Web services and service-oriented architecture security software provider Forum Systems issued an alert on Jan. 30 for AJAX-related security threats and performance issues.
Forum Systems officials said AJAX dramatically increases the amount of XML network traffic being transmitted, exposing applications to Web services vulnerabilities; AJAX extends Web services from business-to-business to business-to-consumer and transforms a users Web browser into a Web services portal, thus exposing it to potentially corrupted data that can cause the browser to crash or perform poorly; malformed messages can disrupt server performance due to excessive parsing and exception handling; and XML messages can consume more than double the bandwidth of traditional binary data formats, leading to systemwide performance degradation.
Forum Systems recommends that organizations implement XML content filtering, Web services security and XML acceleration capabilities to ensure scalable and secure AJAX applications.
Wallid Negm, vice president of marketing at Forum Systems, said Forums XWall XML Web Services Firewall features XML filtering and Web services security and serves as an AJAX scalability solution.
“By acknowledging the exposure of AJAX applications, developers and administrators will be well-prepared to handle even accidental events that may disrupt business,” said Jason Bloomberg, an analyst with ZapThink LLC, in a statement.
The XWall Web Services Firewall features data validation, XML intrusion prevention, content filtering, WS-Security processing and content acceleration.
Pricing for Forum XWall starts at $2,500 for software and $30,000 for hardware configuration.