Skip to Main Content

Google Releases New Security Feature for its Cloud Platform

Posted on 2.23.2015

Thanks to numerous security breakdowns at many of the nation’s largest brands, security is on the forefront of everyone’s mind.

Google has recently announced a new security feature, currently in beta, called Google Cloud Security Scanner for Web applications.

The new feature is available to those using Google’s App Engine and enables developers to scan their applications for two common vulnerabilities: cross-site scripting (XSS) and mixed content. The Cloud Security Scanner is able to find theses weaknesses by using what Google calls “a multi-stage pipeline.” The first thing the scanner does is quickly crawl the HTML used within the app and parse it together. Then, the scanner slows down and makes a full-page render to find the more complex sections of the app. Finally, the scanner deploys a debugger that is designed to sense and alert users when it comes across JavaScript vulnerabilities.


 Request Website Magazine's Free Weekly Newsletters 


“Deploying a new build is a thrill, but every release should be scanned for security vulnerabilities,” states the official Google blog post announcing the scanner. “And while web application security scanners have existed for years, they’re not always well-suited for Google App Engine developers. They’re often difficult to set up, prone to over-reporting issues (false positives)—which can be time-consuming to filter and triage—and built for security professionals, not developers.”

WebsiteMagazineMiniLogo

Leave Your Comment

Login to Comment

Become a Member

Not already a part of our community?
Sign up to participate in the discussion. It's free and quick.

Sign Up

 

Leave a comment
    Load more comments
    New code
  •