Dr. Andreas Dann
Dr. Andreas Dann

Application Security Expert | Security Researcher

About Me

I received my PhD in Computer Science from Paderborn University in 2024, where I was an external research associate in the Secure Software Engineering Group, advised by Prof. Dr. Eric Bodden and Prof. Dr. Ben Hermann. Prior to that, I earned my MSc in Computer Science from Paderborn University in 2016.

My research focuses on the detection and analysis of vulnerable open-source libraries, their usage in software systems, and automated approaches for secure dependency updates. I apply static code analysis and empirical software engineering methods to improve the security and maintainability of software ecosystems.

During my PhD, I co-founded CodeShield GmbH and was active as an AWS Community Builder, bridging academic insights with industry needs in the field of application security.

Interests
  • Static Code Analysis
  • Open-Source Software Security
  • Software Supply Chain Security
Education

  • PhD Computer Science

    Paderborn University

  • MSc Computer Science

    Paderborn University

  • BSc Computer Science

    Paderborn University & FU Berlin

Recent Publications
Andreas and Hermann, Ben and Bodden, Eric Dann (2023). UpCy: Safely Updating Outdated Dependencies. Proceedings of the 45th IEEE/ACM International Conference on Software Engineering.
Cite
Johannes Späth, Andreas Dann, Manuel Benz (2022). Blinder Alarm: Kontext als Schlüssel zur sicheren Cloud. Heise Developer.
Cite URL
Andreas Dann, Henrik Plate, Ben Hermann, Serena Elisa Ponta, Eric Bodden (2022). Identifying Challenges for OSS Vulnerability Scanners - A Study & Test Suite. IEEE Transactions on Software Engineering.
Cite DOI
Andreas Dann, Ben Hermann, Eric Bodden (2021). ModGuard: Identifying Integrity & Confidentiality Violations in Java Modules. IEEE Transactions on Software Engineering.
Cite DOI
Andreas and Hermann, Ben and Bodden, Eric Dann (2021). ModGuard: Identifying Integrity & Confidentiality Violations in Java Modules. Software Engineering 2021.
Cite DOI
See all publications
Selected Projects

I enjoy making things. Here are a selection of projects that I have worked on over the years.

Log4shell Checker
Eclipse Steady
SootUp
Soot
MechatronicUML
Contact

This will help me respond to your query via an email.