Denim Group Ltd., a market leader of web-application security consulting and training, announced its donation of Sprajax, an open source security scanner for AJAX, to the non-profit Open Web Application Security Project (OWASP).
Sprajax, a Microsoft .Net-based application developed by Denim Group, is the first web security scanner developed specifically to scan AJAX web applications for security vulnerabilities. Since its release via the Denim Group website in May this year, there have been over 2,500 downloads of the application and numerous online discussion threads.
“Denim Group is committed to furthering the field of application security,” said Dan Cornell, principal of Denim Group, “and by donating Sprajax to OWASP, we intend to generate more discussion around security vulnerabilities within AJAX applications. Providing the tool under the OWASP banner will make it more visible within the application security community. We saw a need for a product in the industry and took it upon ourselves to begin work on the project. Moving forward, the larger user base and development base provided by the association with OWASP will ultimately strengthen and enhance this tool.”
“Securing AJAX technology is a new challenge for the application security community,” said Jeff Williams, chairman of OWASP. “Denim Group’s contribution and leadership role in the OWASP Sprajax project will help developers worldwide produce more secure AJAX applications.”
Sprajax is available for immediate download from the OWASP website at www.owasp.org/index.php/Sprajax.
Also I will be speaking about the internals of sprajax at the OWASP AppSec 2006 conference. Hope to see folks there!
dan _at_ denimgroup.com