Bester Pentester Deutschlands: Vom Capture the Flag zum echten Pentesting-Auftrag | Cass Rebbelin

Cass Rebbelin was awarded Germany's best penetration tester at the NIS-2 Congress talent competition shortly after starting his career at HiSolutions. His driving force was primarily curiosity and the question of how systems work and where their vulnerabilities lie. This has been a constant throughout his career, from learning Excel macros in elementary school to participating in Capture the Flag competitions, which led him to cybersecurity. In conversation with Lena Morgenroth, he discusses the appeal of this bug hunting and the moment when the game becomes serious. In such competitions, participants know that a vulnerability exists and are rewarded with points for finding it. In a real penetration testing project, this isn't known, and the work only begins once the vulnerability is discovered: recommendations, prioritization, time management, and above all, communication with the client—something no certificate can prepare you for. What continues to motivate Cass is precisely the impulse that once gripped him: someone, out of sheer enthusiasm, showed him how things work. He continues this knowledge transfer today through hackathons, internal knowledge sharing sessions, and a student interest group he co-founded. #pentesting #cybersecurity #capturetheflag #digitalization #ethicalhacking 00:00 Best Penetration Tester in Germany 01:19 Intro & Introduction 02:30 What was your professional training path in penetration testing? 07:04 What surprised you when you started your career? 10:25 How does knowledge transfer work in the field of cybersecurity? 12:18 Closing Remarks Show Notes: HiSolutions HackHERthon: https://www.hisolutions.com/hackherthon Overview of pretty much all CTFs: https://ctftime.org/ Beginner CTF: https://picoctf.org/ Two (great) platforms for practical learning (but there are so many others): https://tryhackme.com/ & https://www.hackthebox.com/ Cass's blog with CTF write-ups: https://ccat.gitbook.io/ Award for Germany's best penetration tester: https://nis-2-congress.com/talentwett... HiSolutions is a leading management and technology consulting firm for security and digitalization. For over 30 years, we have combined highly specialized expertise with conceptual strength, innovative power, and implementation competence. 📲 Stay connected with us on other social media platforms: LinkedIn:   / hisolutions-ag   Mastodon: https://infosec.exchange/@hisolutions Spotify: https://open.spotify.com/show/6FwPurx... Apple: https://podcasts.apple.com/us/podcast... 📧 Subscribe to our newsletters on exciting topics related to IT security, IT management, and digitalization: https://www.hisolutions.com/newsletter Want to join our team? Here are our current job openings: https://karriere.hisolutions.com/

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!
▶︎

Billionaire's WARNING: I'm SELLING. The Crash Is Already Here!

Cybernation 2026 | Keynote: Cybernation and New State, Two Building Blocks for Germany | Prof. Ti...
▶︎

Cybernation 2026 | Keynote: Cybernation and New State, Two Building Blocks for Germany | Prof. Ti...

Wird Wolt die neue Super-App?
▶︎

Wird Wolt die neue Super-App?

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains
▶︎

Zig 2026: No-AI Policy, $670K Foundation, Left GitHub & Why Zig Isn’t 1.0 - Andrew Kelley Explains

Violence Expert: Real Self-Defense Is TERRIFYING
▶︎

Violence Expert: Real Self-Defense Is TERRIFYING

HYPERFOCUS MODE | Brainwave Focus Music for Deep Work
▶︎

HYPERFOCUS MODE | Brainwave Focus Music for Deep Work

God Says:"THIS IS AN URGENT MESSAGE FOR YOU TODAY."/God Message Now/God Message
▶︎

God Says:"THIS IS AN URGENT MESSAGE FOR YOU TODAY."/God Message Now/God Message

The ‘MeToo’ Backlash | The Global Dating Crisis: episode 2
▶︎

The ‘MeToo’ Backlash | The Global Dating Crisis: episode 2

Lisa Eckhart, ist das lustig? | Sternstunde Philosophie | SRF Kultur
▶︎

Lisa Eckhart, ist das lustig? | Sternstunde Philosophie | SRF Kultur

20 Years Old and Still the Main Gateway for Attackers: Active Directory | Oliver Jäkel
▶︎

20 Years Old and Still the Main Gateway for Attackers: Active Directory | Oliver Jäkel

Prof. Dr. Christian Bauckhage (Fraunhofer IAIS): KI - Wir haben noch gar nichts gesehen!
▶︎

Prof. Dr. Christian Bauckhage (Fraunhofer IAIS): KI - Wir haben noch gar nichts gesehen!

Expensive tickets and constantly late: What’s going wrong at Deutsche Bahn | WISO Deals
▶︎

Expensive tickets and constantly late: What’s going wrong at Deutsche Bahn | WISO Deals

The AI ​​Lie: How AI Really Influences Software Developers
▶︎

The AI ​​Lie: How AI Really Influences Software Developers

Was Ihr über Sonnencreme wisst, ist falsch (und ich bin mit schuld)
▶︎

Was Ihr über Sonnencreme wisst, ist falsch (und ich bin mit schuld)

From It-Girl to IT Girl: Career Change into IT Consulting after 16 Years in Retail | Melanie Heßler
▶︎

From It-Girl to IT Girl: Career Change into IT Consulting after 16 Years in Retail | Melanie Heßler

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup
▶︎

Creator of C++: Bell Labs, Negative Overhead Abstraction, Mistakes | Bjarne Stroustrup

Resilience Against Regulation: Current Legal Situation – NIS-2, KRITIS, CRA & Post-Quantum Crypto...
▶︎

Resilience Against Regulation: Current Legal Situation – NIS-2, KRITIS, CRA & Post-Quantum Crypto...

China Is About To Pop The AI Bubble
▶︎

China Is About To Pop The AI Bubble

I confronted THEM...💀😳
▶︎

I confronted THEM...💀😳

HMRC Doesn’t Want You To Understand This New Bank Rule
▶︎

HMRC Doesn’t Want You To Understand This New Bank Rule