Security Vulnerabilities Detection and Protection Using Eclipse
After a decade of existence, still, Cross-site scripting, SQL Injection and other of Input validation associated security vulnerabilities can cause severe damage once exploited. To analyze this fact, conducted an empirical study, while OWASP and SANS defined their respective risk-based approaches. Taking these results into consideration, three deficiencies can be highlighted: a lack of up skilling developers, a high ratio of false positive findings in security code scanners and an erroneous planning of security corrections. In this paper, the authors present how using the Eclipse platform and the JDT compiler, a proper tooling can be provided to overcome these deficiencies.