Research Interests
His core consulting activities comprise:
+ Application Penetration Testing
+ Network Security
+ Technical Audits
+ Integrating Security into the Software Development Cycle
+ Architecture/Design Reviews
+ Trainings
+ Mobile Security
Bio
He received a master’s degree in Business Informatics from the University of Vienna and gained several industry certificates, such as CISSP and CSSLP during his security related work in the last years.
Publications
Top Publications:
-
Retaining consistency for knowledge-based security testing (2014)
- 27th International Conference on Industrial, Engineering & Other Applications of Applied Intelligent Systems
@INPROCEEDINGS{Bernauer2014Retaining,
author = {Andreas Bernauer and Josip Bozic and Dimitris Simos and Severin Winkler and Franz Wotawa},
title = {Retaining consistency for knowledge-based security testing},
booktitle = {27th International Conference on Industrial,
Engineering & Other Applications of Applied Intelligent Systems},
year = {2014},
month = {6},
pdf = {ieaaie2014_kb.pdf},
} -
Attack Pattern-Based Combinatorial Testing with Constraints for Web Security Testing (2015)
- IEEE International Conference on Software Quality, Reliability and Security 2015
@INPROCEEDINGS{Bozic2015Attack,
author = {Josip Bozic and Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler and Franz Wotawa},
title = {Attack Pattern-Based Combinatorial Testing with Constraints for Web Security Testing},
booktitle = {IEEE International Conference on Software Quality,
Reliability and Security 2015},
year = {2015},
month = {8},
pdf = {http://ieeexplore.ieee.org/document/7272934/},
} -
On the applicability of combinatorial testing to web application security testing: A case study (2014)
- 2014 Workshop on Joining AcadeMiA and Industry Contributions to Test Automation and Model-Based Testing
@INPROCEEDINGS{Garn2014applicability,
author = {Bernhard Garn and Ioannis Kapsalis and Dimitris Simos and Severin Winkler},
title = {On the applicability of combinatorial testing to web application security testing: A case study},
booktitle = { 2014 Workshop on Joining AcadeMiA and Industry Contributions to Test Automation and Model-Based Testing},
year = {2014},
month = {7},
pdf = {combinatorial testing 4pentesteval_jamaica_2014.pdf},
} -
An Approach to Penetration Testing via Combinational Designs (2013)
- ASQT 13 Proceedings of the 11th User Conference for Software Quality, Test and Innovation, Austrian Computer Society (OCG)
@INPROCEEDINGS{Simos_An_Approach_to_Penetration_Tes_2013,
author = {Dimitris Simos and Severin Winkler},
title = {An Approach to Penetration Testing via Combinational Designs},
booktitle = {ASQT 13 Proceedings of the 11th User Conference for Software Quality,
Test and Innovation,
Austrian Computer Society (OCG)},
year = {2013},
} -
Collaborative Penetration Testing (2009)
- 9. Internationale Tagung Wirtschaftsinformatik (Kurztitel Wi 2009)
@INPROCEEDINGS{Winkler_CollaborativePenetrationTesting_2009,
author = {Severin Winkler and Christian Proschinger},
authorhotlist = {true},
title = {Collaborative Penetration Testing},
booktitle = {9. Internationale Tagung Wirtschaftsinformatik (Kurztitel Wi 2009)},
year = {2009},
month = {1},
pdf = {Winkler_CollaborativePenetrationTesting_2009.pdf},
} -
Towards a Unified Penetration Testing Taxonomy (2012)
- International Conference on Information Privacy, Security, Risk and Trust (PASSAT 2012)
@INPROCEEDINGS{_Towards_a_Unified_Penetration__2012,
author = {Aleksandar Hudic and Shareeful Islam and Lorenz Zechner and Christian Krieg and Severin Winkler and Richard Hable and {Edgar R.} Weippl},
title = {Towards a Unified Penetration Testing Taxonomy},
booktitle = {International Conference on Information Privacy,
Security,
Risk and Trust (PASSAT 2012)},
year = {2012},
month = {9},
}