OWASP · DinisCruz · Jan 19, 2017 · Jan 10, 2017 · Jan 10, 2017 · Jan 10, 2017
diff --git a/.gitignore b/.gitignore
@@ -1 +1,3 @@
 _site
+.idea/
+*.iml
diff --git a/Participants/Bjoern-Kimminich.md b/Participants/Bjoern-Kimminich.md
@@ -0,0 +1,13 @@
+---
+layout: default
+title: Bjoern Kimminich
+type: participant
+---
+
+## Bjoern Kimminich
+
+(add info, links, blogs, twitter, bio, what would like to see at the summit)
+
+* [OWASP Juice Shop](https://www.owasp.org/index.php/OWASP_Juice_Shop_Project) Project Leader
+* Twitter: [@bkimminich](https://twitter.com/bkimminich) / [@owasp_juiceshop](https://twitter.com/owasp_juiceshop)
+* Blog: <http://kimminich.de>
diff --git a/Participants/Readme.md b/Participants/Readme.md
@@ -9,6 +9,7 @@ Add your name below (and create a page for your info) if you are planning to att
 (in alphabetical order)
 
 * [Alexander Antukh](Alexander-Antukh.md)
+* [Bjoern Kimminich](Bjoern-Kimminich.md)
 * [Colin Domoney](Colin-Domoney.md)
 * [David Rook](David-Rook.md)
 * [Dinis Cruz](Dinis-Cruz.md)

diff --git a/Workshops/NextGen-SecurityScanners.md b/Workshops/NextGen-SecurityScanners.md
@@ -0,0 +1,32 @@
+---
+layout: default
+title: NextGen Security Scanners
+type: workshop
+---
+
+## NextGen Security Scanners
+
+### Problem statement
+
+Today's security scanners were built for yesterday's web applications, based on server-side rendering concepts. They often fail or at least lack functionality when it comes to modern web applications using rich Javascript clients.
+
+### Questions
+
+* What makes scanning Javascript-heavy applications so different?
+* What funcionality is missing in today's scanner tools?
+* How to improve the automation parts of existing tools?
+* How to further assist users during proxied manual pentests?
+* How can vulnerable applications like [OWASP Juice Shop](https://www.owasp.org/index.php/OWASP_Juice_Shop_Project) be used by scanner vendors as a sample victim?
+
+### Participant candidates
+
+* OWASP ZAP, Arachni and other OSS scanner developers
+* Burp, Acunetix and other commercial scanner developers
+* Javascript frontend developers
+* Web application developers
+
+### Potential outcomes
+
+* OWASP ZAP extensions for Javascript client-side code analysis
+* Improvements of OWASP ZAP Ajax Spider
+* Additional vulnerabilities for OWASP Juice Shop that showcase vulnerabilities found in the wild
diff --git a/Workshops/Readme.md b/Workshops/Readme.md
@@ -5,6 +5,7 @@ Ideas for workshops to do:
 - [AWS Lambda Security](AWS-Lambda-Security.md)
 - [Browser Security](Browser-security.md)
 - [Mobile Security](Mobile_Security.md)
+- [NextGen Security Scanners](NextGen-SecurityScanners.md)
 - [Responsible Disclosure](Responsible-disclosure.md)
 - [Securing GitHub Integrations](Securing-GitHub-Integrations.md)
 - [Threat-Model](Threat-Model.md)