PHP Security!!! www.armorize.com


Hi,


I would like to introduce a new tool for verifying your PHP application's security. Our product uses the most advanced static source code analysis for identifying vulnerabilities in PHP code. Right now we are working with our version 1.17 which has improved functionality, speed and coverage. We have an under 5% false positive rate which drops to under 1% with a little configuration. Our false negatives are negligible!

Our language parser and transformer creates an abstract model of the code through which it runs a series of program path, inter-procedural and data flow analyses after which it can tell you not only what line of code the vulnerability lies, but also highlights the tainted variable that introduced the bug and how it propagates throught the code to become a vulnerability. This provides an end to end illustration of the vulnerability, educates you regarding the dymanics of security problems in PHP and actually provides suggetions of how you should go abuout fixing the code.

The best part is that becuase it is static analysis, the application does not need to be up and running, so you can run the scans during development.

We are launching our Security-as-a-Service model which represents the hosting of our core technology at our R&D center, all you need to do is log-on via your Web browser and you can verify your application's security. Today we are introducing the SaaS model and are providing it on a monthly subscription basis. Purchase for one month and fix your entire code base, when you need to modify your application again, it will only cost you that month's subscription. Our introductory price is very low for this kind of tool, because there is no tool as advanced as this. But you need not take my word for it, write to info@xxxxxxxxxxxx to apply for a free 2-day trial account. Please inlcude a valid business e-mail, your name, and phone number (optional).

The first 50 subscribers will recieve a full month's subscription at 50% discount. The first 25 will recieve 2 months at 50% discount.

Check out our website at www.armorize.com

Jordan

_________________________________________________________________
Share folders without harming wildlife! http://www.communicationevolved.com/en-za/
.

Relevant Pages

  • [NEWS] PHP Security Vulnerability in Multipart FORM Data Handling
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... The PHP Group has learned of a serious security vulnerability in PHP ... code with the privileges of the web server. ...
    (Securiteam)
  • Re: Php query string security
    ... > Yes I have read an awful lot now about php security and different ... the vulnerability occurs in a quite complicated setup. ... people who write unnessesarily complicated code, who overdesign software, ... are usually not security conscious. ...
    (comp.lang.php)
  • [UNIX] Arbitrary Code Execution Vulnerability in Mantis
    ... The following security advisory is sent to the securiteam mailing list, and can be found at the SecuriTeam web site: http://www.securiteam.com ... Mantis is an Open Source web-based bug ... tracking system, written in PHP, which uses the MySQL database server. ... A security vulnerability in the ...
    (Securiteam)
  • Re: [PHP] Out source files
    ... >> server, and use URL fopen to read them, if you like. ... In several PHP security recommendation we can read "Do not let PHP ... a vulnerability of the application doesn't expose all the data to the ...
    (php.general)
  • SecurityFocus Microsoft Newsletter #165
    ... Tenable Security ... distribute, manage, and communicate vulnerability and intrusion detection ... Microsoft Internet Explorer MHTML Forced File Execution Vuln... ...
    (Focus-Microsoft)