Denim Group has been acquired by Coalfire. Learn More>>

Denim Group Donates Sprajax to OWASP

We have decided to donate sprajax to OWASP in the hope of driving more interest and more development.  Here is a copy of the press release:

Denim Group Ltd., a market leader of web-application security consulting and training, announced its donation of Sprajax, an open source security scanner for AJAX, to the non-profit Open Web Application Security Project (OWASP).

Sprajax, a Microsoft .Net-based application developed by Denim Group, is the first web security scanner developed specifically to scan AJAX web applications for security vulnerabilities. Since its release via the Denim Group website in May this year, there have been over 2,500 downloads of the application and numerous online discussion threads.

“Denim Group is committed to furthering the field of application security,” said Dan Cornell, principal of Denim Group, “and by donating Sprajax to OWASP, we intend to generate more discussion around security vulnerabilities within AJAX applications. Providing the tool under the OWASP banner will make it more visible within the application security community. We saw a need for a product in the industry and took it upon ourselves to begin work on the project. Moving forward, the larger user base and development base provided by the association with OWASP will ultimately strengthen and enhance this tool.”

“Securing AJAX technology is a new challenge for the application security community,” said Jeff Williams, chairman of OWASP. “Denim Group’s contribution and leadership role in the OWASP Sprajax project will help developers worldwide produce more secure AJAX applications.”

Sprajax is available for immediate download from the OWASP website at

Also I will be speaking about the internals of sprajax at the OWASP AppSec 2006 conference.  Hope to see folks there!

dan _at_

About Dan Cornell

Dan Cornell Web Resolution

A globally recognized application security expert, Dan Cornell holds over 15 years of experience architecting, developing and securing web-based software systems. As the Chief Technology Officer and a Principal at Denim Group, Ltd., he leads the technology team to help Fortune 500 companies and government organizations integrate security throughout the development process. He is also the original creator of ThreadFix, Denim Group's industry leading application vulnerability management platform.
More Posts by Dan Cornell

Leave a Reply

Your email address will not be published. Required fields are marked *