Improved Security In the Works for Firefox

<a href="http://www.theregister.co.uk/2008/05/20/new_firefox_security_protections">The Register</a>, <a href="http://computerworld.com/action/article.do?command=viewArticleBasic&articleId=9086458&intsrc=hm_list">Computerworld</a>

Jim Manico, OWASP Global Board Member

May 20, 2008

1 Min Read

Firefox developers are working to secure the browser with two new technologies they say will prevent the most prevalent types of Web site attacks.The first protection is designed to minimize end users' risk to cross-site scripting (XSS) attacks and cross-site request forgeries by enabling developers to white-list which domains can initiate or answer cross-site requests for code, cookies and other site resources. The second protection takes aim at DNS rebinding attacks by safeguarding routers and other devices barricaded behind firewalls with a wall that prevent public sites from accessing private resources on a company's intranet.

The technologies are still in their early stages. Meanwhile, Mozilla on Friday moved forward with the rollout of Firefox Release Candidate 1 (RC1), which includes performance enhancements, user interface changes, stability and compatibility fixes since the last beta.The Register, Computerworld

Read more about:

20082008

About the Author(s)

Jim Manico

Jim Manico

OWASP Global Board Member

Jim Manico is a Global Board Member for the OWASP foundation where he helps drive the strategic vision for the organization. OWASP's mission is to make software security visible, so that individuals and organizations worldwide can make informed decisions about true software security risks. OWASP's AppSecUSA<https://2015.appsecusa.org/c/> conferences represent the nonprofit's largest outreach efforts to advance its mission of spreading security knowledge, for more information and to register, see here<https://2015.appsecusa.org/c/?page_id=534>. Jim is also the founder of Manicode Security where he trains software developers on secure coding and security engineering. He has a 18 year history building software as a developer and architect. Jim is a frequent speaker on secure software practices and is a member of the JavaOne rockstar speaker community. He is the author of Iron-Clad Java: Building Secure Web Applications<http://www.amazon.com/Iron-Clad-Java-Building-Secure-Applications/dp/0071835881> from McGraw-Hill and founder of Brakeman Pro. Investor/Advisor for Signal Sciences.

See more from Jim Manico
Never Miss a Beat: Get a snapshot of the issues affecting the IT industry straight to your inbox.
SIGN-UP

You May Also Like

More Insights
Webinars
More Webinars
Reports
More Reports

Editor's Choice

thumbnail
Cyber Resilience
‘They’re Coming After Us’: RSA Panel Explores CISO Legal Pressure‘They’re Coming After Us’: RSA Panel Explores CISO Legal Pressure
byShane Snider
May 6, 2024
3 Min Read
Ambassador-at-Large Nathaniel Fick at the RSA Conference 2024 in San Francisco.
Cyber Resilience
Questions for the Bureau for Cyberspace and Digital PolicyQuestions for the Bureau for Cyberspace and Digital Policy
byJoao-Pierre S. Ruth
May 16, 2024
5 Min Read
Business person draws a creative business project
IT Leadership
Why CIOs Are Under Pressure to InnovateWhy CIOs Are Under Pressure to Innovate
byLisa Morgan
May 15, 2024
8 Min Read
DNA (deoxyribonucleic acid) strand, illustration.
Data Management
DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?DNA is an Ancient Form of Data Storage. Is it Also a Radical New Alternative?
byRichard Pallardy
May 7, 2024
15 Min Read
Business innovative solution and creative concept as a paper boat tied to a light bulb
IT Leadership
9 Ways to Ensure Continuous Innovation9 Ways to Ensure Continuous Innovation
byLisa Morgan
Apr 2, 2024
9 Slides
Webinars
More Webinars
White Papers
More White Papers
Live Events
More Live Events
Reports
More Reports
May 2, 2024
While there are plentiful options in cyber resiliency and business continuity tools and platforms, there isn’t one that can knock out everything from sudden cloud outages to prolonged ransomware attacks in a single punch. What can you do to keep the company on its feet no matter what is thrown at it? Find out in this new virtual event.
Reserve Your Seat Now