🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Interested to detect security and privacy issues? Do you use/develop any static or dynamic testing tools? Do you work on testing tools to make your ML-based components more robust against adversarial attacks? Keep an eye on TESTABLE! #testable_eu

Journey started in September 2021 with amazing partners: @CISPA La Com EURECOM TU Braunschweig UC3M SAP ShiftLeft IMQ Minded Security @NortonLifelock Pluribus One

Super cool idea to check if malicious JS is running/injected on a web page, in particular when it’s opened from an app. Cc testable_eu. Felix Krause, I would wrap the whole JS code in a IIFE to prevent malicious code to overwrite controls. 😉

Happy to share that our paper (cc Giancarlo Pellegrino) on #domclobbering has been accepted at #IEEESP'23 🎊. Excited to learn more? Check out: 👉 domclob.xyz ✨ bit.ly/3CwxoIB ✨ bit.ly/3Tj9WVi testable_eu, life #domclobbering #xss #testable_eu

Core to TESTABLE is a new testability metric to compute a more precise risk score, complementing existing vulnerability indicators (e.g., LoC, presence of security-sensitive function calls) #testable_eu

The testability metric aims to estimate of how easy/hard is to detect vulnerabilities over a target application with respect to a certain class of testing techniques (e.g., SAST, DAST, …)

The higher the testability for an application, the easier will be to test that application and to detect its vulnerabilities during the testing phase

✨Happening Now ✨Luca Compagna' presenting the #OWASP Testability Patterns for Webapps project at the OWASP® Foundation OWASP AppSec Europe. Join us to learn more about testability patterns, and how you can use our framework to pick the right SAST tools! buff.ly/3E3jsFM #testable_eu #appsec