Google has been well known for recognizing that malicious threats are embedded in many web pages. Their research last year indicated that 1 out of every 10 web pages had some malicious content on them, regardless of the reputation of the site.
As a follow on, Google announced last week they are releasing the code to their internal tool called RatProxy that analyzes websites for threats. While this isn't a proxy in the normal sense, it is a useful tool to make sure your own website hasn't been compromised.
The proxy analyzes problems such as cross-site script inclusion threats, insufficient cross-site request forgery defenses, caching issues, cross-site scripting candidates, potentially unsafe cross-domain code inclusion schemes and information leakage scenarios, and other threats.
Wednesday, July 9, 2008
Subscribe to:
Post Comments (Atom)
Posts
No comments:
Post a Comment