Article

Denim Group donates Ajax security scanner to OWASP

Jennette Mullaney, Assistant Editor

Web application security company Denim Group Ltd. is donating its groundbreaking security scanner, Sprajax, to the non-profit organization, the Open Web Application Security Project (OWASP).

Sprajax is a popular tool

    Requires Free Membership to View

and has been downloaded from the Denim Group Web site more than 2,500 times since its May 16 release. The security scanner is unique among its kind because it is designed specifically for Ajax-enabled Web applications.

Dan Cornell, principal at the Denim Group, describes Sprajax as a "black box dynamic analysis tool for Web applications that use Ajax technologies." Unlike other Web application vulnerability scanners, Sprajax can "detect the specific Ajax frameworks that are in use and send requests in the format those frameworks are going to understand," he said.

Cornell, who will be talking about Sprajax at this week's OWASP conference in Seattle, hopes the tool's exposure on the OWASP Web site will generate discussion about security issues specific to Ajax.

"There is a real lack of understanding security as it relates to so-called Web 2.0 applications," Cornell said. People are "spending time wondering about what they can do as opposed to what they should do."

OWASP is the perfect venue to launch that kind of discussion, Cornell said. The organization is at the forefront of open-source application security technology. OWASP.org is a wiki site, so registered users can offer considerable feedback. In addition, Denim Group and OWASP already have a history, as both organizations are dedicated to open-source technologies and Denim Group is the founding member of the OWASP chapter in San Antonio.

Ajax security resources
Denim Group releases open-source security scanner for Ajax 

App security tools target Ajax vulnerabilities 

Testing for security in the age of Ajax programming

Jeff Williams, chairman of OWASP, is optimistic about the positive affects of the Sprajax donation. "Denim Group's contribution and leadership role in the OWASP Sprajax project will help developers worldwide produce more secure Ajax applications," he said in a press release.

"OWASP has a lot of thought leadership in the software security base," Cornell said. Being on the OWASP site exposes Sprajax to a larger contributor and user base that can enjoy the product -- and improve upon it. Sprajax is available for download at www.owasp.org/index.php/Sprajax.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: