SYSTEM AND METHOD FOR DETECTING SECURITY DEFECTS IN APPLICATIONS
First Claim
1. A method for detecting vulnerabilities in a deployed web application, the method comprising:
- developing a profile of acceptable behavior for inbound communication and outbound communication of a web application;
receiving a current inbound communication including an inbound user request and a current outbound communication from the web application that is in response to the current inbound communication; and
validating the current inbound communication and the current outbound communication with the profile of acceptable behavior to identify an anomaly, the identified anomaly including an occurrence of an acceptable behavior for the current inbound communication in combination with an occurrence of an unacceptable behavior for the current outbound communication.
9 Assignments
0 Petitions
Accused Products
Abstract
A system and method for detecting vulnerabilities in a deployed web application includes developing a profile of acceptable behavior for inbound communication and outbound communication of a web application. The method also includes receiving a current inbound communication and a current outbound communication from the web application. The current inbound communication includes an inbound user request and the current outbound communication is in response to the current inbound communication. The current inbound communication and the current outbound communication are validated with the profile of acceptable behavior to identify an anomaly. The identified anomaly includes an occurrence of an acceptable behavior for the current inbound communication in combination with an occurrence of an unacceptable behavior for the current outbound communication.
-
Citations
21 Claims
-
1. A method for detecting vulnerabilities in a deployed web application, the method comprising:
-
developing a profile of acceptable behavior for inbound communication and outbound communication of a web application; receiving a current inbound communication including an inbound user request and a current outbound communication from the web application that is in response to the current inbound communication; and validating the current inbound communication and the current outbound communication with the profile of acceptable behavior to identify an anomaly, the identified anomaly including an occurrence of an acceptable behavior for the current inbound communication in combination with an occurrence of an unacceptable behavior for the current outbound communication. - View Dependent Claims (2, 3, 4, 5, 6, 7, 16, 17, 18, 19, 20, 21)
-
-
8. A system for detecting defects in a web application, the system comprising:
-
a dynamic profiling module configured to develop a profile of acceptable behavior for inbound communication and outbound communication of a web application; and a collaborative detection module configured to receive a current inbound communication including an inbound user request and a current outbound communication from the web application that is in response to the current inbound communication, to validate the current inbound communication and the current outbound communication with the profile of acceptable behavior to identify an anomaly, the identified anomaly including an occurrence of an acceptable behavior for the current inbound communication in combination with an occurrence of an unacceptable behavior for the current outbound communication. - View Dependent Claims (9, 10, 11, 12, 13, 14)
-
-
15. A means for detecting vulnerabilities in a deployed web application, the means comprising:
-
a means for developing a profile of acceptable behavior for inbound communication and outbound communication of a web application; a means for receiving a current inbound communication including an inbound user request and a current outbound communication from the web application that is in response to the current inbound communication; and a means for validating the current inbound communication and the current outbound communication with the profile of acceptable behavior to identify an anomaly, the identified anomaly including an occurrence of an acceptable behavior for the current inbound communication in combination with an occurrence of an unacceptable behavior for the current outbound communication.
-
Specification