×

Integrated interactive application security testing

  • US 10,387,656 B2
  • Filed: 03/09/2017
  • Issued: 08/20/2019
  • Est. Priority Date: 03/21/2016
  • Status: Active Grant
First Claim
Patent Images

1. A method for testing a software application program, comprising:

  • recording a sequence of functional tests that are applied to the program;

    automatically identifying and collapsing sessions within the recorded functional tests;

    creating modified tests by replacing parameters in the collapsed sessions with malicious inputs; and

    applying the modified tests to the program in order to detect security vulnerabilities in the program,wherein applying the modified tests comprises;

    adding instrumentation to a version of the program; and

    while running the program and applying the modified tests to the version of the program, calling a security handler when the instrumentation generates an event,wherein the security handler detects a suspected vulnerability in the program by analyzing the event and responses of the program to the modified tests.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×