Patent application number | Description | Published |
20100088761 | CROSS-DOMAIN ACCESS PREVENTION - A method, system, and computer program product for cross-domain access prevention are provided. The method includes detecting a request from a first domain to access a second domain, and applying cross-domain access heuristics to determine whether to allow the request. The cross-domain access heuristics define common ownership characteristics between the first domain and the second domain. The method further includes performing the requested access in response to determining that the request complies with at least one of the cross-domain access heuristics, and blocking the requested access in response to determining that the request fails to comply with the cross-domain access heuristics. | 04-08-2010 |
20120198557 | DETERMINING THE VULNERABILITY OF COMPUTER SOFTWARE APPLICATIONS TO PRIVILEGE-ESCALATION ATTACKS - Determining the vulnerability of computer software applications to privilege-escalation attacks, such as where an instruction classifier is configured to be used for identifying a candidate access-restricted area of the instructions of a computer software application, and a static analyzer is configured to statically analyze the candidate access-restricted area to determine if there is a conditional instruction that controls execution flow into the candidate access-restricted area, perform static analysis to determine if the conditional instruction is dependent on a data source within the computer software application, and designate the candidate access-restricted area as vulnerable to privilege-escalation attacks absent either of the conditional instruction and the date source. | 08-02-2012 |
20120272322 | DETERMINING THE VULNERABILITY OF COMPUTER SOFTWARE APPLICATIONS TO PRIVILEGE-ESCALATION ATTACKS - Determining the vulnerability of computer software applications to privilege-escalation attacks, such as where an instruction classifier is configured to be used for identifying a candidate access-restricted area of the instructions of a computer software application, and a static analyzer is configured to statically analyze the candidate access-restricted area to determine if there is a conditional instruction that controls execution flow into the candidate access-restricted area, perform static analysis to determine if the conditional instruction is dependent on a data source within the computer software application, and designate the candidate access-restricted area as vulnerable to privilege-escalation attacks absent either of the conditional instruction and the date source. | 10-25-2012 |
20120278480 | SYSTEM AND METHOD FOR IDENTIFYING SESSION IDENTIFICATION INFORMATION - A computer-implemented process, computer program product, and apparatus for identifying session identification information. A recording is initiated and an operation sequence of interest is performed while recording and the recording ceases. Responsive to a determination that the operation sequence of interest was successful, information from the operation sequence of interest is saved as recorded information and responsive to a determination that a same operation sequence of interest was recorded, the recorded information from each operation sequence of interest is compared. Differences in the recorded information are identified to form identified differences and a session identifier is constructed using the identified differences. | 11-01-2012 |
20130007886 | DETECTING SECURITY VULNERABILITIES IN WEB APPLICATIONS - Method to detect security vulnerabilities includes: interacting with a web application during its execution to identify a web page exposed by the web application; statically analyzing the web page to identify a parameter within the web page that is constrained by a client-side validation measure and that is to be sent to the web application; determining a server-side validation measure to be applied to the parameter in view of the constraint placed upon the parameter by the client-side validation measure; statically analyzing the web application to identify a location within the web application where the parameter is input into the web application; determining whether the parameter is constrained by the server-side validation measure prior to the parameter being used in a security-sensitive operation; and identifying the parameter as a security vulnerability. | 01-03-2013 |
20130160117 | IDENTIFYING REQUESTS THAT INVALIDATE USER SESSIONS - An illustrative embodiment of a computer-implemented process for identifying a request invalidating a session excludes all marked logout requests of a Web application, crawls an identified next portion of the Web application and responsive to a determination, in one instance, that the state of the crawl is out of session, logs in to the Web application. The computer-implemented process further selects all crawl requests sent since a last time the crawl was in-session, excluding all marked logout requests and responsive to a determination that requests remain, crawls a selected next unprocessed request. Responsive to a determination, in the next instance, that state of the crawl is out of session and the selected request meets logout request criteria, the computer-implemented process marks the selected request as a logout request. | 06-20-2013 |
20130174260 | TARGETED SECURITY TESTING - Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads. | 07-04-2013 |
20130174262 | TARGETED SECURITY TESTING - Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads. | 07-04-2013 |
20130179979 | DETECTING SECURITY VULNERABILITIES IN WEB APPLICATIONS - Method to detect security vulnerabilities includes: interacting with a web application during its execution to identify a web page exposed by the web application; statically analyzing the web page to identify a parameter within the web page that is constrained by a client-side validation measure and that is to be sent to the web application; determining a server-side validation measure to be applied to the parameter in view of the constraint placed upon the parameter by the client-side validation measure; statically analyzing the web application to identify a location within the web application where the parameter is input into the web application; determining whether the parameter is constrained by the server-side validation measure prior to the parameter being used in a security-sensitive operation; and identifying the parameter as a security vulnerability. | 07-11-2013 |
20130191913 | DYNAMICALLY SCANNING A WEB APPLICATION THROUGH USE OF WEB TRAFFIC INFORMATION - Collecting log file data from at least one log file. From the collected log file data, at least one HTTP request can be generated to exercise a web application to perform a security analysis of the web application. The HTTP request can be communicated to the web application. At least one HTTP response to the HTTP request can be received. The HTTP response can be analyzed to perform validation of the web application. Results of the validation can be output. | 07-25-2013 |
20130191920 | DYNAMICALLY SCANNING A WEB APPLICATION THROUGH USE OF WEB TRAFFIC INFORMATION - Collecting log file data from at least one log file. From the collected log file data, at least one HTTP request can be generated to exercise a web application to perform a security analysis of the web application. The HTTP request can be communicated to the web application. At least one HTTP response to the HTTP request can be received. The HTTP response can be analyzed to perform validation of the web application. Results of the validation can be output. | 07-25-2013 |
20140129620 | INDICATING COVERAGE OF WEB APPLICATION TESTING - Testing a system under test includes intercepting, within a proxy system, a request from a client system sent to the system under test. The request is analyzed within the proxy system and sent to the system under test. Within the proxy system, a response from the system under test sent to the client system is intercepted. The response is instrumented creating a modified response indicating test coverage according to the request. The modified response is sent to the client system. | 05-08-2014 |
20140129878 | INDICATING COVERAGE OF WEB APPLICATION TESTING - Testing a system under test includes intercepting, within a proxy system, a request from a client system sent to the system under test. The request is analyzed within the proxy system and sent to the system under test. Within the proxy system, a response from the system under test sent to the client system is intercepted. The response is instrumented creating a modified response indicating test coverage according to the request. The modified response is sent to the client system. | 05-08-2014 |