Number: IRCNE2015022431
Date: 2015/02/23
According to “zdnet”, Google's cloud platform will now scan developers' applications for common security vulnerabilities.
The search giant said Thursday the new security bug checker, dubbed the Google Cloud Security Scanner, will detect two common flaws, including cross-site scripting (XSS) issues, and mixed content.
Using Google's Compute Engine, the scanner will "create a botnet of hundreds of virtual Chrome workers to scan your site," said Rob Mann, Google security engineering manager, in a blog post.
In another test for cross-site scripting, which allows hackers to inject potentially malicious code into a hosted web app, Google will "attack" the site (albeit safely and in a controlled way) with a benign payload to determine if a web app is vulnerable.
- 2