Mastodawn

Hello AppSec community!

Our preparations for German #OWASP Day 2026 (GOD) are in full swing. As some of you may have noticed, the website is already live (and kicking): https://god.owasp.de/

This year’s GOD will take place on September 24, 2026, in Karlsruhe. It's a one-day conference with two tracks. We will once again be offering community training sessions on the day before, i.e. the 23rd of September. That evening will -- as usual -- feature networking and professional discussions in a relaxed atmosphere with food and beverages.

We recently opened the call for community trainings. They were extremely well-received last year, and we’d like to build on that success this year.

So if you have a topic you’d like to present in a half-day session, check out the Call for Community Trainings (CfT): https://lnkd.in/edAnfmZ4 . It's planned to stay open until April 12, 2026. If you happen to know someone who's good explaining a relevant topic (see CfT) to a small group of people, feel free to forward the pointer to the CfT.

The Call for Presentations will open next week.

#AppSec #infosec #Security #SDLC #AI #LLM #CISO

Frederik Braun �4d ago

Tom Schuster 4d ago

To my security peeps: Was the introduction of widespread fuzzing similar to AI-based bug hunting now, or is this really a different beast?

Frederik Braun �Apr 2

~n Apr 2

OH: "EBITDA - Earnings Before Iran, Tariffs & Donald Announcements"

Frederik Braun �Mar 31

Henri Sivonen Mar 25

Today in Web compat: Firefox and Safari are ahead of Chrome in ICU4C version and upsteam ICU4C changed the formatting of zero offset from GMT. This broke birthday date validation for a UK based site for birthdays before 1970 in Firefox and, on 26.x Apple OSs, in Safari, because the site performs a formatting-based check on the time zone of London on the date to be validated and the UK has changed time zone rules along the way.

Frederik Braun �Mar 30

ist euch aufgefallen dass das Sommerloch-Tier dieses Jahr echt früh dran ist? - die beste Ehefrau von allen kommentiert, dass sei wegen der Klimakatastrophe.

Show thread

Frederik Braun �Mar 28

@gannimo …progress still remains as an inventive to get it done as first team, so might make sense to show progress as in "everything that is solvable because it has been solved" rather than "who has done the most".

Frederik Braun �Mar 28

@gannimo are you still involved with lakectf? Were you part of the decision making for the No LLM Policy at https://lakectf.epfl.ch/no-llm.html. I like the idea and have been thinking about the brokenness of CTF for a while. As a further step, I was wondering if it makes sense to provide scored/points only as a measurement of difficulty and stop showing a scoreboard altogether. Only show activity as "progress“ per category rather than points or rankings :).

LakeCTF

LakeCTF is a jeopardy-style security hacking contest organized by the polygl0ts CTF team

Frederik Braun �Mar 28

Steve Hayman 🇨🇦🇬🇱🪊Mar 28

TIL: For any prime number p >= 5, p²-1 is divisible by 24.

That's cool.

Isn't it?

Yes it is.

Frederik Braun �Mar 27

OH: "Mich würd das auch total verstören, wenn ich es nicht verdrängen würde."

Frederik Braun �Mar 27

@gaz Have you seen this? You must see this :) https://front-end.social/@html5test/116301798349200500 first response also contains link to how he built it

Niels Leenheer (@[email protected])

Attached: 1 image CSS is DOOMed! I've build DOOM in CSS and every wall, floor, barrel, and imp is a div, positioned in 3D space using CSS transforms. https://cssdoom.wtf Try it out! But... not every browser can handle it. This is taking the browser to its limit. Chrome has some issues. Safari too. Bugs will be filed.

Front-End Social

Website	https://frederikbraun.de/
Location	Berlin, Germany :club_mate:
Pronouns	he/him
Signal username	freddy.{default HTTPS port}