Funded Projects
(DFG) YURI: Semantic Models and Agents for Ssecurity Testing of Web Applications
Description
Detecting vulnerabilities in web applications is a daunting problem that does not have a general solution yet. Existing ad-hoc solutions can only identify simple forms of vulnerabilities that are present on the web application surface. In this project, we propose Yuri, a goal-oriented security testing agent that can synthesize semantic models and program representations closer to the way humans perceive and understand the program behaviors. Yuri can use these models to drive the attack surface exploration and execute security testing tasks, greatly expanding modern web-based application software coverage.
Role
PI
(H2020) TESTABLE: TestabiliTy Pattern-driven Web Application Security and Privacy Testing
Description
TESTABLE is an EU-funded project under Horizon 2020 Research and Innovation Actions, and it addresses the grand challenge of building and maintaining modern web-based and AI-powered application software systems secure and privacy-friendly. TESTABLE redefines the classical secure development life-cycle around the concept of testability, providing new tools for:
- Web and AI/ML Developers
- Managers
- Security Teams
Official page
Role
PI and scientific coordinator