Fortify boosts Web 2.0 protection

Fortify Software updates its Secure Coding Rulepacks

Software security specialist Fortify Software has updated its Secure Coding Rulepacks to help protect companies from new threats such as JavaScript hijacking and vulnerabilities in web 2.0 applications.

JavaScript hijacking allows hackers to steal enterprise data by exploiting flaws in Ajax applications, according to Fortify's chief scientist, Brian Chess.

"Many enterprises are still early in their adoption of Ajax, so we're feeling upbeat about the prospects of eliminating the possibility of JavaScript hijacking before it becomes a runaway problem like buffer overflow or cross-site scripting," Chess explained.

The updates also include enhancements for software written in C+ and C++ languages and increased coverage for Java 1.5 and the java.security package, said Fortify.

The new Rulepacks updates will be incorporated into Fortify's SCA, Defender and Tracer products.