP AppSec.
Tonimir Kišasondi is the founder of Oru (www.oru.hr), a boutique information security consultancy from Varaždin, Croatia. In his spare time, he’s involved with the OWASP project where he leads the Croatia chapter and contributes to various open source tools. His professional and research area of interest is security architecture, application security, security testing/analysis and applied cryptography.
Silvie Schmidt is a lecturer & researcher at the Competence Centre for IT-Security at the FH Campus Wien. She is currently leading the project ELVIS - Embedded Lab Vienna for IoT & Security - which will be established permanently. Her research field contains: IoT-Security, cryptography on constrained devices, secure software development, IoT penetration testing (Campus Cyber Security Team).
Thomas and Lena are security researchers working at Synacktiv. They are mostly interested in web technologies security and they had the possibility to practice it during several years of penetration testing and red team engagements.
I am passionate about mobile app development and IT security, and I've been lucky enough to combine both of them in my daily job for the past 6 years. Currently I am working at Build38, where we develop tools that enable mobile app developers to build their dream apps in a secure manner.
Alexander Reelsen is a Developer & Advocate, Dad, works since 2013 distributed at Elastic, is interested in search, scale, JVM, crystallang, serverless and Basketball.
Thorsten completed his PhD in 2016 at the Institute of Science and Technology Austria in formal methods and has been working at the Austrian Institute of Technology as a Research Engineer since. At AIT he works on model-based test case generation and threat-modelling. He gives a lecture related to test engineering at the FH Campus.
Christoph received his M.Sc. in System and Software Engineering at the University of Applied Sciences Regensburg in 2013. His main research area is safety and security co-engineering. Before he joined AIT he worked at OSRAM OS, LAS3 and IT Speicher. He is member of the Austrian mirror committees for ISO/TC 22 Road vehicles and IEC TC 56 Dependability. He is involved in tasks regarding safety&security co-analysis, co-design and co-assurance in multiple European and Austrian projects in the domain of transportation, manufacturing and agriculture and gives a lecture related to model-based safety engineering at the FH Campus.
Dr. Marcel Medwed received a PhD from TU Graz in 2010. He worked two years as a post-doctoral researcher at UC Louvain. Marcel joined NXP in 2012 as crypto library architect for a smart card platform for banking and e-government applications. In 2014, he joined the security concepts team in NXP’s competence center crypto and security (CCCS) where he holds the title of Senior Principal and works as Cryptographer and Security Architect. In this group he worked amongst others on topics like leakage resilient cryptography, memory safety and platform security. He is the author of more than 30 journal and conference papers and filed 7 patents in the area of cryptography and implementation security.
Dimitrij Klesev is a Senior DevOps Engineer in the IT-Consultants Tech Team of WhizUs GmbH. His primary focus are distributed systems, such as Kubernetes, but also IT security relevant topics. Together with the ÖBB operations team, he implements various on-premise and cloud kubernetes setups from concept to production.
Ronald Wimmer is an Operations Engineer at the OEBB BCC GmbH. He is primarily dealing with Linux systems, Load Balancers, and Identity Management. He has been dealing with containerization for a long time. Together with his colleagues of the ManagedServices team as well as profound support form the experts of WhizUs GmbH he is walking down the road to Kubernetes@OEBB.
Peter Panholzer is founder, general manager and principal OT security consultant at Limes Security. He has studied secure information systems at the University of applied Sciences Upper Austria, Campus Hagenberg and received his Master in 2012 for the thesis "Analyzing Secure Software Development Models". He was security consultant at the Siemens CERT in Munich for several years, focusing on security analysis of industrial products and research and development in the field of secure product development processes. He is co-author of the official CMMI addition "Security by Design with CMMI for Development, Version 1.3" and gave several talks about the topic on conferences such as SEPG North America. Currently he is supporting several vendors of automation components in introducing secure development practices in their general product development processes, mainly based on the IEC 62443-4-1.
Lucas v. Stockhausen has over 20 years of experience in IT starting as a Developer and over 10 years' experience in Application Security with a deep knowledge of Static, Dynamic and Interactive Application security Testing as well as RASP technologies. As Product Manager and Senior Application Security Strategist, Lucas has a deep understanding on how Companies implement these solutions including processes like BSIMM and OpenSAMM.
Stefan Jakoubi is head of Professional Services at SBA Research. He has been working in the area of information security for more than 13 years and acts as a security architect for customers and research partners. His main focus lies on balancing the interplay between business requirements and adequate security measures in order to support managers in meeting their due care responsibilities.
Johanna is key researcher at SBA Research and leads the Networks and Critical Infrastructures Security Research Group. Based on Johanna’s interdisciplinary background, her research focuses on security at the intersection of computer science and classical engineering. Recently, she worked on attacks against the power grid and aspects of network security, in particular measuring experiments and IPv6. Among others, she has proven that the IPv6 Privacy Extension as specified in RFC 4941 and implemented in major operating systems is vulnerable.