• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

External Security Check

ManagerJosh

Well-known member
#2
what kind of third-party/external audit are you looking for?? Against XSS attacks? SQL Injections? An audit can go any number of ways.
 
F

Floris

Guest
#3
what kind of third-party/external audit are you looking for?? Against XSS attacks? SQL Injections? An audit can go any number of ways.
A good company would have an array of audits to go through, remote testing, internal scanning, manually glancing over code, and running specialized softwares. etc.

At XenFans we've run a Google RatProxy for a month, while using the alpha, and found one issue which was due to jQuery converting things back in regards to html entities so xss was possible if you had moderator access with access to inline moderation, but that was it. Other reported things were all insignificant warnings.

I will dump the many gigabyte of data to a report.html soon since we stopped running it when beta2 came out. And mail it to Kier for review.