Who's speaking at sec4dev 2022?

Philippe De Ryck

Web Security Expert, Founder of Pragmatic Web Security

Philippe De Ryck helps developers protect companies through better web security. His Ph.D. in web security from KU Leuven lies at the basis of his exceptional knowledge of the security landscape. As the founder of Pragmatic Web Security, Philippe delivers security training and security consulting to companies worldwide. His online course platform allows anyone to learn complex security topics at their own pace. Philippe is a Google Developer Expert and an Auth0 Ambassador for his community contributions on the security of web applications and APIs.

Tanya Janca

Founder of We Hack Purple and author of "Alice and Bob Learn Application Security"

Tanya Janca, also known as SheHacksPurple, is the author of "Alice and Bob Learn Application Security". She is also the founder of We Hack Purple, an online learning academy, community and weekly podcast that revolves around teaching everyone to create secure software. Tanya has been coding and working in IT for over twenty years, won numerous awards, and has been everywhere from startups to public service to tech giants (Microsoft, Adobe, & Nokia). She has worn many hats; startup founder, pentester, CISO, AppSec Engineer, and software developer. She is an award-winning public speaker, active blogger & streamer and has delivered hundreds of talks and trainings on 6 continents. She values diversity, inclusion and kindness, which shines through in her countless initiatives.

Founder: We Hack Purple (Academy, Community and Podcast), WoSEC International (Women of Security), OWASP DevSlop, OWASP Victoria, #CyberMentoringMonday

Martin Grottenthaler

Information Security Consultant at SBA Research

Martin's current main activities are penetration testing of web applications and company networks. His specialist domains are Windows Active Directory and cloud computing infrastructure security.

Rudolf Mayer

Senior researcher at SBA Research

Tanja Šarčević

Researcher at SBA Research

Tanja’s research interests focus on privacy-preserving data analysis, including techniques such as data anonymisation. Her research interests also include data and machine learning models leakage detection by mechanisms such as watermarking and fingerprinting, focusing on the robustness and effects on data utility for fingerprinting schemes.

Thomas Kerbl

Team Lead / Principal Security Consultant at SEC Consult

Thomas has been active in the field of information security for over 20 years. As principal security consultant and team leader at SEC Consult he is currently engaged in projects concerning Secure Software Development, where he incorporates his experience as a former penetration tester and security architect.

Abdessamad Temmar

Independant Application & Product Security Engineer

Abdessamad Temmar is an independant Application & Product Security Engineer, and an active contributor to the OWASP community. Previous speaking engagements include both DevOps and Security/Hacking conferences.

Clint Gibler

Head of Security Research, r2c

Clint Gibler (@clintgibler) is the Head of Security Research for r2c, a startup working on giving security tools directly to developers. Previously, Clint was a Research Director at NCC Group, a global security consulting firm, where he helped companies implement security automation and DevSecOps best practices as well as performed penetration tests for companies ranging from large enterprises to new startups. Clint has previously spoken at conferences including BlackHat USA, AppSec USA/EU/Cali, BSidesSF, and many DevSecCons. Clint holds a Ph.D. in Computer Science from the University of California, Davis. Want to keep up with security research? Check out *tl;dr sec*, Clint’s newsletter that contains summaries of artisanally curated, top talks and useful security links and resources from around the web.

Lukas Weichselbaum

Senior Staff Information Security Engineer, Google

Lukas is a Staff Information Security Engineer at Google with 10+ years of industry experience who frequently speaks at international infosec and developer conferences.

He's passionate about securing Web applications from common Web vulnerabilities and leads the Google-wide CSP adoption effort. Lukas also co-authored the CSP3 W3C specification and is the creator of the CSP Evaluator, a tool for developers and security experts to check if a Content Security Policy serves as a strong mitigation against XSS attacks.

Before joining Google, Lukas worked as a Security Consultant and graduated from Vienna University of Technology in Austria where he researched dynamic analysis of Android malware and founded Andrubis - one of the very first large scale malware analysis platforms for Android applications.

Susan McGregor

Associate Research Scholar, Columbia University’s Data Science Institute

Susan McGregor is an Associate Research Scholar at Columbia University’s Data Science Institute, where she also co-chairs its Center for Data, Media & Society. McGregor’s research is centered on security and privacy issues affecting journalists and media organizations.

Michael Koppmann

Information Security Consultant at SBA Research

Michael’s consulting activities are focused on the technical aspects of information security. He frequently conducts penetration tests on a wide range of computer systems, including:

  • Web application security
  • Mobile app security
  • Infrastructure security
  • Spear phishing attacks
  • Source Code Audits
  • Architecture Reviews

Michael’s research interests include secure software engineering, and online privacy, as well as functional programming, and mobile security. Currently his main activities concentrate on penetration testing.

Michael is also one of the organizers of sec4dev, SBA Research’s security conference and bootcamp for developers.

Ulrich Bayer

Lead of the Software Security Group, SBA Research

Ulrich’s activities lie mainly in penetration testing, secure software development, secure development lifecycle, and security training in these areas.

Mathias Tausig

Information Security Consultant, SBA Research

Mathias’ consulting activities are focusing on web application penetration testing, threat modeling and teaching activities, mainly in the areas of Cloud- and Linux-Security. He is a regular speaker at security- and Open Source focused conferences (e.g. sec4dev, Linuxwochen, RIOT-OS Summit, CCC Easterhegg, Heise DevSec).


Ronke Babajide

Manager Systems Engineering, Fortinet

Ronke Babajide has had a successful career in IT for over 25 years. Over the last 15 years, she has held technical presales positions at well-known companies such as Riverbed, Radware and VMware. Currently, she is a manager for a team of system engineers at the Cybersecurity vendor Fortinet.

She is also the founder and CEO of The Queen Bee Hive (https://thequeenbeehive.net), a platform that helps female experts become more visible and collaborate more successfully. Promoting more diversity in the tech industry and new approaches to work are her passion topics.

Ronke is a speaker, rolemodel and mentor.

She lives in Vienna, Austria with her husband and their 3 Siberian cats. In her free time, she enjoys reading - she leads 2 book clubs - writing, cooking, and spending time with friends and family.

Joseph Katsioloudes

Developer Advocate, GitHub Security Lab

Joseph Katsioloudes and his team at the GitHub Security Lab work at the forefront of Open Source Security and they shape it every day. He chose this career path because from a very young age, security was his own way to provide ethical and dedicated service to organisations and the society as a whole. Joseph holds two engineering degrees, a Bachelors of Engineering in Computing from Imperial College London and a Masters in Cyber Security Engineering from the University of Warwick.

His most recent contributions to the Open Source Security ecosystem include the YouTube series “SecurityBites" where he educates developers how to avoid common software flaws. Previous highlights include a zero-day vulnerability for a Top 10 Cryptocurrency in 2018 as part of his university Thesis and open-source contributions to OSINT & Blockchain.

Philipp Reisinger

Information Security Consultant, SBA Research

Philipp’s consulting activities are focused on the organizational aspects of information security. He is a trainer and besides holding CISSP and CISA certification preparation courses he works as a lecturer at FH St. Pölten. During education Philipp’s research focused on surveys on information security in companies while now he is focusing on the various forms of bias in surveys and statistics in general. He is also doing research in the area of behavioral economics and how these ideas and concepts of heuristics and human bias can be applied to risk management (especially its psychological aspects) and security in general. Besides that, another area of his interests is the broad field of information security economics.

Johannes Bär

Security Analyst / Penetration Tester, Condignum GmbH

Johannes Bär is working as a team lead penetration tester at the security boutique Condignum and as security consultant for multiple years and has touched a good number of different fields in the IT world. For about three years, due to the uprise of container-driven application deployment and the challenges to manage them, he is getting more and more involved in the security of Kubernetes environments and the various software developed on top of it.

“Attack surface of Kubernetes environments”

In this talk you will get an insight on the actual attack surface of an Kubernetes managed container environment. If you have ever wondered what the Kubernetes world looks like from an attackers perspective, you have come to the right place! What changes as soon as the attacker spawns a shell on your applications container in contrast to more classical environments? Will life be harder or easier for an attacker? How and if can he interact with the Kubernetes cluster itself? Whether you are a student, developer, administrator or simply interested in Kubernetes and its various security aspects, come join us and experience the attacker’s view on your favorite container management framework yourself!

Claudio Merloni

Staff Security Researcher, r2c

Claudio is a veteran security expert. After completing his Master in Computer Engineering at the Politecnico di Milano University, he started a now more than 15 years long journey in the security space. Security consultant first, then moving through different roles, from technical sales engineering to security research and product engineering. This has allowed him to experience application security from a variety of perspectives.
He fell in love with static source code analysis early on and spent most of his career working with, and on, the leading static analysis solutions.
He’s now part of the security research team at r2c, the makers of Semgrep, and trying to make the world a safer place, one rule at a time.
In his free time he enjoys doing way too many things. If he had to pick up four: synthesizer nerd, avid runner, beginner Go player, foreign languages enthusiast.

Antje Enzi

Co-Founder UpLeveled GmbH

Antje Enzi is co-founder of the Viennese coding bootcamp UpLeveled, which brings career changers into tech jobs. Diversity, new work and digitalization are closely related topics that are also important to her personally as a founder, mother and mentor.

Jelena Milosevic

Senior Data Scientist at Mondi

Jelena is a Senior Data Scientist at Mondi, supporting digitalization within the industrial manufacturing business. She works on end-to-end design and development of machine learning-based solutions suitable for production environments. Previously, Jelena was a postdoctoral researcher and a project assistant at the Institute of Telecommunications, TU Wien, where she worked on detection and prevention of cyber attacks in network traffic using machine learning methods. Jelena obtained her PhD in 2017 from Faculty of Informatics, USI-Lugano, Switzerland, where her main focus was on the runtime detection of malware for resource-constrained systems using efficient, machine-learning-based methods and secure design of embedded systems

Sebastian Schrittwieser

Senior Researcher at University Vienna

Sebastian is part of the research and teaching staff at the Faculty of Computer Science at University of Vienna.

Elke Oberhuber

Lab Lead Vienna, Dynatrace

Elke is passionate about people and empowerment. As Lab Lead she is driving the vision for the Dynatrace Software Engineering Lab in Vienna into the future. Elke promotes an international, diverse, and dynamic culture. Born and raised in Upper Austria, she brings more than 10 years of leadership and management experience in several industries. Elke is an expert in the areas of innovation, organizational development, and marketing. Before joining Dynatrace she has worked in consulting at Accenture in Hamburg, Germany, accompanying leading companies in their digital transformation journey. Now her mission is to build a strong employer brand in Vienna, scaling the Dynatrace Lab and fostering a welcoming and unique culture.

Robbe Van Roey

Hacker Manager @ Intigriti

PinkDraconian works as a Hacker Manager at Intigriti, a bug bounty platform. Besides that he also runs his own YouTube channel where we learn all kinds of new stuff on anything security related!

Linda Mohamed

Principal Consultant - Head of AWS at EBCONT

"Linda supports companies working with cloud technologies and specializes in IT process optimization and agile methodologies. She started on the path to technology at an early age, graduating from HTL in Pinkafeld (a technical high school). Over the last decade, she has held various positions, from Java software developer through business analyst to product owner, and holds a bachelor's degree in business informatics.

In her spare time, she is passionate about juggling and drawing. She is also a member of the User Group Leader Team for AWS Meetup Vienna, AWS Community Builder for AI/ML, and volunteers on a Funding Advisory Board and for Women in AI."

Martin Gegenleitner

Pre-Sales Consultant, DACH at Thales Cloud Protection & Licensing

Martin Gegenleitner joined Thales in May 2020 as a pre-sales consultant in the DACH region with a focus on Austria. His current priorities are the topics of hardware security modules and access management in the context of hybrid and (multi-)cloud environments.

Martin Gegenleitner studied Secure Information Systems at the University of Applied Sciences Upper Austria, Hagenberg campus, where he completed his master's degree.