Meet the Speakers

Ana Oprea

Ana Oprea is vigilant about Google’s security and site reliability engineering - a role that follows naturally from her previous experience as a savvy software developer, technical consultant, and network admin. After working and studying in Germany, France, and Romania, she humbly accounts for different cultural approaches when facing any challenge


Mario Heiderich

Revered web congregation, hear ye! Hear ye! We bring tidings of a truly divine keynote by none other than the cyber-high-priest himself, Dr. Mario Heiderich.

This gallant guardian of the Gateway, this cyber-savant of the Server, this JavaScript Jonah, is here to share his sermons from the virtual pulpit.

Yet, fear not, dear congregation, for despite his epic battles in the sacred crypts of XSS, Dr. Heiderich possesses the humor of a well-timed 404 error and the wit sharper than a two-edged encryption key. His homilies are as entertaining as a cat video, yet as enlightening as the shining light of your screen at 2 a.m.



Alexander is a Principal Forensic Consultant at Truesec where he focuses on incident response, threat intelligence, and security research. Alexander spends most of his time providing incident response to companies that have suffered from a cyber attack. He has investigated many high profile cases, including nation state-backed attacks and ransomware against global organizations. Alexander also performs offensive and forensic research, and is responsible for developing Truesec’s forensic capabilities.


Ali Yazdani

Hello, I’m Ali, a Security Engineer with over 10 years of experience in the security industry. I am a Security Engineer with an Application Security background. Beginning as a Penetration Tester, I gained insights into the offensive side of application security. I progressed to help organizations implement security solutions and cultivate a strong DevSecOps culture. Today, my passion lies in assisting businesses to ensure their product’s security posture is robust and effective.

As an OWASP Foundation Researcher, I contribute to the OWASP MSTG (Mobile Security Testing Guide) project as a project contributor and lead the OWASP DevSecOps guideline project. I am passionate about sharing my knowledge and experience with the security community to promote best practices and enhance security awareness.


Andronikos Kyriakou

Andronikos is the Technical Consulting Lead at Whalebone, a digital life protection company. In the past four years, he has worked closely with more than two dozen EMEA Telecom Operators to design, implement and launch consumer-focused DNS-based Cybersecurity, and Identity Protection solutions. Prior to joining Whalebone, Andronikos was a member of SCYTALE Group and presented his research on Automated Deployment of Honeypots at BSides Athens 2018.


Artem Artemov

16 years in computer forensics. Former policeman. Conducted high-profile incident responses and investigations on Anunak/Carbanak, Buhtrap, Lurk, Cobalt, Fin7, and other groups worldwide. 100+ trainings and workshops for universities, law enforcement, and commercial companies


Cansu Topukçu

Computer engineer with 4+ years of hands-on cyber security experience in Network and Web Application Security fields, with additional background in GNU/Linux administration, Algorithm Development, Technical Documentation. SOC Engineer at Cloudflare


Claudia Ully

Claudia Ully is part of the pentesting team at NVISO and passionate about raising awareness and enthusiasm for cyber security.​

​Her main area of expertise are web and mobile application security. Apart from spotting vulnerabilities in applications, she enjoys helping and training developers and IT staff to better understand and prevent security issues. She loves coming up with creative ways of making learning more fun and is curious to always learn new things herself.​


Daniel Fall

Daniel Fall is a Managing Partner at difesa with a focus on compliance and risk management in the context of information security.


Daniel Feichter

Daniel Feichter is 37 years old, from Austria, and known on Twitter and elsewhere under the pseudonym VirtualAllocEx. Daniel originally comes from a background in electronics and communications engineering and started as a junior penetration tester in 2018. With ethical hacking, Daniel found his purpose and can’t imagine doing anything else since. At the end of 2021, Daniel decided to start his own company called RedOps ( (formerly Infosec Tirol) to live out his research spirit and focus even more on his main area of interest. Daniel’s focus is on everything related to malware development, antivirus, endpoint protection, endpoint detection and response, and Windows internals. Daniel conducts ongoing research in these areas and regularly shares his findings through conference presentations, blog posts and workshops. Daniel has presented his research on endpoint detection and response, malware development, etc. at conferences such as DEF CON 30 and DEF CON 31 Las Vegas, Sans Hackfest 2022 in Arlington, etc. Besides IT security, his greatest passion is teaching other infosec professionals around the world.


Daniel Schwendner

Daniel Schwendner is a DevOps Engineer with a strong passion for Cyber Security. With a background in mobile application security and hardware security, he participates in bug bounty hunting and shares his security knowledge online.


Demian Kellermann

Demian has been working at Siemens CERT for 6 years as an incident responder and digital forensics analyst. For the past years, he has also taken on the role as lead engineer of the team’s efforts to automate and enhance the analysis processes.

In the past, he has also worked on digital forensics cases for Germany’s law enforcement agencies.



N00b learning to hack.


Dr. Jan Van den Herrewegen

Dr. Jan Van den Herrewegen has been researching (along with the inevitable cursing on) the security of Electronic Control Units since 2016. He defended his PhD thesis “Automotive Firmware Extraction and Analysis Techniques” at the University of Birmingham in February 2021. Since then he has stayed involved in the goings of the automotive world and reverse engineering through EmberCrypt, his professional vessel. Going from more research focused during his PhD to tackling more practical challenges the past years, he is eager to share what he’s learned on what to do (and especially not do) with an unknown ECU.


Jasmin Mair

Jasmin is an experienced application security professional and Global Product Security Manager at Leica Microsystems. She gained extensive experience in organizing and implementing secure development programs, DevSecOps, and secure SDLC across different clients while working as a consultant. Her passion is to build bridges between cross-functional teams and finding new ways to improve collaboration. She likes working with people and technology, this has been the constant in her professional career and education.


Justin Varner

I’m a passionate and seasoned security professional with over 17 years of experience in the industry across a variety of security domains and disciplines.

My career started as a cryptographer at NASA working on the secure messaging system used by the International Space Station. During a focused and driven career, I’ve had the opportunity to work across a multitude of different industries and roles ranging from security architecture to offensive security to DevSecOps and everything in between.

My most recent endeavors have been focused on helping others improve their ability to rapidly detect breaches and generally bolster their overall security posture with simple and pragmatic means and methods.

I embrace any opportunity to teach fundamental security concepts to those who need help but have no idea where to look, and I pride myself on being able to break down and articulate complex topics in a fun, interesting, and engaging manner that appeals to people from all backgrounds.


Klaus-E. Klingner

Klaus-E. Klingner is an accomplished information technology professional with expertise in web application development, IT security, and project leadership. With a career spanning over two decades, Klaus-E. Klingner has made significant contributions to renowned organizations such as Allianz and Brenntag.

Starting his journey in 1999 at Dresdner Bank, he quickly established himself as a pioneering web application developer. Following the acquisition of Dresdner Bank by Allianz in 2004, Klaus-E. Klingner seamlessly transitioned into his role within the organization. He played a key role in introducing UC4 and contributed to the success of the Lotus Notes Team. He later assumed the position of Divisional Security Officer for Digital Interaction, showcasing his passion for IT security.

Klaus-E. Klingner is a certified Web Application Penetration Tester, ISO27001 Implementer, and Data Privacy Specialist. In 2022, he built the threat prevention and management team at Brenntag, further solidifying his expertise in the field. Currently, he serves as the Information Security Officer at M.Asam GmbH.


Leonhard Kurthen


Mackenzie Jackson

Mackenzie is a developer advocate with a passion for DevOps and code security. As the co-founder and former CTO of a health tech startup, he learned first-hand how critical it is to build secure applications with robust developer operations. Today as a Developer Advocate at GitGuardian, Mackenzie is able to share his passion for code security with developers and works closely with research teams to show how malicious actors discover and exploit vulnerabilities in code.


Maximilian Haselberger

Security Consultant in Berlin, specialized in OT-Security and OSINT.


Michael Helwig

I am security consultant and founder of secureIO GmbH, a consulting company that focuses on building application security programs and consulting clients from different industries on secure software development, GRC and Data Protection. I am interested in DevSecOps, secure development, security testing, exploiting, vulnerability management processes and developing product security programs in organizations.


Michael Wager

IT Security Consultant with 10+ years of experience in software engineering. In love with all things JavaScript, since 2009.

More info at


Morton Swimmer


Nicklas Keijser

Nicklas is a Threat Research Analyst, a role that involves much reverse engineering and looking into all things malware. Nicklas is also a subject matter expert in industrial control systems and anything related to its security. He started his career programming PLCs, SCADA systems, and almost anything else possible within the industry. Before joining Truesec, Nicklas worked at the Swedish National CERT in the Swedish Civil Contingencies Agency.


Oleksandr Kazymyrov

Oleksandr, an Offensive Security Manager at Storebrand, brings over 15 years of extensive experience in information security to his role. With a background in cryptography and holding a PhD in the field, he possesses deep expertise and knowledge in securing digital systems and data. In his current position, Oleksandr is entrusted with the responsibility of managing and strengthening offensive security initiatives at Storebrand. Through his leadership and expertise, he has significantly contributed to enhancing Storebrand’s security posture and providing a comprehensive understanding of the organization’s corporate risks and vulnerabilities.


Paul Zenker

I am a Penetration Tester and Red Team Operator specializing in the fields of OSINT, recon, threat intelligence and web pentesting. In many of my engagements I have coded automated solutions for different requirements.


Pieter De Cremer

Pieter De Cremer (@0xDC0DE) is a Senior Security Researcher at Semgrep, a startup working on open source static analysis tools that fit the modern developer workflow. Previously Pieter obtained his PhD doing research for the company Secure Code Warrior in cooperation with Ghent University. Pieter designed, implemented, and evaluated improvements to both training and tools provided by this company. Pieter hosts a youtube channel where he creates Semgrep tutorials as well as other security research content ( and has previously spoken at conferences such as OWASP, BruCON, BSides, and DEF CON. In his spare time, Pieter enjoys hitting the security conference circuit to engage with other enthusiasts around the world, his afternoon coffee ritual, and a few rounds of Apex Legends.


Samuel Kavaler

Samuel is a SOC Team Manager at Ontinue, where he leads EMEA team of Analysts providing MDR service for Ontinue’s customers. Samuel has 6 years of experience working in different Security Operation Centres as Analyst and Engineer. He loves all things related to SOC with main interests in SecOps, Threat Hunting and DFIR.


Sebastian Gebhard

Sebastian is a principal security consultant at Corporate Trust. In his role he consults and assists companies in incident response when they experience a cyber attack. He has 8 years in experience in IT-Security and 18 years experience in IT with a background in Electrical Engineering.


Sebastien Leger

Sebastien is a security researcher focusing on embedded devices and hardware security.


Tayla Sellschop

Hi I’m Tayla !! I’m a junior cyber security analyst with a passion for cryptography and forensics. I have a background in law and I’ve lived in China for years prior to getting into cyber security. I believe that the right to privacy and information is fundamental. I ultimately got into cyber security because I want to help people and make a positive impact in the world


Tomas Vogel

Tomas Vogel is a security enthusiast with experience from both public and private sector, interested in uncovering the How’s and Why’s of ever evolving cyber threats, but also with legal aspects of security.

Currently working as Threat Intelligence analyst at Whalebone, researching emerging threats and developing systems for detection of malicious domains for protective DNS solution. Before joining Whalebone, Tomas worked as a Security analyst and Incident responder at GovCERT.CZ of National Cyber and Information Security Agency, dealing with incidents at government entities and critical infrastructure systems.