Lukas Weichselbaum
Lukas Weichselbaum is a Staff Information Security Engineer at Google with 10+ years of industry experience who frequently speaks at international infosec and developer conferences.
He's passionate about securing Web applications from common Web vulnerabilities and leads the Google-wide CSP adoption effort. Lukas also co-authored the CSP3 W3C specification and launched CSP Evaluator, a tool for developers and security experts to check if a Content Security Policy serves as a strong mitigation against XSS attacks.
Before joining Google, Lukas worked as a Security Consultant and graduated from Vienna University of Technology in Austria where he researched dynamic analysis of Android malware and founded Andrubis - one of the very first large scale malware analysis platforms for Android applications.
He's passionate about securing Web applications from common Web vulnerabilities and leads the Google-wide CSP adoption effort. Lukas also co-authored the CSP3 W3C specification and launched CSP Evaluator, a tool for developers and security experts to check if a Content Security Policy serves as a strong mitigation against XSS attacks.
Before joining Google, Lukas worked as a Security Consultant and graduated from Vienna University of Technology in Austria where he researched dynamic analysis of Android malware and founded Andrubis - one of the very first large scale malware analysis platforms for Android applications.
Research Areas
Authored Publications
Sort By
Google
Security Signals: Making Web Security Posture Measurable At Scale
David Dworken
Artur Janc
Santiago (Sal) Díaz
Workshop on Measurements, Attacks, and Defenses for the Web (MADWeb)
CSP Is Dead, Long Live CSP! On the Insecurity of Whitelists and the Future of Content Security Policy
Artur Janc
Proceedings of the 23rd ACM Conference on Computer and Communications Security, ACM, Vienna, Austria (2016)
