|
Java Security Traps Getting Worse
A year ago at JavaOne, Fortify Software Founder and Chief Scientist Brian Chess gave a presentation titled "12 Java Technology Security Traps and How to Avoid Them." A year later, how far have we come in addressing those inherent vulnerabilities, which include XSS (cross-site scripting), SQL injection and native methods that allow the import of C or C++ code-along with its bugs? Not a smidge-unless you count going backwards.
It's gotten worse, Chess said in an interview with eWEEK, "and I've got evidence to prove it." Fortify, which markets source-code analysis technology, has access to a large database of common Java programming errors and vulnerabilities, gleaned not only from its customers but also from a year of running the Java Open Review project.  View: The full story News source: eWeek Read full story... More... |
| All times are GMT +1. The time now is 02:01 AM. |
Powered by vBulletin® Version 3.6.5
Copyright ©2000 - 2025, Jelsoft Enterprises Ltd.