hackers

Fortify boosts Web 2.0 protection

Fortify Software updates its Secure Coding Rulepacks

Written by Phil Muncaster

IT Week, 15 May 2007

Software security specialist Fortify Software has updated its Secure Coding Rulepacks to help protect companies from new threats such as JavaScript hijacking and vulnerabilities in web 2.0 applications.

JavaScript hijacking allows hackers to steal enterprise data by exploiting flaws in Ajax applications, according to Fortify's chief scientist, Brian Chess.

"Many enterprises are still early in their adoption of Ajax, so we're feeling upbeat about the prospects of eliminating the possibility of JavaScript hijacking before it becomes a runaway problem like buffer overflow or cross-site scripting," Chess explained.

The updates also include enhancements for software written in C+ and C++ languages and increased coverage for Java 1.5 and the java.security package, said Fortify.

The new Rulepacks updates will be incorporated into Fortify's SCA, Defender and Tracer products.

Tags:

reader comments

related articles

Fortify traces security vulnerabilities

Source code analysis specialist Fortify Software releases tool that hunts down vulnerabilities 23 Oct 2006

 

Web 2.0 deployments hit by JavaScript flaw

Fortify software has uncovered a flaw affecting the Javascript programming language 02 Apr 2007

Survey finds problems with pen testing

Fortify Software finds that most penetration testing fails to identify critical vulnerabilities 23 Apr 2007

Research finds Java code most secure

New research from software security specialist Fortify reveals that bugs are far less common in Java compared with commercial C/C++ code 05 Mar 2007

Security expert slams PCI auditing

PCI compliance does not guarantee security 04 Apr 2008

Hackers eye open source coding tools

Security firm warns of 'cross-build injection vulnerability' 10 Oct 2007

McAfee paints grim picture for 2008

Huge rise in web 2.0 attacks and smarter botnets 16 Nov 2007

related whitepapers

today's top stories

Communications

Body Shop rolls out PCI system

Retailer hopes to benefit from improved customer data analysis 07 Oct 2008

Talking Outsourcing

Where to offshore (and why not here?)

Tholons, the research firm founded by well-known offshoring guru Avinash Vashistha , has just published some new research in Global Services magazine... 07 Oct 2008

Communications

The future of Ethernet

Where is Ethernet going? We look at the future of the widely-used networking technology. 07 Oct 2008

Management

The pIT stop Q&A: How can I measure the business success of IT applications?

Ou expert panel answers readers' real-life IT questions 07 Oct 2008

Small Business Focus

National Identity Fraud Prevention Week

Every Monday seems to mark the beginning of a new awareness drive and this week’s theme has particular importance to small businesses... 06 Oct 2008

> More news

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

Existing User

Newsletter user login:

Jobs

Related jobs

Job of the week

> More IT vacancies

Job alerts

  • Latest jobs to your inbox
Sign up here

Find your next job

Advertisement

White papers

Search white papers

Top categories

VPN, Extranet and Intranet Solutions

WAN/ LAN Solutions

Network Security

Interoperability-Connectivity

Grid/ Utility Computing

Latest poll

Would you apply for a job that was advertised on Facebook or a similar social networking site?

Would you apply for a job that was advertised on Facebook or a similar social networking site?

The government is using Facebook to recruit IT staff - would you apply to such an ad?

Previous poll results

> More polls

Latest audio and video articles

Ethernet cableVideo

The future of Ethernet

Where is Ethernet going? We look at the future of the widely-used networking technology. 07 Oct 2008

Podcast imageAudio

Computing podcast - Next-generation broadband Britain; and we report from Gartner's IT security summit

In our latest podcast, we discuss the hurdles that a national fibre-optic network must overcome, and look at the issues discussed at the recent IT security conference 02 Oct 2008

> More audio and video

Latest in-depth articles

Features

How to ensure progress in programming

Best practice advice from Forrester Research 02 Oct 2008

BT workersAnalysis

Wanted: a viable model for fibre

While other European countries are pressing ahead with fibre rollouts, progress in the UK is being held back as the debate over who will foot the bill drags on, writes Dave Bailey 02 Oct 2008

> More in depth articles

Advertisement

Primary Navigation