An HP analysis of 4,000 applications built on Flash found that 35 per cent contravene Adobe's own security best practices.
HP SWFScan performs static analysis on Flash-based applications, checking for known issues such as unprotected confidential data, cross-site scripting flaws and cross-domain privilege escalation, said the firm.
The tool can then highlight vulnerabilities in the source code, and offer guidance as to how to fix the problems. SWFScan will also flag applications that adhere to best security practices and guidelines, said HP.
"Applications developed with Flash technologies are no more immune to security vulnerabilities than any other web applications," said Joseph Feiman, a vice president at Gartner.
"Giving Flash developers the ability to check whether their code is secure, providing guidance on how to fix it, and offering best secure programming practices, will help to protect businesses and their customers from hackers."
HP offers security tool for Flash developers
By
Phil Muncaster
on Mar 24, 2009 10:52AM
HP has bolstered the fight against application security threats with the launch of a free tool designed to help Adobe Flash developers better protect their web sites.
