Floragasse 7 – 5th floor, 1040 Vienna
Subscribe to our Newsletter

SBA Research is a research center for Information Security
funded partly by the national initiative for COMET Competence Centers for Excellent Technologies.

Upcoming Events:

Shecurity & SHE@ISACA
17.10.2025
SHECURITY – Hackerinnen Training
21.10.2025
SBA Security Meetup: From OWASP to App Secrets – Lessons Learned
29.10.2025

Recent News:

Distinguished paper award at ACM CCS 2025

David Schmidt, PhD student at CD-Lab AsTra, Sebastian Schrittwieser, key researcher at SBA Research and head of the CD-Lab, and Edgar Weippl, scientific director at SBA Research and full professor for security & privacy at the University of Vienna, received the Distinguished Paper Award at ACM CCS 2025 (A*-rated) for their work Leaky Apps: Large-scale Analysis of Secrets Distributed in Android and iOS Apps. ... Read More
David Schmidt with Award in hands

SBA Security Advisory – Checkmk Path Traversal (CVE-2025-39664)

Vulnerability Overview Checkmk in versions before 2.4.0p13, 2.3.0p38 and 2.2.0p46, as well as since version 2.1.0b1 is prone to a path traversal vulnerability in the report scheduler. Due to an insufficient validation of a file name input, users can store reports in arbitrary locations on the server. Read More
Logo SBA Security Advisories

Visiting Researcher Strengthens Partnership and Research Focus

SBA Research was delighted to welcome Dr. Fatma Nur Esirci Oral as a visiting researcher during September 2025. During her stay, Dr. Esirci Oral delivered valuable seminars for our students and junior researchers and led vital discussions with our institute’s members. This fruitful exchange culminated in the shaping of a… Read More
Ludwig and Fatma at

SBA @ heise devSec()

Our colleagues Michael Koppmann, senior information security consultat at SBA Research, and Mathias Tausig, information security consultant at SBA Research Research gave two insightful talks on ... Read More
SBA @ heise devSec()

SBA @ LSZ Cyber Crime Forum Graz

Our colleagues Nicolas Petri, Information Security Consultant, and Gerald Sendera, Data Protection Supervisor and Legal Counsel, gave an expert talk on Ich wollte nur Software bauen – und jetzt mach ich CRA-Compliance on September 30 at the LSZ Cyber Crime Forum Graz. ... Read More
Gerald and Niki at the SBA booth

SBA @ LSZ Cyber Crime Forum Salzburg

Our colleagues Stefan Jakoubi, Director of Professional Services, and Mathias Tausig, Senior Consultant, are giving an expert talk on CRA, ASVS & SAMM – 3 Abkürzungen mit Schlagkraft – MFG on September 18, at the LSZ Cyber Crime Forum Salzburg. ... Read More
SBA @ LSZ Cyber Crime Forum Salzburg

New paper in Science Computers and Electronics in Agriculture

Our colleagues Georg Goldenits, and Thomas Neubauer published a new paper on Taxonomy of cybersecurity consideration in agriculture. This paper explores the key cybersecurity threats and reliability risks in Agriculture 4.0 by mapping potential faults and pitfalls to emerging digital technologies in farming. It also discusses countermeasures, legal frameworks,… Read More
elsevier cover

Successful Kick-off for the 1st Shecurity Summer School in Vienna!

From September 19 to 21, around 65 talented and curious women and FINTA* immersed themselves in the exciting world of cybersecurity at the University of Vienna. This continuing education and networking program is unique in Europe and is designed to make it easier to enter and advance in IT security. ... Read More
Successful Kick-off for the 1st Shecurity Summer School in Vienna!

Manuel Leithner at ICTSS 2025

Combinatorial Testing is a highly effective black-box testing method that combines small test sets with strong fault detection capabilities. However, faced with unknown file formats or network protocols, it requires a method to extract a model of possible parameters and values to use in its test cases. At the 37th… Read More
Manuel Leithner at ICTSS 2025