Google Gives Away Web App Security Tool

Posted by timothy on Thursday July 3, 2008 @10:22AM from the to-whom-it-may-concern dept.

CWmike writes "Google has released for free one of its internal tools used for testing the security of Web-based applications. Ratproxy, released under an Apache 2.0 software license, looks for a variety of coding problems in Web applications. A 2006 survey by the Web Application Security Consortium found that 85.57 percent of 31,373 sites were vulnerable to cross-site scripting attacks, 26.38 percent were vulnerable to SQL injection and 15.70 percent had other faults that could lead to data loss."

1 of 30 comments (clear)

Min score:

Reason:

Sort:

I hate it when I have to RTFA by museumpeace · 2008-07-03 14:19 · Score: 3, Interesting

Google has a tool, Web Application Security Consortium have discovered a problem with large portion of sites. Are these two facts related? does the Google tool detect the named problems?

--
SLASHDOT: news for people who can't concentrate on work or have no life at all and got tired of yelling back at the TV.