We have a variety of “Open Port” events during which renowned cyber security experts will come to ETH to discuss their field's current state with a small group of students.
In cyber security, an “Open Port” is an integral part of internet communication. Similarly, our Open Port events are there to communicate, connect and learn from each other. These events are an excellent opportunity for ETH students to gain an insight into the industry and public services. Additionally, in good ETH fashion, there will be an apero after most of our events. In particular circumstances, Open Ports are held virtually in highly interactive settings to the delight of speakers and students alike.
Dive into the world of web security. Join us for a hands-on session where you'll take turns acting as attackers and security engineers. In the role of a security engineer, you will gain vital skills in identifying and mitigating web threats, while as an attacker you will dissect various strategies to catch up to the defense mechanisms.
All you need to be part of this experience is your laptop equipped with a Firefox or Chrome browser and Internet access. Led by Reto Ischi, Head of Security Product Development, and Alexander Born, Senior Data Scientist at Airlock – a web security product by Ergon Informatik AG, both seasoned experts in cyber defense and machine learning, this workshop is designed to elevate your understanding of web security.
Do you have valuable insights in current cyber security topics and want to share them with a small group of students? We are always looking for cyber security experts who will take a speaker's role at our events. As a speaker you will benefit from an interested and engaged audience.
Get in touch with us! We will be delighted to discuss with you how to bring your cyber experience to ETH.
In our next Open Port, Josh Aas, co-founder of Internet Security Research Group (ISRG) will join us from the US. We will have the chance to discuss the trade-offs associated with various cryptographic certificate lifetimes, which include the impact on revocation and reliability.
Josh will also provide us with a preview of the plans of Let's Encrypt on certificate lifetimes, as well as some thoughts on what post-quantum support could mean.
Since ChatGPT's launch in late 2022, GenAI has garnered a lot of attention and hype, with major tech players trying to introduce it to their product offerings. The cyber security world is no different, with GenAI already being used by cybercriminals and security teams alike.
Take part in an interactive workshop with cyber security and GenAI experts from Eraneos Switzerland and learn how they meet the GenAI challenges and opportunities of the day.
From the Linux kernel to TLS libraries, HTTP servers and core utilities, the Internet depends on code that is not memory safe. ISRG founding director Josh Aas will join us live from the US to talk about why memory safety is one of the most critical security issues on the Internet, the impact that a lack of memory safety has in critical software and what we can do about it. No prior knowledge is required.
Are you curious about how cyber security is handled at Swiss Post? This interactive Open Port will provide you with insights into cyber security at one of Switzerland's biggest companies! Experts - including Marcel Zumbühl, CISO - will discuss cyber security strategy, OT security, Zero Trust and the importance of bug bounty programs at Swiss Post. No prior knowledge is required.
Today, billions are secured by smart contracts, but multi-million-dollar hacks are still too frequent. At this Open Port, ChainSecurity will share their 5+ years of experience in the field, dive deep into the world of smart contract auditing and uncover the hidden risks associated with decentralized finance (DeFi) applications running on the Ethereum blockchain. This focused workshop is designed for students and aspiring professionals who are interested in learning how to protect our financial future.
The workshop will begin with a brief introduction to Solidity, the most popular programming language for smart contracts, and the critical role of auditors in the rapidly evolving DeFi landscape. We will then present a selection of real-world examples of vulnerable smart contracts that have led to significant financial losses or hacks.In the hands-on portion of the workshop, participants will work in teams to identify and analyze vulnerabilities within a set of purposely flawed smart contracts. Each team will be tasked with finding hidden security flaws and suggesting mitigation strategies to protect against potential attacks. To guide the teams, we will provide a step-by-step framework, together with access to the best tools for conducting a thorough smart contract audit.The workshop will conclude with a discussion on the latest security research and trends in the smart contract auditing field. By the end of this session, participants will not only gain a comprehensive understanding of the challenges and opportunities in the world of smart contract auditing, but also be well-prepared to independently uncover vulnerabilities, where top bounty hunters can earn 7-digit rewards, and to excel as professional blockchain security engineers in the industry.