<!DOCTYPE html> <html lang="en-US"> <head> <meta name="generator" content="Hugo 0.74.2" /> <meta charset="utf-8" /> <meta http-equiv="X-UA-Compatible" content="IE=edge"><title>Martin Plattner&nbsp;– Information Security Consultant in Innsbruck, AT</title><link rel="apple-touch-icon" sizes="180x180" href=https://mplattner.at/apple-touch-icon.png> <link rel="icon" type="image/png" sizes="32x32" href=https://mplattner.at/favicon-32x32.png> <link rel="icon" type="image/png" sizes="16x16" href=https://mplattner.at/favicon-16x16.png> <link rel="manifest" href=https://mplattner.at/site.webmanifest> <link rel="mask-icon" href=https://mplattner.at/safari-pinned-tab.svg color="#5bbad5"> <meta name="msapplication-TileColor" content="#da532c"> <meta name="theme-color" content="#ffffff"> <meta name="description" content="My name is Martin Plattner. I am an information security professional, software engineer, and consultant based in Innsbruck, Austria."> <meta name="viewport" content="width=device-width, initial-scale=1"> <link rel="stylesheet" href="https://mplattner.at/css/all.min.14803dff5ba5845d9be0945ff98ee694e1865698fec69d438fff0fbe01b5d3f8.css" integrity="sha256-FIA9/1ulhF2b4JRf&#43;Y7mlOGGVpj&#43;xp1Dj/8PvgG10/g=" media="screen"> <style> a, a:hover { color: #a00; } section h2 .anchor, section ul .item-title .anchor { color: #ccc; } </style> <link rel="stylesheet" href="https://mplattner.at/site.css"> </head> <body> <div class="container wrapper" id="top"> <div class="header"> <a href="https://mplattner.at"><img src=https://mplattner.at/martin-plattner.jpg class="profile-image" alt="Martin Plattner"></a> <h1 class="site-title">Martin Plattner</h1> <div class="affiliation"><ul class="flat"> <li class="position">Lead Cyber Security Consultant<span class="affiliation-at">@</span><a href="https://www.axians.at/" class="organization">Axians ICT Austria GmbH</a></li> </ul><ul class="flat"> <li class="position">Freelance Consultant &amp; Software Engineer<span class="affiliation-at">@</span><a href="/" class="organization">mplattner.at</a></li> </ul></div> <ul class="social-links flat"><li><a href="https://linkedin.com/in/martinplattnr/" title="LinkedIn" target="_blank"><i class="fab fa-linkedin"></i></a></li><li><a href="https://github.com/mplattner" title="GitHub" target="_blank"><i class="fab fa-github"></i></a></li><li><a href="https://twitter.com/martinplattnr" title="Twitter" target="_blank"><i class="fab fa-twitter"></i></a></li><li><a href="https://stackoverflow.com/users/2026651/mplattner" title="StackOverflow" target="_blank"><i class="fab fa-stack-overflow"></i></a></li><li><a href="mailto:martin@mplattner.at" title="E-Mail" target="_blank"><i class="far fa-envelope"></i></a></li></ul> <nav class="nav main"> <ul class="flat"> <li><a href="/#services">Services</a></li> <li><span class="separator"> | </span><a href="/#freelance-works">Freelance Works</a></li> <li><span class="separator"> | </span><a href="/#academic-works">Academic Works</a></li> <li><span class="separator"> | </span><a href="/#talks">Talks</a></li> </ul> </nav> <hr> </div> <section id="about-me" class="about-me"> <h2 class="sr-only"><a href="#about-me" class="anchor">#</a> About me</h2> <p> Hi. My name is Martin Plattner. I am an information security professional, software engineer, and consultant based in <a href="https://en.wikipedia.org/wiki/Innsbruck">Innsbruck, Austria</a>. I thrive to work at the intersection of {security, data, people} and develop efficient solutions in this area. I&rsquo;m passionate about learning new things and teaching them to others. </p><p> In my role as lead cyber security consultant at <a href="https://www.axians.at/">Axians ICT Austria</a> I am responsible for developing and executing our <a href="https://www.axians.at/unser-portfolio/cyber-security/">security consulting portfolio</a>, which includes services such as auditing and hardening of large-scale IT infrastructures, simulated phishing, incident response, and other services. I also coordinate our international pentesting and audit team within the Axians Group. </p><p> I run a freelance consulting and software engineering business since 2011, where I focus on information security consulting and the creation of custom applications that efficiently solve business problems. I have successfully worked with 70+ clients throughout my career and always aim for close cooperation to deliver high-quality results. More about my <a href="#services">services</a> and a selection of <a href="#freelance-works">previous projects</a> can be found below. </p><p> I studied <a href="https://www.uibk.ac.at/studium/angebot/ma-informatik/index.html.en">Computer Science</a> with a focus on information security at the Universities of <a href="https://www.uibk.ac.at/">Innsbruck</a>, <a href="https://informatik.univie.ac.at/en/">Vienna</a>, and <a href="https://www.su.se/department-of-computer-and-systems-sciences/">Stockholm</a>. I was working as project research staff in the <a href="https://informationsecurity.uibk.ac.at/">Security and Privacy Lab</a> of <a href="https://informationsecurity.uibk.ac.at/people/rainer-boehme/">Rainer Böhme</a>, where I studied cross-blockchain data analysis using <a href="https://github.com/citp/BlockSci">BlockSci</a>. I received two awards for my <a href="#academic-works">master thesis</a> and <a href="#academic-works">published</a> my novel address clustering technique at the 29th USENIX Security Symposium 2020. </p><p> I was a <a href="https://summerofcode.withgoogle.com/">Google Summer of Code (GSoC)</a> participant in summer 2020. I worked for the security research organization <a href="https://www.honeynet.org/">The Honeynet Project</a> and added new features to the network analysis tool <a href="https://mitmproxy.org/">mitmproxy</a>. </p><p> If you want to get in touch don&rsquo;t hesitate to send me a <a href="mailto:martin@mplattner.at">mail</a>. </p><p> <strong>Interests.</strong> infosec, software development, data analysis, homelabbing, automation, graphic design </p><ul class="section-list"> </ul></section><section id="services" class="services"> <h2 class=""><a href="#services" class="anchor">#</a> Services</h2> <ul class="section-list"> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Information Security </div> <span class="item-links"> </span> <div class="item-description"> Cyber security has been my passion for many years. I have in-depth expertise of system-, software-, and network-security, digital forensics, cryptography, and many other security-related areas. I can audit and secure your IT infrastructure and applications, train your employees, and consult you to professionally manage risks and challenges related to cyber security. </div> <div class="item-metadata"> Services: auditing / pentesting, hardening, phishing campaigns, digital forensics &amp; incident response, PAM, and more </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Software Engineering </div> <span class="item-links"> </span> <div class="item-description"> I create modern software that efficiently solves the given problem efficiently and in a user-friendly way. I am most experienced in creating custom web applications. My approach covers all phases of an application: understanding the idea and its requirements, creation of a prototype, development, testing, deployment, and the following maintenance. My security background ensures that the result is secure and reliable. </div> <div class="item-metadata"> Tech: PHP, Python, PowerShell, C++, APIs, DevOps: Docker, CI/CD, Terraform, Linux &amp; Windows; Cloud: Amazon AWS, Azure </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Data Analysis </div> <span class="item-links"> </span> <div class="item-description"> I have deep knowledge of information retrieval (especially web crawling), databases (SQL, NoSQL, in-memory), and data warehouse systems. My preferred platform for analyses is Python with its SciPy stack and I like to use Tableau for data visalization. I am also experienced with blockchain data analysis. </div> <div class="item-metadata"> Tech: Python (Pandas, NumPy, Matplotlib, Scrapy), Tableau, Databases (SQL and NoSQL), ChatGPT </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> IT Consulting </div> <span class="item-links"> </span> <div class="item-description"> I offer consulting on a wide range of IT-related topics such as governance, infrastructure, and security. I enjoy identifying inefficiencies and optimizing the underlying business processes. This often includes finding appropriate software for the problem, or creating a custom application if no solution can be found. </div> <div class="item-metadata"> Services: process optimization, automation, integration of systems (APIs), project and knowledge management </div> </li> </ul></section><section id="freelance-works" class="freelance-works"> <h2 class=""><a href="#freelance-works" class="anchor">#</a> Selected Freelance Works</h2> <p> <em>Please note that most of my security-related projects are subject to an NDA and can not be shown here.</em> </p><ul class="section-list"> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Web Application: Panel Survey Management </div> <span class="item-links"> </span> <div class="item-description"> Application to manage consumer panels for market research. The application uses and integrates Limesurvey, a professional survey software. The backend allows to manage panels, participants, surveys, user credits, and related data. The app is highly customizable and supports full internationalization. Continuous integration (CI) is used to automatically deploy the application to multiple environments. </div> <div class="item-metadata"> URL: non-public | <span class="item-gallery"> Screenshots: <span class="item-gallery-images"> <a class="item-gallery-image gallery-panel-survey-management" href="/images/screenshot_survey_manager_dashboard.png" title="Panel Survey Management: Dashboard">Dashboard</a>, <a class="item-gallery-image gallery-panel-survey-management" href="/images/screenshot_survey_manager_panels.png" title="Panel Survey Management: Panel Index">Panel Index</a>, <a class="item-gallery-image gallery-panel-survey-management" href="/images/screenshot_survey_manager_survey_details.png" title="Panel Survey Management: Survey Details">Survey Details</a></span> </span> <script> document.addEventListener("DOMContentLoaded", function() { new SimpleLightbox({elements: 'a.item-gallery-image.gallery-panel-survey-management'}); }); </script> </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Web Application: Business Run Event Management </div> <span class="item-links"> </span> <div class="item-description"> Application that supports all phases of running events. Key features include participant management, an online shop with custom invoicing and payment processing, a Dropbox-integrated document management system, a barcode-based starter packet pick-up interface, and sending timekeeping results to participant&rsquo;s phones. A wiki system is used to onboard and train on-site staff. </div> <div class="item-metadata"> URL: non-public | <span class="item-gallery"> Screenshot: <span class="item-gallery-images"> <a class="item-gallery-image gallery-business-run-manager" href="/images/screenshot_business_run_manager_barcode_system.png" title="Business Run Event Management: On-Site Application">On-Site Application</a></span> </span> <script> document.addEventListener("DOMContentLoaded", function() { new SimpleLightbox({elements: 'a.item-gallery-image.gallery-business-run-manager'}); }); </script> </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Web Application: Workforce Scheduling </div> <span class="item-links"> </span> <div class="item-description"> Application to schedule staff in a large Austrian hospital. The application is highly customizable (rooms, positions, required staff), provides schedule versioning, and implements role-based access control. The absence management module allows users to request time off and track their absences. </div> <div class="item-metadata"> URL: non-public | <span class="item-gallery"> Screenshot: <span class="item-gallery-images"> <a class="item-gallery-image gallery-workforce-scheduling" href="/images/screenshot_workforce_scheduling.png" title="Workforce Scheduling: Calendar View">Calendar View</a></span> </span> <script> document.addEventListener("DOMContentLoaded", function() { new SimpleLightbox({elements: 'a.item-gallery-image.gallery-workforce-scheduling'}); }); </script> </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Website: Physiotherapist Carmen Veider </div> <span class="item-links"> </span> <div class="item-description"> Wordpress-based website for a local physiotherapist including customized icons and SEO. </div> <div class="item-metadata"> URL: <a href="http://physio-veider.at">http://physio-veider.at</a> | <span class="item-gallery"> Screenshot: <span class="item-gallery-images"> <a class="item-gallery-image gallery-physio-veider" href="/images/screenshot_physio_veider.jpg" title="Physiotherapist Carmen Veider: Homepage">Homepage</a></span> </span> <script> document.addEventListener("DOMContentLoaded", function() { new SimpleLightbox({elements: 'a.item-gallery-image.gallery-physio-veider'}); }); </script> </div> </li> </ul></section><section id="academic-works" class="academic-works"> <h2 class=""><a href="#academic-works" class="anchor">#</a> Academic Works</h2> <ul class="section-list"> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Conference paper: BlockSci – Design and applications of a blockchain analysis platform </div> <span class="item-links"> <span class="item-link"> <a href="/publications/sec20-kalodner.pdf">[PDF]</a> </span> <span class="item-link"> <a href="https://www.usenix.org/conference/usenixsecurity20/presentation/kalodner">[Publisher]</a> </span> <span class="item-link"> <a href="https://www.usenix.org/conference/usenixsecurity20/presentation/kalodner#node-paper-full-group-open-access-content">[Video]</a> </span> <span class="item-link"> <a href="https://www.usenix.org/system/files/sec20_slides_kalodner.pdf">[Slides]</a> </span> </span> <div class="item-description"> We present <a href="https://github.com/citp/BlockSci">BlockSci</a>, an open-source software platform for blockchain analysis. BlockSci is versatile in its support for different blockchains and analysis tasks. It incorporates an in-memory, analytical database, making it orders of magnitudes faster than using general-purpose graph databases. We describe BlockSci’s design and present four analyses that illustrate its capabilities, shedding light on the security, privacy, and economics of cryptocurrencies. </div> <div class="item-metadata"> H. Kalodner, M. Möser, K. Lee, S. Goldfeder, <em>M. Plattner</em>, A. Chator, A. Narayanan | 29th USENIX Security Symposium 2020 </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Master Thesis: Generalizing BlockSci to Cross-Chain Analyses of Forked Ledgers </div> <span class="item-links"> <span class="item-link"> <a href="/publications/master_thesis_PLATTNER_Generalizing_BlockSci_to_Cross-Chain_Analyses_of_Forked_Ledgers.pdf">[PDF]</a> </span> <span class="item-link"> <a href="https://www.youtube.com/watch?v=kdDpqBiBo7k">[Video]</a> </span> <span class="item-link"> <a href="/slides/2020-12-02%20-%20Inday%20Students%20Master%20Thesis.pdf">[Slides]</a> </span> <span class="item-link"> <a href="https://github.com/mplattner/BlockSci/tree/feature/fork-support">[Code]</a> </span> </span> <div class="item-description"> <a href="https://github.com/citp/BlockSci">BlockSci</a> is a high-performance in-memory blockchain analysis platform developed at Princeton University. I added a multi-chain mode to BlockSci that improves the support for forked ledgers like Bitcoin Cash. This new mode enables novel cross-chain analyses that include data from multiple chains. I implemented cross-chain address clustering which improves the established single-chain approach to cluster addresses that are owned by the same users. My thesis received the <a href="https://www.uibk.ac.at/informatik/news/artikel/inday-students-2020.html">“Best Master Thesis of the Institute 2020“</a> award from the University of Innsbruck and the <a href="https://blog.ocg.at/2022/07/ocg-forderpreis-2022-fur-drei-herausragende-wissenschaftliche-abschlussarbeiten/">“OCG Incentive Award 2022“</a> from the Austrian Computer Society (OCG). </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | University of Innsbruck | June 2020 </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Bachelor Thesis: Evaluation of Responsive Images Solutions for the Web </div> <span class="item-links"> <span class="item-link"> <a href="/publications/bachelor_thesis_PLATTNER_Evaluation_of_Responsive_Images_Solutions_for_the_Web.pdf">[PDF]</a> </span> <span class="item-link"> <a href="http://beta.destinat.io/">[Proof of concept]</a> </span> </span> <div class="item-description"> In this work I reviewed six responsive images solutions against a custom evaluation framework. The native HTML5 responsive images solution outperformed all the other methods. It was used in a case-example to create the travel catalogue <a href="http://beta.destinat.io">destinat.io</a> which uses responsive fullscreen images. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | University of Vienna | August 2015 | <span class="item-gallery"> Screenshots: <span class="item-gallery-images"> <a class="item-gallery-image gallery-destinatio" href="/images/screenshot_destinatio_homepage.jpg" title="Bachelor Thesis Case Example: Homepage">Homepage</a>, <a class="item-gallery-image gallery-destinatio" href="/images/screenshot_destinatio_suggestion.jpg" title="Bachelor Thesis Case Example: Travel Suggestion">Travel Suggestion</a></span> </span> <script> document.addEventListener("DOMContentLoaded", function() { new SimpleLightbox({elements: 'a.item-gallery-image.gallery-destinatio'}); }); </script> </div> </li> </ul></section><section id="talks" class="talks"> <h2 class=""><a href="#talks" class="anchor">#</a> Talks</h2> <ul class="section-list"> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Cyber Incident Response for Critical Infrastructure </div> <span class="item-links"> </span> <div class="item-description"> Cyber incidents in critical infrastructure can have severe consequences. In this talk I present how we handled an incident response case in the logistics sector, what tools we used, and what lessons we learned. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | November 2024 | <a href="https://leitstelle.tirol">leitstelle.tirol</a> - Critical Infrastructure Meet-Up </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Cyberattack First-Hand: Insights into a real incident </div> <span class="item-links"> <span class="item-link"> <a href="https://odoo.strong-it.at/event/it-security-roundtable-2024-19/register">[Event webpage]</a> </span> </span> <div class="item-description"> Cyber incidents cause a lot of stress, chaos, and damage. In this talk I give insights into a real incident response scenario. I show how we tackled the incident, what tools we used, and what lessons we learned. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | October 2024 | Strong IT&rsquo;s Security Round Table 2024 </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Be Prepared When It Hits: Ransomware Readiness. </div> <span class="item-links"> <span class="item-link"> <a href="https://www.axians.at/events/axians-business-lunch-fight-against-ransomware/">[Event webpage]</a> </span> </span> <div class="item-description"> Ransomware attacks pose one of the largest threats when it comes to cyber risks. Being prepared for a major incident is crucial to successfully handle the situation. In this talk I give insights on what aspects are relevant to professionally tackle an incident response project. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | May 2023 | Axians Business Lunch </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Simulated Phishing Campaigns – Done right. </div> <span class="item-links"> <span class="item-link"> <a href="https://www.youtube.com/watch?v=DZda1ENKtsc">[Conference recap video]</a> </span> </span> <div class="item-description"> Many cyber incidents start with a successful phishing attack. Thus, we need to raise awareness and educate users. In this talk I present our custom phishing service based on open source tools. I show a live demo of a full campaign. This includes setting up the infrastructure, which is fully automated using Terraform. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | November 2022 | Axians Tech Conference 2022 </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Automating Security Report Generation using Python </div> <span class="item-links"> <span class="item-link"> <a href="https://www.youtube.com/watch?v=9jn_4YbNDhk">[Conference recap video]</a> </span> </span> <div class="item-description"> Writing reports is no fun. Thus, I&rsquo;ve automated the report generation for our security audits at Axians using Python. In this talk I interactively present our approach and toolchain with many live demos. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | November 2021 | Axians Tech Conference 2021 </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Generalizing BlockSci to Cross-Chain Analyses of Forked Ledgers </div> <span class="item-links"> <span class="item-link"> <a href="/slides/2020-12-02%20-%20Inday%20Students%20Master%20Thesis.pdf">[Slides]</a> </span> <span class="item-link"> <a href="https://www.youtube.com/watch?v=kdDpqBiBo7k">[Video]</a> </span> <span class="item-link"> <a href="https://www.uibk.ac.at/informatik/news/artikel/inday-students-2020.html">[Event website]</a> </span> </span> <div class="item-description"> In this talk I give an overview of my thesis. I won the “Best Master Thesis of the Institute 2020” award of the Computer Science Institute at the University of Innsbruck. The talk was part of the award ceremony at the institute’s virtual “<a href="https://www.uibk.ac.at/informatik/news/artikel/inday-students-2020.html">Inday Students 2020</a>” event. Thanks to Gloria Dzida for helping me with the recording. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | December 2020 | Inday Students 2020 </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Workshop: BlockSci&#39;s Architecture and Bitcoin Blockchain Data Analysis (German) </div> <span class="item-links"> <span class="item-link"> <a href="/slides/2020-05-07%20-%20BlockSci%20Tutorial%20Slides.pdf">[Slides]</a> </span> <span class="item-link"> <a href="https://www.youtube.com/watch?v=ZrFIdaJJr7M&amp;t=70">[Video]</a> </span> <span class="item-link"> <a href="https://informationsecurity.uibk.ac.at/teaching/blockchain/">[Course website]</a> </span> </span> <div class="item-description"> Workshop on <a href="https://github.com/citp/BlockSci">BlockSci</a> with an in-depth coverage of its architecture and hand-on data analysis exercises on the Bitcoin blockchain. The workshop was part of our “<a href="https://informationsecurity.uibk.ac.at/teaching/blockchain/">Principles of Blockchain Systems</a>” lecture that was held remotely in response to the COVID-19 outbreak. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | May 2020 | University of Innsbruck </div> </li> <li class="item"> <div class="item-title"> <span class="anchor">–</span> Training: Blockchain Data Analysis with BlockSci (German) </div> <span class="item-links"> <span class="item-link"> <a href="https://informationsecurity.uibk.ac.at/projects/virtcrime/training/02_blocksci.pdf">[Slides]</a> </span> <span class="item-link"> <a href="https://informationsecurity.uibk.ac.at/projects/virtcrime/training/02_blocksci_demo1.pdf">[Demo I]</a> </span> <span class="item-link"> <a href="https://informationsecurity.uibk.ac.at/projects/virtcrime/training/02_blocksci_demo2.pdf">[Demo II]</a> </span> <span class="item-link"> <a href="https://informationsecurity.uibk.ac.at/projects/virtcrime/training/">[Event website]</a> </span> </span> <div class="item-description"> Introduction to blockchain data analysis with <a href="https://github.com/citp/BlockSci">BlockSci</a> at a cryptocurrency forensics training for Austrian law enforcement officers, regulators, and tax officers. </div> <div class="item-metadata"> <strong>Martin Plattner</strong> | November 2019 | University of Innsbruck </div> </li> </ul></section> </div> <div class="footer wrapper"> <nav class="nav"> <div> <a href="#top">Back to top</a> &nbsp;|&nbsp; <a href="/imprint/">Imprint</a> &nbsp;|&nbsp; &copy; Copyright 2024 Martin Plattner (mplattner) </div> </nav> </div> <script src="https://mplattner.at/js/simpleLightbox.min.ecdd82ef2d7bca00599da20ed1af42d74cd2aa09a2038010f700109c199b0216.js" integrity="sha256-7N2C7y17ygBZnaIO0a9C10zSqgmiA4AQ9wAQnBmbAhY="></script> <script src="https://mplattner.at/js/main.min.4dc3338cf27696f60b153cb3d9ca6c449d112053390481529961893a496db9e0.js" integrity="sha256-TcMzjPJ2lvYLFTyz2cpsRJ0RIFM5BIFSmWGJOkltueA="></script> </body> </html>