What we’re about
SBA Research is a research and consulting center (COMET competence center) for Information Security based in Vienna, and calls itself a “Home of Nerds”. We thus have started hosting Meetups spotlighting all aspects of Security in 2018. By doing so we intend to establish and foster a community of people interested in IT & Information Security and related areas. As soon as things return to normal, we very much look forward to welcoming you to beer, snacks and lively discussions among likeminded on-site. Since we want to give you the chance to join from wherever you are, we will however continue to live stream all of our MeetUps in the future as well.
Our Security Meetup Group is part of the SBA Academy. Check out our Website, SBA Research offers a wide range of ways to transfer knowledge, ranging from freely available talks to specialized on-site trainings.
You missed one of our Meetups? Visit our YouTube channel for directly applicable security knowledge: https://www.youtube.com/c/SBAResearch-IT-Se...;
SBA Research:
Within a network of more than 70 companies, 15 Austrian and international universities and research institutions, and many additional international research partners we jointly work on research challenges ranging from organizational to technical security to strengthen Europe’s Cybersecurity capabilities.
Upcoming events (1)
See all- Secure Coding with Extra SLSA: A Secure & Spicy take, on Software Supply ChainsSBA Research, Wien
This event is organized as an on-site event only.
Secure Coding with Extra SLSA:
A Secure & Spicy take, on Software Supply Chains1. Talk: "Software Security and the Cyber Resilience Act (EU Regulation for Digital Products)"
By: Nicolas Petri (SBA Research)2. Talk: "SLSA: The taco dip for Software Supply Chain Security""
By: Dimitrij Klesev (Whizus) & Julian Zhuang (Whizus)3. Talk: "Securing the Software Supply Chain: Practical Strategies"
By: Daniel Liszka (Chainloop)Speaker & Details:
Dimitrji Klesev (Tech Lead Whizus)
Julian Zhuang (DevOps Consultant Whizus)
Daniel Liszka (Chainloop)
Nicolas Petri (SBA Research)
Talk language: English
On-site event only!: Floragasse 7, 1040 Vienna (5. floor)
Further information will be announced soon!Agenda
*********
17:55: Gathering
18:10: Talk: "Software Security and the Cyber Resilience Act (EU Regulation for Digital Products)"
18:40: Talk:"SLSA: The taco dip for Software Supply Chain Security"
19:00: Break & Snacks
19:15: Talk: "Securing the Software Supply Chain: Practical Strategies"
19:45: Food, Drinks & Get togetherLooking forward to seeing you there!
Picture source: Generated with AI (DALL·E)Talks & Details:
"Software Security and the Cyber Resilience Act (EU Regulation for Digital Products)
"Shift left" is more than a buzzword — it’s key to aligning security with the software development lifecycle (SDLC). But while developers often see it as overhead, decision-makers may underestimate its value. With new regulations like NIS2 and the Cyber Resilience Act (CRA), structured secure development is no longer optional — it’s mandatory.
"SLSA: The taco dip for Software Supply Chain Security"
With software supply chain attacks on the rise, it's more important than ever to talk about security in today's software ecosystem. In this talk, Julian, a DevOps Engineer from WhizUs, will explain how to improve security in supply chain processes by introducing SLSA, an open-source framework for software supply chain security which helps organizations to enable trust and transparency and protect against tampering in development, build and deployment processes."
"Securing the Software Supply Chain: Practical Strategies"
Drawing from real-world implementations at major enterprises, this talk will guide you through integrating compliance and security controls into your Software Development Lifecycle (SDLC) using open-source tools like Chainloop. Learn how to build an evidence store for your software supply chain, instrument your CI/CD pipelines, and establish effective quality and control gates. We'll show you how to operationalize Software Bills of Materials (SBOMs) and Vulnerability Exploitability eXchange (VEX) files to securely deploy software to production and beyond.
