Brainberg
DevSecRuhr @Vodafone
Software EngineeringMeetupFree

DevSecRuhr @Vodafone

Thu 30 Jul · 15:00
Düsseldorf, 🇩🇪 Germany
< 50 attendees
Vodafone Campus Düsseldorf · Ferdinand-Braun-Platz 1, 40549 Düsseldorf

About this event

Good morning, everyone!

I'm excited to announce a great start to our 2026 DevSecRuhr season. We'll be guests at Vodafone!

Vodafone Corporate Security (RS) hosts us on the 30th July (17:00–22:00 Uhr). For the first time at Vodafone, the DevSecRuhr will be at the Vodafone Campus Düsseldorf (Future Floor). We will have space for approx. 40 participants, so be quick and register yourself a seat.

To gain entrance, we need your real name so we can issue a guest pass in advance. If you did not provide your full real name on Meetup.com, please send us your real name via email after registering for the event on Meetup.com, with the subject line “Registration DevSecRuhr @ Vodafone,” to Tobias.Brenner@eon.com. We will use your information solely for the guest pass and will delete it afterward.

The talks will be awesome!
This is our lineup:

1st Talk - Manfred Verholen:
Cybersecurity strategy, certification, and resilience in a fragmented regulatory landscape

Securing Europe’s Digital Future
Europe’s digital transformation is shaped by a rapidly evolving and increasingly complex cybersecurity landscape. A growing number of regulations and certification frameworks aim to strengthen resilience, protect critical infrastructure, and build trust across the ecosystem. This session outlines how Europe’s cybersecurity strategy translates into practical requirements, focusing on key regulations, certification schemes such as NESAS, and the role of ENISA in driving standardisation. Finally, we address the challenges for mobile network operators in navigating fragmented requirements and show how organisations can move from compliance to sustainable security and resilience.
About Manfred
Manfred Verholen is Manager Corporate Security at Vodafone, focusing on the interface between regulation, technology, and resilient telecommunications infrastructure. He brings extensive experience in the telecommunications industry and has led complex transformation initiatives with national and international stakeholders, driving the secure evolution of mobile core, cloud, and fixed networks. His expertise spans Cyber Security by Design, resilience, 4G/5G core security, telco cloud, and regulatory compliance with European and German frameworks, including the Cybersecurity Act, NIS2, CRA, and CER. He combines strategic governance with deep technical expertise and advocates embedding security, resilience, and compliance early into Europe’s digital infrastructure.

2nd Talk - Christoph Heine: Automating Mobile Security

As mobile networks have become more complex, so do their security problems. Not only do we have to deal with an ever-increasing number of attack surfaces, stricter security requirements from both customers and governments mean that security problems also need to be addressed much faster than in the past. The solution here seems obvious: If we need to go faster, just add more automation to the process. However, this begs some important questions: What security problems can we even address with automation? Where do we apply automation? And how well does it actually work?
In this talk, we will give you a brief tour of the current efforts in automating 5G security testing. We'll take a look at existing tools, assess what they can currently accomplish, and where they already help in practice. As part of that tour, we'll also investigate what the current challenges are, both from the technical side but also by looking at organizational hurdles in existing security processes. Furthermore, we want to briefly highlight what can be done to effectively address these challenges, what needs to be changed, and (most importantly) how you can be part of that change.

About Christoph:
Christoph Heine is an independent security researcher and project manager for the mobile security startup Montsecure. Christoph is best known for designing and building tools with a high degree of automation, particularly in the fields of REST and 5G security. In this context, he currently works with a team at Montsecure to develop SEAL, a dedicated pentesting suite for automated security testing of 5G/6G networks. SEAL is the leading 5G security automation solution in the German market for certifying according to BSI NESAS standards and is actively being used by several large network vendors. In addition to his security related interests, Christoph is also an avid free software advocate and is a frequent collaborator on various open source projects.

3rd talk - Yogeshwar Agnihotri:
The Hidden Risks of AI Agents: How We Manipulated an AI Agent into Sending Us Money

AI today supports decision-making, automates processes, and handles sensitive data. With the rise of agentic AI systems that act autonomously, use tools, and interact with other systems, however, new and often underestimated security risks are emerging.
In this session, we demonstrate how agentic AI systems can be hacked and which vulnerabilities come into play. Using concrete examples, we walk through common attack vectors such as prompt injection, tool abuse, and indirect attacks via external data sources.

In a live demo, we attack an AI agent within a simulated banking application. Step by step, we show how an attack can escalate: starting with the manipulation of the agent, we carry the attack through to critical impacts such as remote code execution and an unauthorized money transfer. At the same time, we show how such attacks arise and which technical controls can help prevent them.
The goal is to build a practical understanding of the real-world risks of modern AI systems and to show organizations how to identify, assess, and reduce the attack surface of their AI applications.

About Yogeshwar:
Yogeshwar Agnihotri, Ethical Hacker & AI Security Specialist @ CLOUDYRION
Yogeshwar Agnihotri is an Ethical Hacker specializing in AI Security at CLOUDYRION. After completing his master's degree in Applied Computer Science with a focus on artificial intelligence at Ruhr University Bochum, he moved deliberately into IT security and specialized in ethical hacking and penetration testing across web applications, APIs, and infrastructure. Today, he combines his AI expertise with hands-on offensive security experience to identify and assess security risks in AI systems. At CLOUDYRION, he develops methods for the structured vulnerability analysis of AI applications and leads AI hacking projects in production environments.

We can't wait to see you at the event.

Best regards,
Tobias

Source: meetup