An HP analysis of 4,000 applications built on Flash found that 35 per cent contravene Adobe's own security best practices.
HP SWFScan performs static analysis on Flash-based applications, checking for known issues such as unprotected confidential data, cross-site scripting flaws and cross-domain privilege escalation, said the firm.
The tool can then highlight vulnerabilities in the source code, and offer guidance as to how to fix the problems. SWFScan will also flag applications that adhere to best security practices and guidelines, said HP.
"Applications developed with Flash technologies are no more immune to security vulnerabilities than any other web applications," said Joseph Feiman, a vice president at Gartner.
"Giving Flash developers the ability to check whether their code is secure, providing guidance on how to fix it, and offering best secure programming practices, will help to protect businesses and their customers from hackers."
_(22).jpg&h=140&w=231&c=1&s=0)
.png&h=140&w=231&c=1&s=0)
_(26).jpg&w=100&c=1&s=0)
iTnews Executive Retreat - Security Leaders Edition
_(1).jpg&h=140&w=231&c=1&s=0)
