Meet us at ...

RAID 2012

Sebastian Lekies presents "DEMACRO: Defense against Malicious Cross-domain Requests" at RAID 2012 in Amsterdam.

ESORICS 2012

Daniel Hedin presents Boosting the Permissiveness of Dynamic Information-Flow Tracking by Testing at ESORICS 2012 in Pisa.

DagStuhl Seminar

WebSand organizes the Dagstuhl seminar on “Web Application Security” from 1 to 5 october 2012.

ACM CCS 2012

Nick Nikiforakis presents You Are What You Include:
Large-scale Evaluation of Remote JavaScript Inclusions
at CCS 2012 in Raleigh, USA.

Willem De Groef will present FlowFox: a Web Browser with Flexible and Precise
Information Flow Control
at CCS 2012 in Raleigh, USA.

German OWASP Day

Bastian Braun presents Der Weg ist das Ziel - Kontrollfluss-Integrität in Web-Applikationen sichern at German OWASP Day in Munich.

iMinds 2012

WebSand demonstrates the CsFire and FlowFox prototypes at iMinds 2012 in Ghent.

ACSAC 2012

Bastian Braun and Pieter Agten present their papers BetterAuth: Web Authentication Revisited and JSand: Complete Client-Side Sandboxing of Third-Party JavaScript without Browser Modifications at ACSAC 2012 in Orlando, Florida.

WebSand organizes First European workshop on Web Application Security Research (WASR’13)

The WebSand consortium co-organizes the First European workshop on Web Application Security Research (WASR’13) on 21 August 2013. The workshop is co-located with this year’s OWASP Research conference in Hamburg, Germany. More information can be found at http://2013.appsec.eu/wasr.html .

Read more ...

WebSand organizes DagStuhl Seminar

The WebSand consortium organizes the Dagstuhl seminar on “Web Application Security” (Seminar no. 12401) from 1 to 5 October 2012. More information can be found at http://www.dagstuhl.de/en/program/calendar/semhp/?semnr=12401 .

Read more ...

WebSand Presentation at the 9th International Conference on Trust, Privacy & Security in Digital Business (TrustBus 2012)

Date: September 4, 2012

The WebSand project was presented during this year's TrustBus conference at Vienna, Austria. We presented WebSand's underlying idea to rule information exchange and communication in mash-up web applications together with the project outcome and benefits for the public and industry domain in a short talk. The talk was supplemented by the exhibition of a WebSand poster and a short paper in the conference proceedings.

Read more ...

Andrei Sabelfeld receives an ERC grant on web security

Date: August 27, 2012

Andrei Sabelfeld, Chalmers site leader for WebSand, is awarded an ERC Consolidator grant for project ProSecuToR: Programming Language-based Security To Rescue. ProSecuToR will develop several tracks started in WebSand related to web-based case studies.

Read more ...

WebSand is presented at OWASP Sweden in Stockholm

Date: May 14, 2012

Jonas Magazinius presents the WebSand project, with the emphasis on information flow tracking in web mashups, at OWASP Sweden in Stockholm in May 2012. The focus of the presentation is on the results of the information-flow work package on policies and enforcement mechanisms for decentralized security in mashups.

Read more ...

Web Security training at SecAppDev 2012

Date: March 9, 2012

Members of the WebSand consortium presented new training material on web security & HTML5 at the Secure Application Development course (SecAppDev 2012) in Leuven. The slides are available on the SecAppDev website.

Read more ...

WebSand presented at the NIS Summerschool 2011

Date: June 30, 2011

The WebSand project has been presented at the Summer School on Network & Information Security (NIS Summerschool 2011), jointly organized by ENISA and FORTH.

Check out the poster ...