Printer Friendly

Backed by Adobe, HP offers Free Security Tool for Flash.

Today, Hewlett-Packard Co. has released a free tool called "SWFScan" to check for security holes in web Flash applications.

The tool was designed to help Flash developers protect their websites against unintended application security vulnerabilities and reduce the risk of hackers accessing sensitive data.

The tool can scan for exposure of confidential information, cross-domain privilege escalation and Cross-Site Scripting (XSS). It decompiles the program and highlights the source code to identify between 60 and 65 vulnerabilities.

Also, the tool alerts developers if the application does not comply with Adobe's security best practices.

According to HP, 35 percent of nearly 4,000 Flash web apps violate Adobe's security best practices. To help developers cut down on security holes; the HP SWFScan tool decompiles Flash applications and searches the code for vulnerabilities.

HP worked closely with Adobe Systems Inc. to develop SWFScan. "We are working with HP to make sure developers have tools to help secure content and keep customers safe," said Brad Arkin, product security and privacy director, Secure Software Engineering Team, Adobe. "We worked with HP on their SWFScan tool, which will help Flash developers find potential security issues early in the development process so they can understand and prevent problems before web applications are ever deployed."

Flash is one of the most common applications used for creating animation and games for Web 2.0, which security experts said needs better web security measures to protect against cyber attacks. Approximately 98 percent of internet-connected PCs worldwide have Flash players installed.

Microsoft last year asked HP to develop a tool to test for SQL injection vulnerabilities in applications for Microsoft's ASP platform.

For more information and free download of HP SWFScan visit:

COPYRIGHT 2009 International Business Times
No portion of this article can be reproduced without the express written permission from the copyright holder.
Copyright 2009 Gale, Cengage Learning. All rights reserved.

Article Details
Printer friendly Cite/link Email Feedback
Publication:International Business Times - US ed.
Article Type:Brief article
Date:Mar 23, 2009
Previous Article:Sony Ericsson U.S. chief resigns.
Next Article:Pimco calls gov't toxic assets plan a winner.

Related Articles
Flash Player 9 for Linux now available from Adobe.
Adobe introduces Adobe AIR 1.5 for Linux.
Adobe introduces Adobe AIR 1.5 for Linux.
Avecto releases new Privilege Guard security application.

Terms of use | Privacy policy | Copyright © 2021 Farlex, Inc. | Feedback | For webmasters |