[Owasp-std] Moving security into the IDE: Automatic code patch
dinis.cruz at owasp.org
Mon Nov 7 06:11:04 EST 2011
On the topic of backing security into the developer's IDE and Frameworks,
here are two PoCs that show what this could look like:
- The future of secure code? Fixing/Encoding .NET code in real time (in
this case Response.Write)
- In ASP.NET, prevent XSS with automatic html
Btw, I'm working on an Eclipse Plug-in for TeamMentor which I will publish
the code soon. This first version is a simple Eclipse Plug-in that calls a
number of web pages (after some config steps), which could also be reused
as a PoC for an STD plug-in.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Owasp-std