The TESTABLE consortium is a well-balanced group of nine European organizations, with complementary expertise and skills along the three core dimensions of this projects:

  1. Techniques to analyze properties of web applications, both static and dynamic program analysis
  2. Domains of expertise, i.e., analysis of security, privacy, and ML problems
  3. Type and scale of the evaluations, i.e., evaluation of open source web applications, large-scale evaluations of in-the-wild websites, and evaluations of industrial-scale web applications.


CISPA Helmholtz Center for Information Security


The Helmholtz Center for Information Security (CISPA) is a German national Big Science Institution within the Helmholtz Association, funded by the German Federal Ministry of Education and Research. It was founded in October 2011 as a competence center for IT security at Saarland University. Its research agenda comprises all aspects of Information Security. CISPA seeks to play a prominent international role on research, transfer, and innovation by combining cutting-edge, often disruptive foundational research with innovative application-oriented research, corresponding technology transfer, and societal outreach.



Eurecom is a research and teaching institute dedicated to ICT domains and located in one of Europe's most active technology parks: Sophia Antipolis (France). It is one of the schools under the Institut Mines Telecom (IMT) organization, which supervises the elite schools in telecommunications and civil engineering in France. Eurecom enjoys a special status within the group of French Ivy League schools, or “Grandes Ecoles”, as it is the only engineering school in France with a full English language curriculum.

Technical University of Braunschweig


Founded in 1745, the academic community of Technische Universitaet Braunschweig (TUBS) comprises some 20,000 students and 3,500 staff members in 6 faculties and 110 institutes. The academic focus is on engineering and natural sciences, closely linked with humanities, economics, social sciences and education. TUBS is part of TU9 German universities and constantly ranking in the top five engineering schools in Germany. TUBS was involved in 97 projects in FP7 and currently in over 50 projects under Horizon 2020 (incl. 5 ERC projects).

Universidad Carlos III de Madrid


The Universidad Carlos III de Madrid (UC3M) is a public and innovative university, which has won the category of Campus of International Excellence in 2009. Created in 1989, it has over 17,300 students and around 1,900 faculty of proven competence, noted for its outstanding facilities to develop research. UC3M is among the best universities in Spain and is included in the QS ranking of the top 50 universities worldwide under 50.



Founded in 1972, SAP has grown to become the world's leading provider of business software solutions. The company is also the fastest-growing major database company. Globally, more than 77% of all business transactions worldwide touch an SAP software system. With more than 437,000 customers in more than 180 countries, SAP includes subsidiaries in all major countries. SAP is the world's largest inter-enterprise software company and the world's third-largest independent software supplier.

ShiftLeft GmbH


ShiftLeft GmbH is the German subsidiary of the Silicon-Valley based application security SME ShiftLeft Inc. Founded in 2016 and backed by the established venture capital firms Mayfield Fund and Bain Capital, ShiftLeft has rapidly evolved to deliver continuous automated static vulnerability discovery to Fortune 500 customers, including Intuit, Cisco, SAP, and Emirates Airlines.

IMQ Minded Security


IMQ Minded Security is an SME whose services on software security are delivered to several companies operating in different industry sectors such as finance, telecommunications, retail, e-commerce and government/public sector. IMQ Minded Security consultants are not only known for their professional work for their clients but also for their contributions to the research community leading in the documentation of best industry practices in security testing of web application vulnerabilities such as the Open Web Application Security Project (OWASP).



Founded in 1982, NortonLifeLock (a.k.a. Symantec) has evolved to become the global leader in cyber safety, with thousands of employees in more than 35 countries. They are dedicated to helping secure the devices, identities, online privacy, and home and family nees of nearly 50 million consumers, providing them with a trusted ally in a complex digital world.

Pluribus One


Pluribus One is a research-intensive company based in Italy, focused on providing innovative solutions and services for cyber security. The company was born as a spin-out of the Pattern Recognition and Applications (PRA) Lab of the University of Cagliari, with which it maintains a strong and solid connection. Its staff has more than 20 years of experience in world-class research, and in providing solutions based on pattern-recognition and machine-learning technologies for real-world applications.