Compass Security supervises scientific work

Compass Security volunteers as supervisor for academic work and studies relating to information security.

We support students to link theory with practice, either on a subject of their own choosing or with questions and challenges the security industry is currently facing.

Last year we accompanied two papers of students at the Hochschule für Technik Rapperswil (HSR). The students tackled tricky problems around the online platform Hacking-Lab. Hacking-Lab is used at the HSR as a training platform in the fields of information security.
 

Emil on Steroids

Authors: Sven Defatsch und Patrick Steinhäusl
Examinator: Cyrill Brunschwiler

Hacking-Lab hosts a fictitious webshop (bells shop) which is used for trainings on "Secure Web Applications". The shop has now been ported to a recent technology stack (MEAN). In addition to the classic vulnerabilities, latest issues have also been packed into application. Thus, the new shop features issues around templating, de-serialization, NoSQL, JWT or Web Sockets.

 

Hacking-Lab 2.0

Authors: Janick Engeler, Yanick Gubler
Thesis Advisor: Ivan Bütler

High scalability and worldwide usability - the implementation of these two requirements poses a number of challenges: avoiding performance bottlenecks, enabling multilingual system operation, avoiding additional effort when capturing new challenges and sample solutions, etc.

 

Congratulations both teams on their successful work!

 

The abstracts of these - and more - papers can be found here: https://www.compass-security.com/research/studien/ 

CALENDAR

Swiss Banking Services Forum (SBSF)

The «Swiss Banking Services Forum» is organized by SIX Group and will take place on May 22. There will also be a panel discussion on Cyber Security... Read more

20 years of Compass Security

We would like to propose a toast with you - to the past exciting 20 years and to the many valuable encounters. Read more

Swiss Cyber Hackathon 2019 / Zurich

Simulating Real World Cyber Scenarios – Educational Cyber Competition of Defending your Environment and Attacking your Opponents Read more

ALL DATES

Compass Security Blog

Windows Forensics with Plaso

Present State of Affairs We have been teaching forensics and network incident analysis for quite a while. We have investigated into a reputable number of cases and we are not the only doing so. Hence,... mehr

XSS worm – A creative use of web application vulnerability

In my free time, I like to do some bug bounty hunting. For some reasons, I’ve been doing this almost exclusively for Swisscom. One of the reason is that the scope is very broad and I like to have this... mehr

ZUM BLOG