Paper / Feb, 2021

Bug Bounty Program of Last Resort

WEF Paper / Nov, 2020

Cyber Resilience in the Electricity Ecosystem

Paper / Sep, 2019

Analysis and measures to secure the digital supply chain

Swisscom Report / Apr, 2017

Data Breaches & Bug Bounties

Swisscom Report / Sep, 2015

Current Threat Status and its Development

Paper / Aug, 2014

Cyber Crime Threat Intelligence - Turkey

NSS Paper / Mar, 2014

Why Your Data Breach is My Problem

NSS Paper / Dec, 2013

International Vulnerability Purchase Program (IVPP)

NSS Paper / Dec, 2013

The Known Unknowns in Cyber Security

NSS Paper / May, 2013

Cyber Kill Chain vs. Defense Effectiveness

NSS Paper / May, 2013

Correlation Of Detection Failures

NSS Paper / Feb, 2013

Vulnerability Threat Trends 2012

NSS Paper / Dec, 2012

Modeling Exploit Evasions in Layered Security

Secunia Paper / Feb, 2012

Secunia Yearly Report 2011

Secunia Paper / Jun, 2011

How to Secure a Moving Target with Limited Resources

Secunia Paper / Apr, 2011

Cybercriminals do not need administrative users

Paper / Dec, 2010

Familiarity Breeds Contempt

Secunia Paper / Mar, 2010

The Security Exposure Of Software Portfolios

Paper / Mar, 2010

Quantification of deviations from rationality with heavy-tails in human dynamics

Paper / Jun, 2009

Modelling the Security Ecosystem

Paper / May, 2009

Why Silent Updates Boost Security

Paper / Jan, 2009

Firefox (In)Security Update Dynamics Exposed

Dissertation / Jan, 2009

Security Econometrics - The Dynamics of (In)Security

Defcon / Aug, 2008

Understanding The Web Browser Threat

Paper / Jul, 2008

Putting Private And Government CERT's To The Test

Blackhat / Mar, 2008

Exposing Vendors (In)security Performance (0-Day Patch)

Blackhat / Sep, 2006

Large-Scale Vulnerability Analysis

Paper / Jun, 2006

Technology Speed of Civil Jet Engines

Paper / Apr, 2004

DDoS Attacks through Non Delivery Messages