APPLICATION SECURITY TESTING

US 20130160131A1
Filed: 12/20/2011
Published: 06/20/2013
Est. Priority Date: 12/20/2011
Status: Active Grant

First Claim

Patent Images

1. A processor-readable medium storing code representing instructions that when executed at a processor cause the processor to:

access an attack description;

access a data set from an application, the data set based on an attack data set;

correlate the data set with the attack description; and

report a security vulnerability for the application if the data set satisfies the attack description.

View all claims

8 Assignments

Timeline View

Assignment View

0 Petitions

Accused Products

Abstract

In one implementation, an application security system accesses an attack description and a data set from an application. The data set based on an attack data set. The application security system correlates the data set with the attack description, and reports a security vulnerability for the application if the data set satisfies the attack description.

Citations

20 Claims

1. A processor-readable medium storing code representing instructions that when executed at a processor cause the processor to:
- access an attack description;
  
  access a data set from an application, the data set based on an attack data set;
  
  correlate the data set with the attack description; and
  
  report a security vulnerability for the application if the data set satisfies the attack description.
- View Dependent Claims (2, 3, 4, 5, 6, 7, 8, 9, 10)
- - 2. The processor-readable medium of claim 1, further comprising code representing instructions that when executed at a processor cause the processor to:
    - receive a correlation type identifier associated with the attack description, correlating the data set with the attack description is based on the correlation type identifier.
  - 3. The processor-readable medium of claim 1, further comprising code representing instructions that when executed at a processor cause the processor to:
    - receive an ignore parameter associated with the attack description, the security vulnerability is reported if the data set satisfies the attack description and the ignore parameter has a do not ignore value.
  - 4. The processor-readable medium of claim 1, further comprising code representing instructions that when executed at a processor cause the processor to:
    - receive the attack description, the attack description including a copy of the data set.
  - 5. The processor-readable medium of claim 1, further comprising code representing instructions that when executed at a processor cause the processor to:
    - intercept execution of the application, accessing the data set in response to intercepting execution of the application.
  - 6. The processor-readable medium of claim 1, wherein:
    - the attack data set is received at the application via a communications channel between a scanner and the application; and
      
      the attack description is received via the communications channel.
  - 7. The processor-readable medium of claim 1, wherein:
    - the attack data set is received at the application via an HTTP communications channel between a scanner and the application;
      
      the attack description is received via a header of the HTTP communications channel.
  - 8. The processor-readable medium of claim 1, further comprising code representing instructions that when executed at a processor cause the processor to:
    - decode the attack description before the data set is correlated with the attack description.
  - 9. The processor-readable medium of claim 1, further comprising code representing instructions that when executed at a processor cause the processor to:
    - monitor execution of the application.
  - 10. The processor-readable medium of claim 1, further comprising code representing instructions that when executed at a processor cause the processor to:
    - determine whether the data set satisfies a security rule, the security vulnerability is reported if the data set satisfies the attack description and satisfies the security rule.

11. A system for application security testing, comprising;
- a communications module to receive an attack description;
  
  an intercept module to access a data set at an application, the data set based on an attack data set; and
  
  a correlation module to determine whether the data set satisfies the attack description.
- View Dependent Claims (13, 14, 15)
- - 13. The system of claim 11, wherein:
    - the communications module is configured to receive a correlation type identifier associated with the attack description; and
      
      the correlation module is selected based on the correlation type identifier.
  - 14. The system of claim 11, wherein:
    - the communications module is configured to receive the attack description via a communications channel between a scanner and the application.
  - 15. The system of claim 11, wherein:
    - the communications module is configured to receive the attack description via a header of an HTTP communications channel between a scanner and the application.

12. The system of 11, further comprising:
- a report module to report a security vulnerability for the application if the data set satisfies the attack description.

16. A processor-readable medium storing code representing instructions that when executed at a processor cause the processor to:
- provide an attack data set to an application via a communications channel; and
  
  provide an attack description to an observer via the communications channel.
- View Dependent Claims (17, 18, 19, 20)
- - 17. The processor-readable medium of claim 16, wherein the communications channel is an HTTP communications channel.
  - 18. The processor-readable medium of claim 16, wherein:
    - the communications channel is an HTTP communications session; and
      
      the attack description is provided within a header of the HTTP communications session.
  - 19. The processor-readable medium of claim 16, further comprising code representing instructions that when executed at a processor cause the processor to:
    - provide a correlation type identifier associated with the attack description to the observer via the communications channel.
  - 20. The processor-readable medium of claim 16, wherein the attack description includes a copy of the attack data set.

Specification

Resources

Litigation Campaign Assessment

Current Assignee
Micro Focus LLC (Open Text Corporation)
Original Assignee
Micro Focus LLC (Open Text Corporation)
Inventors
Chess, Brian V., Fay, Sean Patrick, Madou, Matias

Granted Patent

US 10,701,097 B2
Time in Patent Office

Days
Field of Search
US Class Current

726/25
CPC Class Codes

G06F 11/3688   for test execution, e.g. sc...

G06F 11/3692   for test results analysis

G06F 21/54   by adding security routines...

G06F 21/577   Assessing vulnerabilities a...

H04L 63/1433   Vulnerability analysis

APPLICATION SECURITY TESTING

First Claim

8 Assignments

0 Petitions

Accused Products

Abstract

Citations

20 Claims

Specification

Solutions

Use Cases

Quick Links

APPLICATION SECURITY TESTING

First Claim

8 Assignments

Subscription Required

Subscription Required

0 Petitions

Subscription Required

Accused Products

Subscription Required

Abstract

Citations

20 Claims

Specification

Subscription Required

Solutions

Use Cases

Quick Links