My @LocoMocoSec keynote slides on "Google's Recipe for Scaling (Web) Security" are online now:

RT @SecurityMB: Google CTF is on! Here's a challenge that I created: . Good luck 😀.

RT @SecurityMB: Here's my blog post about escaping `<>` in attributes and why it makes mXSS harder to exploit!.

RT @GoogleVRP: 🚨 Heads up for web devs! 🚨 . The HTML spec just got an important update to protect against mutation XSS (mXSS). Find out ho….

One of my teams at Google, 𝗔𝗜 𝗔𝗴𝗲𝗻𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆, is expanding in 𝗭𝘂𝗿𝗶𝗰𝗵 🇨🇭and 𝗡𝗲𝘄 𝗬𝗼𝗿𝗸 🇺🇸. We're looking for 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝘀 with experience in attacking and securing AI/ML systems. DMs open.

Safari Tech Preview 215: Added support for Trusted Types 🎉.

RT @0xAsm0d3us: @ryancbarnett @akamai_research This reminds me of this cool paper from Google I read years back. The best possible resource….

RT @GoogleVRP: Developers, tired of DOM XSS in your web applications? 😩 We were too. See how we refactored our code to solve Trusted Types….

RT @dinodaizovi: This is a great example of secure by design through a framework-centric approach to security. The key idea is to build hig….

RT @we1x: Building secure web apps shouldn't be a burden. We've built a high-assurance web framework at Google that makes security easy for….

RT @royalhansen: "This blog post aims to provide a detailed blueprint for how Google has created and deployed a high-assurance web framewor….

Building secure web apps shouldn't be a burden. We've built a high-assurance web framework at Google that makes security easy for developers. Learn about our "Secure by Design" approach and how it works in our new blog post: . cc: @ddworken

RT @ddworken: This is one of my favorite things about Google's security team, getting to work on security exercises like this is unimaginab….

RT @yu5k3: Another great #infosec starter pack on #bluesky! Thanks, @we1x 🙌.

Web security starter pack is in good shape now and includes many amazing folks passionate about web security like @terjanq or @shehackspurple:. Please share and recommend folks passionate about web security so we can get this community started there 🙂

More than 200 new followers overnight on bluesky 🚀.

I put together a list of folks passionate about web security and related topics I follow on bluesky to stay on top of cool web bugs, web platform security features and fixes Please share, join us there or comment if know someone who should be on that list.

Hey @clintgibler we're missing you and your awesome newsletter on bluesky!.I put together a starter pack for web security to make bootstrapping easier:

B l u e s k y is 🔥 got 80 followers overnight! So many infosec folks over there.

RT @ayper: Excited to share our latest post on memory safety! We're tackling spatial safety in our massive C++ codebase by hardening libc+….

Bootstrap your #infosec network on bluesky with @j_opdenakker's starter pack: Please comment below if you can recommend other starter packs for infosec or other topics 🙏.