News Stay informed about the latest enterprise technology news and product updates.

Denim Group donates Ajax security scanner to OWASP

Sprajax, the first Ajax security scanner, is now available for download at the OWASP Web site. The Denim Group has donated its tool to the non-profit organization.

Web application security company Denim Group Ltd. is donating its groundbreaking security scanner, Sprajax, to the non-profit organization, the Open Web Application Security Project (OWASP).

Sprajax is a popular tool and has been downloaded from the Denim Group Web site more than 2,500 times since its May 16 release. The security scanner is unique among its kind because it is designed specifically for Ajax-enabled Web applications.

Dan Cornell, principal at the Denim Group, describes Sprajax as a "black box dynamic analysis tool for Web applications that use Ajax technologies." Unlike other Web application vulnerability scanners, Sprajax can "detect the specific Ajax frameworks that are in use and send requests in the format those frameworks are going to understand," he said.

Cornell, who will be talking about Sprajax at this week's OWASP conference in Seattle, hopes the tool's exposure on the OWASP Web site will generate discussion about security issues specific to Ajax.

"There is a real lack of understanding security as it relates to so-called Web 2.0 applications," Cornell said. People are "spending time wondering about what they can do as opposed to what they should do."

OWASP is the perfect venue to launch that kind of discussion, Cornell said. The organization is at the forefront of open-source application security technology. is a wiki site, so registered users can offer considerable feedback. In addition, Denim Group and OWASP already have a history, as both organizations are dedicated to open-source technologies and Denim Group is the founding member of the OWASP chapter in San Antonio.

Ajax security resources
Denim Group releases open-source security scanner for Ajax 

App security tools target Ajax vulnerabilities 

Testing for security in the age of Ajax programming

Jeff Williams, chairman of OWASP, is optimistic about the positive affects of the Sprajax donation. "Denim Group's contribution and leadership role in the OWASP Sprajax project will help developers worldwide produce more secure Ajax applications," he said in a press release.

"OWASP has a lot of thought leadership in the software security base," Cornell said. Being on the OWASP site exposes Sprajax to a larger contributor and user base that can enjoy the product -- and improve upon it. Sprajax is available for download at

Dig Deeper on Topics Archive

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.