I am a post-doctoral researcher at the Security and Privacy Research Unit of TU Wien. In 2023 I received my doctoral degree (Dr.-Ing.) with summa cum laude from Saarland University / CISPA.
My research is focused on Web security as well as usable security for developers and is regularly published at top-tier venues (e.g. USENIX Security, ACM CCS, NDSS). You can find my papers on Google Scholar, in the ACM Digital Library, and in DBLP. To keep in touch with developers and security experts from the industry, I also regularly give talks about my research at industry conferences such as OWASP AppSec or RuhrSec.
In addition to that, I have taught other students as a tutor and teaching assistant in several different lectures, supervised topics in different seminars, and advised students in the process of their bachelor or master thesis or in other study-related projects.
During leisure time, I regularly organize and participate in information security competitions called Capture the Flag (CTF) together with saarsec (saarsec|steg1) located at Saarland University.


March 2019 – April 2023

Dr.-Ing. @ Saarland University / CISPA
Thesis: "How to Deploy Security Mechanisms Online (Consistently)"
Grade: Excellent (summa cum laude)
Supervised by: Dr.-Ing. Ben Stock

March 2017 – March 2019

Master Computer Science @ Saarland University
Thesis: "Content Security Policy – A Shapeshifter’s Tale"
Supervised by: Dr.-Ing. Ben Stock

October 2013 – March 2017

Bachelor Cybersecurity @ Saarland University
Thesis: "A Platform to Recruit GitHub Users for Developer Studies"
Supervised by: Prof. Dr. Sascha Fahl

August 2010 – June 2013

High School
Intensive Courses: Computer Science, Electrical Engineering, English
Balthasar Neumann Technical College Trier

August 2004 – June 2010

Secondary School
Erich Kästner Realschule Hermeskeil

Work Experience:

since April 2023

Post-Doctoral Researcher @ TU Wien
Hosted by: Prof. Dr. Matteo Maffei

March 2019 - April 2023

Researcher @ CISPA Helmholtz Center for Information Security
Supervised by: Dr.-Ing. Ben Stock

Summer 2020

Internship @ Hardenize Limited
Supervised by: Ivan Ristić

October 2015 – March 2019

Research Assistant @ CISPA Helmholtz Center for Information Security
Supervised by: Dr.-Ing. Ben Stock (Dec. 2017 – Mar. 2019)
Supervised by: Prof. Dr. Sascha Fahl (Oct. 2015 – Dec. 2017)

Thesis/Project Advisor:
Honey, I Cached our Security Tokens – Re-usage of Security Tokens in the Wild
Research Immersion Lab by L. Trampert (2022)
Note: Resulted in a RAID'23 Publication
Do you Trust your Types? A Qualitative Study on the Usability of Trusted Types to Mitigate Client-Side XSS Vulnerabilities
Bachelor Thesis by P. Baus (2022)
To hash or not to hash: A security assessment of the CSP directive unsafe-hashes
Bachelor Thesis by P. Stolz (2021)
Note: Resulted in a SecWeb'22 Publication
RetroCSP: Retrofitting Web Security on the Client Side by Reinforcing Widespread CSP Support
Bachelor Thesis by M. Wilhelm (2021)
Note: Won CAST Bachelor Thesis Award 2021
Examining the Security of Embedded Browsers
Bachelor Thesis by B. Hollinger (2020)
CIDeR: Automatically Implementing Nonce-Based Content Security Policies
Master Thesis by A. Rassier (2020)
Bytewarden & SaarsecVV Service for the 2022 SaarCTF
Cybersecurity Project by P. Decker & L. Seyler
Program Committee:
> IEEE Security & Privacy 2024 (S&P '24)
> SecWeb Workshop co-located with IEEE S&P 2023 (SecWeb '23)
> SecWeb Workshop co-located with IEEE S&P 2022 (SecWeb '22)
> SecWeb Workshop co-located with IEEE Euro S&P 2021 (SecWeb '21)

Artifact Evaluation Committee:
> Annual Computer Security Applications Conference 2020 (ACSAC '20)

> The Web Conference 2022 (WWW '22)
> Network and Distributed System Security Symposium 2021 (NDSS '21)
> Annual Computer Security Applications Conference 2019 (ACSAC '19)

> Member of the CISPA Hireing Commitee (2022 - 2023)
> Member of the CISPA Corona Warn App Team (2020 - 2021)
> Member of the CISPA Works Coucil (2019 - 2022)