Beer-Talk in Zurich: MQTT Protocol Security & Attacks

The development of IoT and OT is growing rapidly every year and is increasingly used in various fields. One protocol commonly used in the IoT and OT environment to exchange data and control devices is MQTT.


Have you wondered what this MQTT even is, how it works and if there are security issues there as well? Then the next Beer Talk on June 13, 2023 is for you!


This Beer-Talk (in German) is divided in a technical presentation of about 45 minutes. Parallel to this, we will offer you a fine stand-up snack. The participation is free of charge.



The MQTT standard aims to provide a lightweight, reliable protocol for publishing and subscribing to messages. The communication was specified with an eye on Machine to Machine (M2M) and Internet of Things (IoT) to get by with low network bandwidth or limited processing power.

Mischa Bachmann has been working intensively with the protocol this spring and will tell more about it at the next Beer Talk. He explains how the MQTT protocol is built and how the communication works. From a pentester's point of view he shows how the protocol can be analyzed. The focus of the talk is on the security mechanisms of MQTT and the Mosquitto broker. After the talk, you will know what attacks currently exist on MQTT, how they are carried out and what should be considered to be prepared against attacks.



Mischa Bachmann is a trained systems engineer and has an immense amount of experience in the design and operation of server and network infrastructure. He has been working at Compass Security since 2018 as an IT Security Analyst and serves as a versatile incident responder in case of cyber incidents.

His favorite discipline is internal penetration testing, where he can draw from the full due to his wealth of experience. He also likes to investigate things thoroughly once in a while and shares his knowledge as a trainer in Compass courses. He has recently reached another great milestone with the completion of a Master of Advanced Studies in Information and Cybersecurity at the Lucerne University of Applied Sciences and Arts.



Tuesday, June 13, 2023

The talk will be held onsite at the Compass Office in Zurich. (The event in Berlin was cancelled due to lack of registrations.)

Compass Security Schweiz AG
Josefstrasse 53
8005 Zurich

We will offer you a snack and we are looking forward to the personal exchange with you.

  • Doors open at noon (12.00)
  • The talk starts at 12.15 Uhr. Enjoy the stand-up lunch during the lecture.
  • Approx. 13.15 Uhr: official closing



Come by, enjoy the talk and the free snack.

  • The participation is free but a registration is required.
  • The number of places at our locations is limited. Registrations will be considered in the order in which they are received.

Registration deadline: Wednesday, June 7, 2023, 17.00
You will receive a confirmation by email after registration. 


Register now