IT-Security

Starting with a private interest in network security I got more and more involved in several ares from VoIP security, vehicle communication security to the broad area of IT security in general. During my work as a freelancer for the IT security provider ERNW GmbH in Heidelberg,  I got the opportunity to attend penetration tests and dive more deeply into the black hat / white hat world. Besides my PhD in Cloud Computing security, I am actively involved in the following IT security activities. Please don't hesitate to contact if you got questions, comments or collaboration ideas.

OWASP Activity

Die Übersetzer der OWASP Top 10 BroschüreI am a member of the Open Web Application Security Project community. You can often find me at the OWASP German Chapter meetings or at OWASP Stammtisch in Stuttgart. I am involved in the following OWASP Projects:

The German Language Project is a new OWASP Project that will provide a foundation, guideance and common terminology for German translations (as well as other German language specific activities) of OWASP documents and parts of the OWASP web site. Furthermore, it will organize, plan and priorize new language projects such as translations.

New Release: In conjunction with the OWASP Day 2011 we released the 1st version of the OWASP Top Ten in German! The OWASP Top Ten represents a broad consensus about what the most critical web application security flaws are. They are available for free download at OWASP.org.


Hack2Improve


Since 2009 I am organizing together with Prof. Dr. Laschinger Hack2Improve, an annual one day hacking workshop at Furtwangen University of Applied Sciences. Professionals from the IT security industry and the security community are coming to Furtwangen to educate students in theoretical and practical sessions about IT security topics, such as: web application security, network security, mobile phone security, OS security and further more. You can find more information and action shot on our Hack2Improve website.


iCTF Activity

Bild: iCTF Team Furtwangen 2010

In 2011 we attended again the 2011 UCSB International Capture The Flag (iCTF) of the University of California, Sata Barbara. The 2011 iCTF was held on Friday, December 2nd, 2011, from 8am to 5pm, PST. It was a very challenging, very well organized event with a high level of expertice in all teams. The competition was won by the team WeOwnYou of seclab, Viena University of Technology. You can find an excellent writeup of their efforts here. Congratualtions, we are looking forward to next year!

In 2010 I built a team of other security interested, nerdy people to attend the 2010 UCSB International Capture The Flag (iCTF) of the University of California, Santa Barbara. It was held on Friday, December 3rd, 2010, from 8am to 5pm, PST. 72 teams (900 students!) from 16 countries competed in a game of hacking, challenge-solving, and state-sponsored warfare. The competition was won by the Plaid Parliament of Pwning from Carnegie Mellon University, lead by prof. David Brumley. Our team, the Schwarzwälder KriptSciddies, finished as 17th. It was a lot of fun and we are looking forward to iCTF 2011!