Olivia
Online
Lukas Weichselbaum
@we1x
Leading @Google's web security team. Opinions are my own.
Bluesky: @webappsec.dev
[email protected]
Joined January 2011
505 Following
2.3K Followers
1.4K Posts
Pinned Tweet
My @LocoMocoSec keynote slides on "Google's Recipe for Scaling (Web) Security" are online now: https://t.co/0CaClh0lX0
Wrap @GoogleVRP and init.g(mexico)! Huge thanks to Anna, @we1x and everyone at Google for giving us a glimpse into this world. Getting to listen the many experts at these fields was truly inspiring and motivating. #initg #cybersecurity
¡Hola from init.g(mexico) we are LIVE!
Crazy excited to meet all the incredible students who joined init.g(mexico) today! Very much looking forward to seeing how these bright minds can shape the security industry of tomorrow!
Let the learning and hacking begin! init.g() { return SUCCESS; }
#initg #ESCAL8 #GoogleMexico 🇲🇽
We published a blogpost about SafeContentFrame - a library for rendering untrusted content inside an iframe. The library is a big party of what I've been up to in the few last years! Check out the blog and take a slice of my birthday cake 🎂!
https://t.co/9gGEqUuwIX
Google CTF is on! Here's a challenge that I created:
https://t.co/I3RAWWN9u2.
Good luck 😀
Here's my blog post about escaping `<>` in attributes and why it makes mXSS harder to exploit!
🚨 Heads up for web devs! 🚨
The HTML spec just got an important update to protect against mutation XSS (mXSS). Find out how escaping < and > in attributes is making the web a safer place.
https://t.co/gMKmo0x4ad
@manicode The many layers of stickers could provide enough structural integrity for your laptop to survive long enough 😀
One of my teams at Google, 𝗔𝗜 𝗔𝗴𝗲𝗻𝘁 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆, is expanding in 𝗭𝘂𝗿𝗶𝗰𝗵 🇨🇭and 𝗡𝗲𝘄 𝗬𝗼𝗿𝗸 🇺🇸. We're looking for 𝗦𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗘𝗻𝗴𝗶𝗻𝗲𝗲𝗿𝘀 with experience in attacking and securing AI/ML systems. DMs open.
Safari Tech Preview 215: Added support for Trusted Types 🎉
https://t.co/RCd7uq9nbZ
@ryancbarnett @akamai_research This reminds me of this cool paper from Google I read years back. The best possible resource for understanding common pitfalls in CSP
https://t.co/ae7RX4ocWf
@ndevtk @WeizmanGal Yes, that's correct. Images and links are the exfil scenarios to worry here (no script execution in markdown)
Developers, tired of DOM XSS in your web applications? 😩 We were too. See how we refactored our code to solve Trusted Types violations in Gmail & AppSheet. Your guide to a safer web is here!
https://t.co/jywuZicT2N
@TanmayLP7 @NahamSec Yes, not everything is built on high assurance frameworks (yet) and the bounty for XSS was increased.
https://t.co/e8lmOYyACq
XSS in Gmail is now $20k (or 50% more for exceptional quality report). Good thing we don't have XSSes anymore.... Or do we? :)
This is a great example of secure by design through a framework-centric approach to security. The key idea is to build high-level frameworks that abstract away and address as many security risks as possible to make security better by default and as easy as possible for apps.
Building secure web apps shouldn't be a burden. We've built a high-assurance web framework at Google that makes security easy for developers. Learn about our "Secure by Design" approach and how it works in our new blog post:
https://t.co/Iq19llnlEj
cc: @ddworken
"This blog post aims to provide a detailed blueprint for how Google has created and deployed a high-assurance web framework that almost completely eliminates exploitable web vulnerabilities."
https://t.co/7TsK8ZFRrO
Building secure web apps shouldn't be a burden. We've built a high-assurance web framework at Google that makes security easy for developers. Learn about our "Secure by Design" approach and how it works in our new blog post:
https://t.co/Iq19llnlEj
cc: @ddworken
Last Seen Users on Sotwe
fleshlight 
Seen from United States
TÜRK İFSA TG
Seen from Turkey
Nguyen Tran_2308
Seen from Vietnam
JAV SUB INDONESIA
Seen from Indonesia
Traci Raines
Seen from United Kingdom
H 🇸🇦🖤
Seen from Bahrain
تانجو برايفت تجليخ نار 👏🥰
Seen from Brazil
Sex Adresi
Seen from Turkey
Mom Teach Loves
Seen from Turkey
𝓣𝓔𝓔𝓜 𝓦𝓞𝓡𝓚
Seen from Malaysia
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.1M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
108.9M followers
Narendra Modi
@narendramodi
107M followers
Rihanna
@rihanna
97.3M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.6M followers
KATY PERRY
@katyperry
86.8M followers
Taylor Swift
@taylorswift13
80.6M followers
Lady Gaga
@ladygaga
72.1M followers
Kim Kardashian
@kimkardashian
69.4M followers
YouTube
@youtube
68.6M followers
Virat Kohli
@imvkohli
68.5M followers
Bill Gates
@billgates
63.4M followers
The Ellen Show
@theellenshow
62.5M followers
CNN
@cnn
61.9M followers
Neymar Jr
@neymarjr
61M followers
X
@x
60.9M followers
CNN Breaking News
@cnnbrk
59.9M followers