About Our Event
Following the success of previous editions, ScapyCon returns in 2026 with a refined and more integrated format. Bringing together a growing community of cybersecurity professionals, researchers, and engineers, the event continues to focus on practical knowledge sharing and real-world applications of network packet manipulation.
Taking place on September 15–16 at TechBase Regensburg, ScapyCon 2026 combines morning talks and presentations with interactive afternoon sessions, including workshops, demos, and discussions. This structure creates more space for hands-on exchange, collaboration, and deeper technical exploration across domains such as automotive, IoT, aerospace and beyond.
Participants can expect insights into current challenges and developments in cybersecurity, along with hands-on engagement with tools and techniques. The evening event at Degginger Regensburg on September 15 offers a dedicated setting to connect with peers and continue discussions beyond the sessions.
Join ScapyCon 2026 to exchange ideas, explore new approaches, and be part of an evolving, practice-driven cybersecurity ecosystem.
Stay in the loop and never miss a beat! Follow us on LinkedIn for registration details and all the latest updates about the upcoming event.
When:
15.09.26 – 16.09.26, 09:00 AM – 05:00 PM
Where:
Techbase Regensburg, Franz-Mayer-Str. 1, Regensburg
Keynote Speakers:
Dr. Enrico Pozzobon, Dr. Reinhard Kugler, Dr. Friedrich Wiemer and more!
Speakers
Dr. Enrico Pozzobon – Senior Manager @dissecto
Enrico has worked as an automotive penetration tester since 2016. Together with Dr. Nils Weiss, he built the automotive security research lab at the OTH Regensburg and later founded dissecto. He has worked with several automotive manufacturers and insurance companies to find vulnerabilities and build exploit demonstrations. His special field of expertise is side-channel attacks and voltage glitching.
Dr. Nils Weiss – Scapy Maintainer / Senior Manager @dissecto
Nils delved into penetration testing during his Bachelor’s and Master’s, exploring vulnerabilities in embedded systems and entire vehicles. Active in developing open-source penetration test frameworks like Scapy, he co-founded dissecto GmbH in 2022, focusing on simplifying security diagnostics and solutions for embedded systems.
Dr. Reinhard Kugler – Security Consultant @SBA Research
Reinhard’s focus relies on security testing of IT and industrial cyber-physical systems. Based on his prior experience in cyber defense, he works with companies to develop security capabilities and secure products. Reinhard is an experienced instructor and develops tailored security trainings. His mission is to apply research methods (combinatorial security testing) to industrial applications, like automotive, embedded or cloud.
Dr. Friedrich Wiemer – Security Researcher @Robert Bosch
Friedrich Wiemer is a security researcher at Robert Bosch GmbH working on in-vehicle network security. He (co-)drives the CANsec and CAN FD Adaptation Layer specifications in the CiA working groups and contributes to the Automotive MACsec and MKA profiles of Open Alliance TC17.
Keynotes &Talks
From Garage Testing to CI Pipelines: Towards automated Security Testing of Automotive Containers – Dr. Reinhard Kugler
Linux and containers are now a common deployment technique in modern automotive ECUs, including Infotainment systems and HPCs. The security testing and prototyping still remain a challenge and companies still are adapting to modern software development and building practices like CI/CD. The main goal to moving from ad-hoc testing approaches to fully automated Dynamic Application Security Testing (DAST) is accompanied by several challenges:
- Support for automotive environments such as CAN in IT build environments (CI)
- Integration of testing tools with the system under test (SUT)
- Automation of test cases to provide repeatable and cost effective testing
This talk outlines the integration of automotive applications into automated build systems for automotive software and explores practical testing approaches such as smart fuzzing, automation with Scapy and combinatorial testing.
Foundational Security from Ethernet to CAN: Prototyping CANsec and FDAL with Scapy – Dr. Friedrich Wiemer
MACsec has become the foundational link-layer security for automotive Ethernet. CAN and CAN FD, which still carry most safety-critical in-vehicle traffic, have no comparable foundation. We close this gap by extending MACsec downward: reuse MACsec for CANsec — the Layer 2 security protocol for CAN XL under specification in CiA 613-2. To make CANsec available on CAN FD as well, we additionally developed the CAN FD Adaptation Layer (FDAL). It extends the same Layer 2 trust foundation to the billions of CAN FD nodes already deployed today.
Scapy accompanied this work end-to-end. Building on the existing CAN XL functionality in the Linux kernel, we integrated it in Scapy, and implemented CANsec and FDAL as additional layers, developed alongside our specification work to validate real-world functionality. The same code base produced CANsec test vectors shared with silicon and stack vendors, and powered a proof-of-concept Ethernet application over CANsec protected CAN FD.
Interactive Sessions
These will be announced at a later stage, please come back later.
About Scapy
Scapy, a Python program, revolutionizes network packet manipulation by offering extensive capabilities including packet sending, sniffing, dissecting, and forging. This multifaceted tool empowers users to construct bespoke solutions for network probing, scanning, and security testing. Unlike conventional networking tools, Scapy boasts an interactive interface enabling users to craft, decode, and interpret packets with unparalleled flexibility. Its domain-specific language simplifies packet description and manipulation, epitomized by its ability to describe packets in just a few lines of code. Scapy’s unique approach diverges from traditional tools by providing raw, uninterpreted data, facilitating nuanced analysis and eliminating biases inherent in interpreted results.