This is the MPI Software Security group lead by Dr Marcel Böhme at the Max Planck Institute for Security and Privacy (MPI-SP) in Germany. We are interested in the automatic discovery of security flaws in software systems at the very large scale. Some of us work on the foundations of automatic vulnerability discovery and program analysis in general. For instance, we seek to identify fundamental limitations of existing techniques, we study empirical methods (incl. statistical and causal reasoning) for program analysis, and we explore the assurances that software testing provides when no bugs are found. Another part of our group develops practical vulnerability discovery tools that are widely used in software security practice. For instance, Entropic is the default power schedule in LibFuzzer which powers the largest fuzzing platforms at Google and Microsoft, fuzzing hundreds of security-critical projects on 100k machines 24/7. Our tools have discovered 100+ bugs in widely-used software systems, more than 70 of which are security-critical vulnerabilities registered as CVEs at the US National Vulnerability Database.



We are always looking to recruit 👩‍🎓 PhD students and 👩‍💻 interns in Software Security. Just reach out via email.

You'll need a strong background in one of:
* Statistics, data science, ML (causality, security flaws), and/or
* Program analysis, system building, vulnerability discovery, CTFs.


Graduate Students (Main advisor)

Graduate Students (Co-advisor)

  • Zac Hatfield-Dodds

    Zac Hatfield-Dodds

    PhD student (ANU, on leave @ Anthropic, w/ Tony Hosking)

  • Philipp Görz

    Philipp Görz

    PhD student (CISPA / RUB, w/ Thorsten Holz)

  • Leon Weiß

    PhD student (CASA / RUB, w/ Kevin Borgolte)

  • Tobias Holl

    PhD student (CASA / RUB, w/ Kevin Borgolte)

Interns and Visiting Researchers


Research Fellows

Visiting Profs

Past Research Fellows


Past Research Assistents

Past Interns and Visiting Researchers

Past Undergraduate Students

  • Robert Stark 2022. MSc thesis (co-adviced). Moved to Bosch.
  • Tobias Wienand 2022. BSc thesis (co-adviced).