3rdplace is currently developing an in-house solution to collect data from local municipalities and security is the forefront; especially because within cs-aware we are dealing with databases of sensitive information.
Alongside the most common security vulnerabilities such as SQL Injections (SQLi), XSS (Cross Site Scripting) and Cross Site Request Forgery, which affect most contemporary programming languages, cs-aware applications must also consider threats generated from LDAP Injections, Command Injections and XPath Injections.
In order to harden the resilience to potential attacks, 3rdplace is considering exploiting a static code analysis technique to ensure that the source code is free from security and compliance issues.
Matteo Bregonzio,
3rdplace.