Security

heise devSec 2026

heise devSec is the leading German-language training and networking event for software developers and architects responsible for the security of the software they develop. The conference covers topics such as supply chain security, GenAI and its impact on vulnerabilities and attack techniques, secure software architectures, tools, languages, and legal framew…

Visit the official site
32Speakers
25Sponsors
78On the bill · sessions
46Companies · in total
§I

Speakers

Programmed at heise, in alphabetical order.
Amin Faez
utilacy
Christian Schneider
Freiberufler
Christian Wenz
Christoph Iserlohn
INNOQ
Clemens Hübner
Giesecke+Devrient
dpunkt.verlag
Falko Strenzke
MTG
Felix Schumacher
INNOQ
Flora Schäfer
secuvera
Frank Ully
Corporate Trust
Jan-Philipp Steghöfer
XITASO
Johannes Bär
condignum
Julia Wasserer
Bundesverwaltungsamt
Klaus Rodewig
Vorwerk Elektrowerke
Lorin Lehawany
ERNW Enno Rey Netzwerke
Mario-Leander Reimer
QAware
Martina Kraus
Kraus IT Consulting
Mehmet Kus
OTARIS Interactive Services
Michael Fuchs
inovex
Mirko Richter
mgm security partners
Niklas Mühleis
Heidrich Rechtsanwälte
N. N.
§II

Sponsors

The houses behind the program. Tiers as disclosed.
CycodeGold
SignPathGold
bosch
BWISilber
BWI GmbHSilber
checkmarx
cotech
fhooe
gtb
heidelpay
innoq
INNOQSilber
INOSOFTPlatin
INOSOFT AGPlatin
inovex
iteratec
optimabit
RIGS
rips
searchguard
secodis
Sonatype
synopsys
veracode
WibuSystems
§III

Agenda

Selected from 78 sessions on the bill.
  • 09:00 - 09:15, Dienstag, 22. September

    Eröffnung

  • 09:00 - 9:45, Mittwoch, 23. September

    Cyber Resilience Act & Legacy Code - Warum technische Schulden zum Haftungsrisiko werden

  • 09:00 - 9:45, Mittwoch, 23. September

    LLM-gestützte Code Reviews und Schwachstellensuche: Wirksamkeit und Grenzen

  • 09:00 - 9:45, Mittwoch, 23. September

    Von XZ bis Trivy: Was Supply-Chain-Angriffe über unsere Pipelines verraten

  • 09:15 - 10:00, Dienstag, 22. September

    Keynote [TBA]

  • 10:00 - 10:45, Mittwoch, 23. September

    CRA und IEC 62443-4-1 in der Praxis: Mehr als Threat Modeling und Penetration Testing

  • 10:00 - 10:45, Mittwoch, 23. September

    TBA [Sponsored Talk]

  • 10:00 - 10:45, Mittwoch, 23. September

    Vier grüne Häkchen, trotzdem gehackt: Threat Modeling für agentenbasierte KI

  • 10:30 - 11:15, Dienstag, 22. September

    5 Jahre Application Security in der Praxis – ein Erfahrungsbericht aus der LBBW

Intermission
Part the Second · For the Buyer

What does it mean when 46 companies show up — and 2 bet on three roles at once?

46 companies. two are betting more than once.

The numbers below are derived from the speakers, sponsors, and exhibitors on this page — cross-referenced into one ledger. They are the only thing here that 10times.com cannot tell you.

Who's in the room
2All threespeak · spons · exh
20Sponsoringsponsor only
24Companies Speakingspeaker only

The Triple-Threat

INNOQ·inovex

Speakers by seniority
  • Other roles32100%

Of 32 on the bill · classified by free-text title

Most-represented companies
  1. 01INNOQSp·S2V
  2. 02inovexSp1V
  3. 03BoschSp
  4. 04BWISp·S
  5. 05CheckmarxSp
  6. 06cotechSp
  7. 07Cycode Ltd.Sp·G
  8. 08fhooeSp
  9. 09gtbSp
  10. 10heidelpaySp
  11. 11INOSOFTSp·P
  12. 12iteratec GmbHSp
  13. 13optimabitSp
  14. 14RIGSSp
Sponsors by tier
gold2
8% of 25
platin2
8% of 25
silber3
12% of 25
unspecified18
72% of 25
At peer events but not here

These companies sponsored two or more peer events recently, but aren't on this program. For an organizer, that's a list of warm prospects.

Related events · by shared sponsors