How to Think Like a Hacker: A Two-Day Crash Course on Security of Web Applications

A group of young female participants was invited for a web application hacking workshop at the Max Planck Institute for Security and Privacy (MPI-SP) on 11-12 March 2023.

Group photo of the participants

Copyright: CASA

Hacking-Workshop in the seminar room

Copyright: Ruben Gonzalez

Group Work

Copyright: Ruben Gonzalez

Together with NFiTS and RedRocket, the Cluster of Excellence CASA, the MPI-SP and Cube 5 co-hosted a weekend workshop on the topic of web security from March 11 to 12 in Bochum. The workshop, entitled “Creative.Minds - Cyber Security Workshop for Women“, was aimed at young women between the ages of 15 and 25 with an interest in computer science and web technology as well as curiosity about IT security. The creativity of the participants was already tested in advance: They gained a spot in the workshop by solving three challenges as part of a qualification phase. Participants originated from all across Germany, and a few even from Austria.

Identifying and Preventing Risks
The focus of the intensive weekend was on hacking web applications. Therefore, the participants learned how vulnerabilities in web applications arise and how they can be exploited. For this purpose, they slipped into the attacker role themselves and became hackers. At the same time, the aim of the workshop was to introduce the participants to capture-the-flag-like challenges and thus to get them excited about the European Cybersecurity Challenge. In the competition, which will take place in Norway in October, female participants have unfortunately been severely underrepresented so far.

Insights Into Career Paths
In addition to training sessions, various challenges and a team event, the participants also gained insights into different professional perspectives in the field of IT security. Reporting on their careers and roles in IT security were:

The presentations by the Role Models on the various career levels in industry and academia were perceived as particularly valuable by the participants. With the remark "IT Security is everywhere", Veelasha Moonsamy, one of the organizers of the workshop, encouraged the participants to find their very own place in the IT security field. According to Veelasha Moonsamy, the overwhelmingly positive feedback from the participants confirms the need for further workshops of this kind: "We hope to make this an annual event and thus attract even more female talent to Bochum."

Thanks to all the organizers and sponsors of the workshop!

More inspiring role models from IT security research in Bochum can be found in our poster series "Women in IT Security".

General note: In case of using gender-assigning attributes we include all those who consider themselves in this gender regardless of their own biological sex.