Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec

Fortify updates rulepack to include detection of JavaScrip Hijacking.

Fortify : 14 May, 2007  (New Product)
Rulepack now includes comprehensive protection against computer threats by counteracting the latest hacking threats.
Fortify Software has announced the release of a major update to the Fortify Secure Coding Rulepacks. The update includes the integration of intellectual property obtained from Fortify's acquisition of Secure Software as well as coverage of critical vulnerabilities, such as JavaScript Hijacking, that pose a growing threat to modern software systems.

'Hacking techniques are getting more sophisticated by the day, making it critical for organisations to develop internal expertise to stay ahead,' said Fortify Founder and Chief Scientist Brian Chess. 'This rulepack update reflects a significant amount of new research in Ajax technology and hacking techniques. We're very excited to be in a position to help our customers secure their Web 2.0 applications.'

'In addition to Fortify's ongoing internal research, this rulepack update integrates the very best from Secure Software's CodeAssure Knowledgebase,' added Jacob West, Manager of Fortify's Security Research Group. 'These additions enhance our current offering and will help our customers remain ahead of the hacking community.'

Specifically, this rulepack update:

- Incorporates intellectual property from the Secure Software CodeAssure Knowledgebase
- Detects the use of Ajax frameworks that are vulnerable to JavaScript Hijacking, including versions of Google Web Toolkit (GWT), Direct Web Remoting (DWR) and Microsoft ASP.NET AJAX (Atlas)
- Provides detailed remediation advice to help developers secure Web 2.0 applications
- Increases security coverage specific to Java 1.5 and the package
- Includes a variety of enhancements for software written in C and C++, including superior support for the GLib, Microsoft Windows, Pthread, and Sun RPC APIs

The integration of these new rules was conducted by Fortify's Security Research Group, a team of software security experts that focuses entirely on identifying new threats and developing ways to protect against them. Thanks to these efforts, Fortify continues to lead the industry in identifying threats and developing solutions to address them.

The rules developed by the Security Research Group are incorporated into Fortify's Suite of products:

- Fortify SCA - The world's most proven and widely used source code security analysis solution
- Fortify Defender - A contextual Web application firewall that operates inside the application to provide the most accurate and comprehensive protection
- Fortify Tracer - An essential tool for improving application penetration tests; providing the exact line of code for each vulnerability and identifying parts of the application the test failed to reach
Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo