IronWebScraper Security CVE: Keep Your Projects Safe

Please see information below regarding IronWebScraper:

  1. All Iron Software products are DigiCert certified.
  2. IronWebScraper does not use web services nor send data across the internet.
  3. No COM or COM+ interfaces are exposed in the IronWebScraper.dll.
  4. The library is written in C#, which provides implicit protection from many common attack vectors.
  5. As few entry points as possible to the API are exposed, minimizing the risk of exploitation.
  6. Strong naming and sophisticated tamper protection are in place.
  7. The library is regularly scanned with multiple anti-virus/anti-malware scanners using the highest security and heuristic searches for potential threats.
  8. Every line of code undergoes at least two levels of human review by senior engineers to check for security vulnerabilities.
  9. IronWebScraper makes no known access to unmanaged code, reducing vulnerability risk.
  10. IronWebScraper uses the following .NET dependencies, none of which are known as security attack vectors. This is primarily because every object is internalized to our library (static linking) with no public or external access: https://ironsoftware.com/csharp/webscraper/docs/license/credits/.
Chaknith Bin
Software Engineer
Chaknith works on IronXL and IronBarcode. He has deep expertise in C# and .NET, helping improve the software and support customers. His insights from user interactions contribute to better products, documentation, and overall experience.