profile image

Dr.-Ing. Marius Steffens

Information Security Engineer @ Google

Contact Me

About Me

I am an Information Security Engineer at Google in Zurich. Before that, I obtained my PhD from Saarland University, where I worked at CISPA on the detection of various client-side Web vulnerabilties and the analysis of client-side defense mechanism that are capable of mitigating those vulnerabilty classes.

Outside of work, you can find me being nerdy about anything and everything, cooking and eating, playing board and video games, doing martial arts or trying to learn some instruments.

Publications

  • Who's Hosting the Block Party? Studying Third-Party Blockage of CSP and SRI

    Marius Steffens, Marius Musch, Martin Johns, and Ben Stock
    NDSS 2021
    • PDF

  • Reining in the Web’s Inconsistencies with Site Policy

    Stefano Calzavara, Tobias Urban, Dennis Tatang, Marius Steffens, and Ben Stock
    NDSS 2021
    • PDF

  • PMForce: Systematically Analyzing postMessage Handlers at Scale

    Marius Steffens, and Ben Stock
    CCS 2020
    • PDF

  • ScriptProtect: Mitigating Unsafe Third-Party JavaScript Practices

    Marius Musch, Marius Steffens, Sebastian Roth, Ben Stock, and Martin Johns
    ASIA CCS 2019
    • PDF

  • Don't Trust The Locals: Investigating the Prevalence of Persistent Client-Side Cross-Site Scripting in the Wild

    Marius Steffens, Christian Rossow, Martin Johns, and Ben Stock
    NDSS 2019
    • PDF

  • How the Web Tangled Itself: Uncovering the History of Client-Side Web (In)Security

    Ben Stock, Martin Johns, Marius Steffens, and Michael Backes
    USENIX Security 2017
    • PDF