Programme

Opening & Welcome (GERMAN)

News from the Department of Computer Science and Security & Introductory Speech by the Organiser (GERMAN)

Simon Tjoa | Head of Department of Computer Science and Security | UAS St. Pölten

Thomas Brandstetter | Lecturer | UAS St. Pölten

Keynote: "Security Risk Economics: The Value of (Missing) Security"

Éireann Leverett | AIRBUS

Vuln4Casting: Why wait for zero days?

Matilda Rhode & Éireann Leverett| Airbus

Why wait for zero-days when you could predict them in advance? It is possible to predict the volume of CVEs released in the NVD as much as a year in advance. This can be done within 8 percent of the actual value, and different predictive algorithms perform well at different lookahead values. It is also possible to estimate the proportions of that total volume belonging to specific vendors, software, CVSS scores, or vulnerability types. Strategic patch management should become much easier, with this uncertainty reduction.

DevSecBioLawOps and the current State of Information Security

René Pfeiffer | DeepSec

The information technology community changes fast. Life-cycles of code and hardware are short. Sometimes the way we work also changes. Enter the wonderful world of manifestos and trends. Sitting in silos doesn’t work for the modern full stack developer and administrator. This presentation intends to illustrate how changes in infrastructure management and software development affect the field of information security.

Rebels & Resilience - Why It Pays Off to Break Your Patterns! (GERMAN)

Daniel Kroiß und Madita Führer | KPMG Advisory

Security Aspects of HAS: Risks for Austrian Households (GERMAN)

Bettina Pospisil and Albert Treytl | University for Continuing Education Krems

Forgot Password? - DNS vulnerabilities in web applications (GERMAN)

Timo Longin | SEC Consult

What we learned from our RDP honeypot (and why I could have become a Bitcoin owner too) (GERMAN)

Florian Bogner | Bee Security

Perception of Risks and Human (Ir)rationality (GERMAN)

Philipp Reisinger | SBA Research

cat /var/log/news_2021 (GERMAN)

Daniel Haslinger & Christoph Lang-Muhr | UAS St. Pölten

DLT4IT – a New DLT/Blockchain Technology for Existing Applications (GERMAN)

Ernst Piller | UAS St. Pölten

*** The lecture "Practical attacks on Full Disk Encryption" by Hassan Mohamad had to be canceled at short notice due to illness. ***

Cyber Incident Response – Insights into the Daily Work of Incident Responders with EY (GERMAN)

Juliane Gorgasser and Christoph Wiedner | Ernst & Young

Your n-day is my 0-day (GERMAN)

René Freingruber

From the Hacker's Perspective: 5 Short Lectures on Secure Communication (GERMAN)

Aron Molnar | securityguide.me

Utilman is Back — Bypassing BitLocker and Windows Logon with DMA (live demo) (GERMAN)

Martin Grottenthaler | SBA Research

Recon for Bug Bounty Hunters and Red Teams (GERMAN)

David Wind | slashsec

Status Quo: IT Security Pitfalls for Austrian Companies (GERMAN)

Marco Dermutz und Philipp Allmer | KapschBusinessCom

Workshop: Linux Exploit Development

Daniel Mrskos

Limited number of participants. Registration on site.