Application Security Testing: An Integral Part of DevOps
AntiXSS, which is part of the Web Protection Library (WPL), also comes with a Security Runtime Engine (SRE) which is able to automatically encode most of the output that is deemed at-risk. This stops any user generated content that comes from untrusted user input from being vulnerable to script injection attacks by encoding it.
This week Microsoft announced the addition of its Anti-Cross Site Scripting (AntiXSS) library to ASP.NET 4.5. The tool was designed to prevent different types of script injection attacks that can be leveled against ASP.NET websites.