Summary: Google's new Cloud Security Scanner allows users to easily scan applications for two common vulnerabilities: cross-site scripting, and mixed content.
By Zack Whittaker for Zero Day | February 19, 2015
http://zdnet4.cbsistatic.com/hub/i/r/2014/12/29/42c1dea4-5c0f-46e1-a386-2a1064c24340/resize/220x165/57d2d5aaa98f45cf2f2e64945ae83db6/h-8-silentcircle.jpg
Google's cloud platform will now scan developer's applications for common security vulnerabilities.
The search giant said Thursday the new security bug checker, dubbed the Google Cloud Security Scanner, will detect two common flaws, including cross-site scripting (XSS) issues, and mixed content.
Because common HTML5 and JavaScript-heavy applications are more challenging to crawl and test, Google said the scanner takes a novel approach by parsing the code and then executing a full-page render to find more complex areas of a developer's site.
Effectively, using Google's Compute Engine, the scanner will "create a botnet of hundreds of virtual Chrome workers to scan your site," said Rob Mann, Google security engineering manager, in a blog post.
Full Article.
Google's cloud will now scan web apps for common security flaws
Userlevel 7
+54
Be the first to reply!
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.