Google is developing an automated tool for finding common web application vulnerabilities. The tool, dubbed Lemon, is still in development by the ad-brokering giant's security researchers but is already been used internally. It's unclear whether or not Google will release the vulnerability testing tool more generally. Free …
This will upset IBM
Having just shelled out $$$ for Watchfire, whose AppScan is one of the leading commercial tools for identifying web app bugs.
Yes, lemon is an automated bug finder...
... and the MOAB is an automated bunker weakness probing tool.
Not immediately useful
Just because you find vulnerabilities does not
mean you can fix them it does mean you can
exploit them I write these damned web apps
and I don't need fuzzers to break most others
web apps but given a thorough
enough going over I assume it will break mine somewhere
in other words they need to keep this thing until
it reaches the point where it can also fix them dynamically
then release it as a site manager application that
way it might be of some use otherwise it just causes
you to move holes around like MS with IE they are
still doing that BTW.Please I have enough to do.
that would be "a physical method or device that provides structural analysis and diagnostics for subsequent forensic examination, in a repeatable and consistent manner, using controlled energy application...specifically designed for testing reinforced or fortified structures".
i'm pretty sure that's what the original DARPA proposal claimed...
Why would this upset IBM?
watchfire gives their product away (they did with us and i hear they do the same with everyone else ) so no real revenue lost .....
- Boffins attempt to prove the UNIVERSE IS JUST A HOLOGRAM
- China building SUPERSONIC SUBMARINE that travels in a BUBBLE
- Review Raspberry Pi B+: PHWOAR, get a load of those pins
- Experimental hypersonic SUPERMISSILE destroyed 4 SECONDS after US launched it
- That 8TB Seagate MONSTER? It's HERE... (You'll have to squint, 'cos there are no specs)