Netflix wants to put cross-site scripting (XSS) to sleep with the introduction of its latest open-source framework: Sleepy Puppy. Sleepy Puppy is a XSS payload-management framework designed to help security engineers capture, manage and track XSS propagation. “We wanted a more comprehensive XSS testing framework to simplify XSS propagation and identification, and allow us to … continue reading
Google has announced the release of its Cloud Security Scanner into beta. The new tool is designed to help developers scan for two common vulnerabilities: cross-site scripting and mixed content. According to the company, there was a need for the scanner because other security scanners are often hard to set up, not well suited for … continue reading
Twitter launches bug bounty program Twitter will pay security researchers who spot potential issues in its Web and mobile applications. The company announced a bug bounty program that will pay out at least US$140 to eligible reporters who find qualifying vulnerabilities. To be eligible for a bounty, researchers must report vulnerabilities through the HackerOne reporting … continue reading