I don't see how the browser will be vulnerable, if you are using the browser to only test your web application. If your web application expects certain features of the browser to be enabled, then it should inform the user, and not continue to the main webpage.
I'm looking for more than just a policy, I need a technical control that isn't a host firewall as other browsers won't just be used for testing. If there is a trustworthy firefox content blocker extension or if TestComplete should always run on a test environment with no alternative browsers with access outside of the application. I'm looking for the general best practices and commonly used setups when using TestComplete.
