We love finding bugs.

Latest Events

PHP UK 2018

PHP UK Conference February 14-16, 2017

RIPS Technologies is Gold Sponsor of the PHP UK Conference 2018. Come and visit our booth!

PHP Security Advent Calendar

Advent Calendar December 1-24, 2017

RIPS Technologies hosts the PHP security advent calendar 2017 with a daily code challenge for learning.

PHP World 2017

php[world] 2017 November 15-16, 2017

RIPS Technologies is Gold Sponsor of the php[world] 2017 conference. Come and meet our team!


RIPS Technologies is a high-tech company based in Bochum, Germany, and delivers automated security analysis for PHP applications as platform independent software or highly scalable cloud service. With innovative code analysis algorithms that are specifically dedicated to the PHP language, even complex security vulnerabilities are detected that no other solution is able to find. Detailed patch instructions allow developers and consultants to remediate security risks in a time- and cost-efficient way, before these are exposed to attackers.


RIPS started out as an open-source PHP scanner in May 2010. Because of its success and rapid adoption, it was completely redesigned and turned into an enterprise application in 2015. Our PHP static code analysis research has been presented at leading academic conferences such as CCS, Usenix Security, and NDSS. We were awarded the Internet Defense Prize by Facebook. Our engineering efforts have made RIPS the superior security software for PHP applications.

Executive Team

Dr. Johannes Dahse


Johannes exploits security vulnerabilities in PHP code for 10 years. He is an active speaker at academic and industry conferences and a recognized expert in this field. He achieved his Ph.D. in IT security / static code analysis at the Ruhr-University Bochum, Germany. Previously, he worked as a security consultant for leading companies worldwide.

Fabian Langen


Fabian worked as a business consultant in a leading technology consulting company and has over five years international experience in different sectors across large companies ranked in the Fortune 500. He graduated in business informatics and business engineering focused on product management at the University of South Westphalia.

Martin Bednorz


Martin has 7 years of working experience as a lead web application developer. He graduated in IT security at the Ruhr-University Bochum and is conducting research on state-of-the-art code analysis and web technologies. His security background is supplemented by practical development and project management expertise.

Hendrik Buchwald


Hendrik graduated in computer science at the Ruhr-University Bochum and is a professional software engineer. In addition to designing and building complex systems, he particularly enjoys breaking and securing web applications. He is an experienced security consultant and the lead developer of the open source web application firewall Shadow Daemon.

Advisory Board

Prof. Dr. Thorsten Holz

Thorsten Holz is professor at the Department of Electrical Engineering and Information Technology at Ruhr-University Bochum, Germany. He received the Dipl.-Inform. degree in Computer Science from RWTH Aachen, Germany (2005), and the Ph.D. degree from University of Mannheim (2009). Prior to joining Ruhr-University Bochum in April 2010, he was a postdoctoral researcher in the Automation Systems Group at the Technical University of Vienna, Austria. In 2011, Thorsten received the Heinz Maier-Leibnitz Prize from the German Research Foundation (DFG).

Dr. Carsten Willems

Carsten is co-founder of VMRay, a commercial malware analysis suite. He is a pioneer in creating commercial software for dynamic malware analysis, and is one of the experts in this field worldwide. He achieved his Ph.D. in computer science / IT-security at the Ruhr-University of Bochum in 2013 and has more than 15 years of experience in malware research and software design. He already founded several companies, assisted many companies in IT-security related operations and regularly gives presentations at academic and industry conferences.