Google has released the code to its Ratproxy application security assessment tool to the open-source community, giving developers a new way to inspect their Web apps.Ratproxy works in the background to detect and prioritize broad classes of security problems, such as dynamic cross-site trust model considerations, script inclusion issues, content serving problems, insufficient XSRF and XSS defenses, according to Google's Web site, where the code is available for
free download. Ratproxy works in Linux, FreeBSD, MacOS X and Windows Unix emulator Cygwin environments.
By placing Ratproxy under the Apache 2.0 license, bloggers on ZDnet say the tool has the potential to become a standard feature in Web hosting systems and enterprise stacks. "This can quickly be adapted, and improved, by commercial providers and by enterprises frightened of the GPL?s code-sharing requirements," they said.InformationWeek
Keep up with the latest cybersecurity threats, newly-discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.
Subscribe
