Topic: cross site scripting

Netflix open-sources XSS detection framework

Netflix wants to put cross-site scripting (XSS) to sleep with the introduction of its latest open-source framework: Sleepy Puppy. Sleepy Puppy is a XSS payload-management framework designed to help security engineers capture, manage and track XSS propagation. “We wanted a more comprehensive XSS testing framework to simplify XSS propagation and identification, and allow us to … continue reading

Google’s Cloud Security Scanner, Yahoo’s mobile developer suite, and io.js 1.3—SD Times news digest: Feb. 20, 2015

Google has announced the release of its Cloud Security Scanner into beta. The new tool is designed to help developers scan for two common vulnerabilities: cross-site scripting and mixed content. According to the company, there was a need for the scanner because other security scanners are often hard to set up, not well suited for … continue reading

SD Times news digest: September 4, 2014—Twitter’s bug bounty program, Hortonworks plans for Apache Hive, and CORESense’s Web services API

Twitter launches bug bounty program Twitter will pay security researchers who spot potential issues in its Web and mobile applications. The company announced a bug bounty program that will pay out at least US$140 to eligible reporters who find qualifying vulnerabilities. To be eligible for a bounty, researchers must report vulnerabilities through the HackerOne reporting … continue reading

DMCA.com Protection Status