I'm happy to say IE8 Security Program Manager and Fiddler author Eric Lawrence announced our Watcher tool at MIX09 today. Check out his talk at http://videos.visitmix.com/MIX09/T54F it's an eye opener for Web developers – introducing us to the new features of IE8 while also covering state-of-the-art secure development practices for today's Web applications.

Unfortunately CodePlex went down today, even with Microsoft's new release of !exploitable at CanSecWest. Anyhow we're working hard to to add new checks to Watcher and reduce false positives in existing ones. So please grab Watcher from Codeplex and send us any feedback you want.

Watcher is being released under an Open Source license. With over 30 checks in its first release, it helps you find issues in your web-apps fast and effortlessly. Watcher is a Fiddler plugin that passively audits a web application for a variety of security issues. It acts as an assistant to the developer, tester, or pen-tester, by quickly identifying issues that commonly lead to security problems in web apps. Integrate it into your test passes to achieve more coverage of security testing goals.

Go get Watcher.