Kaminsky Issues Developer Tool To Kill Injection Bugs
Researcher’s new startup offers up new approach to preventing common SQL injection, XSS vulnerabilities in software
Renowned security researcher Dan Kaminsky today went public with the launch of a new venture as well as its first deliverable — a tool for application developers that helps prevent pervasive string injection-type attacks, such as SQL injection and cross-site scripting (XSS).
Kaminsky says his New York-based startup, Recursion Ventures, will productize research that breaks new ground in both security and technology, in general. His first deliverable is Interpolique, a tool that offloads much of the security responsibility from the developer, which he considers crucial to yielding more secure applications. “Security development tends not to care how inconvenient it is for developers,” Kaminsky says. “[This is] about meeting developers halfway.