Please find details for all talks here.

Two Days of Trainings (16./17. November)

Workshop 01 Workshop 02 Workshop 03 Workshop 04 Workshop 05 Workshop 06 Workshop 07 Workshop 08
Hacking Modern Desktop Apps: Master the Future of Attack Vectors
Abraham Aranguren & Anirudh Anand (7ASecurity LLLP)
Mobile Network Operations and Security
David Burgess (-)
Advanced Deployment and Architecture for Network Traffic Analysis
Peter Manev, Eric Leblond & Josh Stroschein (Open Information Security Foundation)
Pentesting Industrial Control Systems
Arnaud Soullié (RS formation et conseil)
How to Break and Secure Single Sign-On (OAuth and OpenID Connect)
Karsten Meyer zu Selhausen (Hackmanit GmbH)
Advanced Whiteboard Hacking – aka Hands-on Threat Modeling
Sebastien Deleersnyder (Toreon)
Defending Enterprises
Will Hunt, Owen Shearing (
Mobile Security Testing Guide Hands-On
Sven Schleier (-)

All Trainings cover two days (from 09:30 to 18:30 every day) and include Lunch and two Coffee Breaks.

Two Days of Conference (18./19. November)

Throughout the conference you will get the opportunity of meeting experts at the Hacker's Lounge to discuss security issues and see demonstrations.

Conference, day 1 - Thu, 18 Nov
Left Pirouette Right Pirouette Riding School (ROOTS)
08:00 Registration opens
09:10   Intelligence? Smartness? Emotion? What do We Expect from Future Computing Machinery?
Univ. Prof. Mag. Dr. Gabriele Kotsis (Johannes Kepler University Linz)
10:00 How to Choose your Best API Protection Tool? Comparison of AI Based API Protection Solutions
Vitaly Davidoff (JFrog)
Those Among Us - The Insider Threat facing Organizations
Robert Sell (Trace Labs)
10:50 Coffee Break
11:10 Releasing The Cracken – A Data Driven Approach for Password Generation
Or Safran, Shmuel Amar (Proofpoint)
Building a Cybersecurity Workforce: Challenges for Organizations
Matthieu J. Guitton, PhD, FRAI (Université Laval)
12:00 Running an AppSec Program in an Agile Environment
Mert Coskuner (Amazon)
State Malware: When Cops Play Hackers
Andre Meister (
12:50 Lunch
14:00 Master of Puppets - How to Tamper the Edr?
Daniel Feichter
On Breaking Virtual Shareholder Meetings: How Secure is Corporate Germany?
Andreas Mayer (Heilbronn University of Applied Sciences)
Large-scale Security Analysis Of IoT Firmware
Daniel Nussko (Freelancer)
15:40 Coffee Break
16:00 SSH spoofing attack on FIDO2 Devices in Combination with Agent Forwarding
Manfred Kaiser (Bundesministerium für Landesverteidigung)
Post-quantum Encryption System for 5G
Maksim Iavich (SCSA)
20:00 Speaker's Dinner
Conference, day 2 - Fri, 19 Nov
Left Pirouette Right Pirouette Riding School (ROOTS)
09:00 The Black Box in your Data Center
Philipp Deppenwiese (immune GmbH)
Firmware Surgery: Cutting, Patching and Instrumenting Firmware for Debugging the Undebuggable
Henrik Ferdinand Nölscher (Noelscher Consulting GmbH)
09:50 Hunting for LoLs (a ML Living of the Land Classifier)
Tiberiu Boros, Andrei Cotaie (Adobe)
Real-Time Deep Packet Inspection Intrusion Detection System for Software Defined 5G Networks
Dr. Razvan Bocu (Transilvania University of Brasov, Romania, Department of Mathematics and Computer Science)
10:40 Coffee Break
11:00 Intercepting Mobile App Network Traffic aka “The Squirrel in the Middle”
Sven Schleier (OWASP Project Leader of Mobile Security Testing Guide (MSTG) and Mobile AppSec Verification Standard)
Exploitation with Shell Reverse and Infection with PowerShell using VBS file
Filipi Pires (Hacking Is NOT a Crime Advocate | RedTeam Village | DCG 5511 - Sao Paulo)
11:50 I Will Hide, You Come And Seek - Discovering The Unknown in Known Malwares using Memory Forensics
Shyam Sundar Ramaswami (Senior Research Scientist - Research and Efficacy Team - Cisco)
Assessing and Exploiting ICS
Etizaz Mohsin (Saudi Telecom Company)
12:40 Lunch
14:00 Kubernetes Security - Challenge or Chance?
Marc Nimmerrichter (Certitude Consulting GmbH)
When Ransomware fails
Sreenidhi Ramadurgam (Cisco Talos)
14:50 Information Security Assurance – The Capital C in PDCA
Frank Ackermann (Deutsche Börse AG)
Do You Have a PlugX?
Artem Artemov, Rustam Mirkasymov (Group-IB Europe B.V.)
15:40 Coffee Break
16:00 Web Cache Tunneling
Justin Ohneiser (Booz Allen Hamilton, Inc)
Don't get hacked, get AMiner! Smart log data analytics for incident detection
Florian Skopik, Markus Wurzenberger and Max Landauer (Austrian Institute of Technology (AIT))
16:50 Revenge is Best Served over IOT
Chris Kubecka (Middle East Institute)
How to Protect the Protectors? Musings about Security in Security
Tim Berghoff (G DATA CyberDefense)
18:20 Closing Ceremony
18:30 - .:.
19:00 - T.B.A.