views:

32

answers:

1

Can anyone recommend a site security audit service? One thats simple to sign up to online and audit sites for xss, sqlinjection, buffer overflow, etc etc.

Thanks

A: 

I usually run through all of the XSS vectors on the XSS Cheat Sheet myself for validation. SQL Injection attacks are pretty easy to stop using parameterized queries or stored procs. As far as buffer overflow attacks; if this is a web based application, i'm not sure how that would be relevant.

Gurdas Nijor