Welcome to the Proxy Update, your source of news and information on Proxies and their role in network security.

Wednesday, July 9, 2008

Google Releases RatProxy

Google has been well known for recognizing that malicious threats are embedded in many web pages. Their research last year indicated that 1 out of every 10 web pages had some malicious content on them, regardless of the reputation of the site.

As a follow on, Google announced last week they are releasing the code to their internal tool called RatProxy that analyzes websites for threats. While this isn't a proxy in the normal sense, it is a useful tool to make sure your own website hasn't been compromised.

The proxy analyzes problems such as cross-site script inclusion threats, insufficient cross-site request forgery defenses, caching issues, cross-site scripting candidates, potentially unsafe cross-domain code inclusion schemes and information leakage scenarios, and other threats.

No comments: