DYNAMICALLY SCANNING A WEB APPLICATION THROUGH USE OF WEB TRAFFIC INFORMATION
1 Assignment
0 Petitions
Accused Products
Abstract
Collecting log file data from at least one log file. From the collected log file data, at least one HTTP request can be generated to exercise a web application to perform a security analysis of the web application. The HTTP request can be communicated to the web application. At least one HTTP response to the HTTP request can be received. The HTTP response can be analyzed to perform validation of the web application. Results of the validation can be output.
32 Citations
25 Claims
-
1-9. -9. (canceled)
-
10. A system that dynamically scans a web application comprising:
-
a computer-readable storage medium; and a processor configured to initiate executable operations comprising; collecting log file data from at least one log file; from the collected log file data, generating at least one HTTP request to exercise a web application to perform a security analysis of the web application; communicating the HTTP request to the web application; receiving at least one HTTP response to the HTTP request; analyzing the HTTP response to perform validation of the web application; and outputting results of the validation. - View Dependent Claims (11, 12, 13, 14, 15, 16, 17, 18)
-
-
19. A computer program product for dynamically scanning a web application, the computer program product comprising:
-
a computer-readable storage medium having computer-readable program code embodied therewith, the computer-readable program code comprising; computer-readable program code configured to collect log file data from at least one log file; computer-readable program code configured to, from the collected log file data, generate at least one HTTP request to exercise a web application to perform a security analysis of the web application; computer-readable program code configured to communicate the HTTP request to the web application; computer-readable program code configured to receive at least one HTTP response to the HTTP request; computer-readable program code configured to analyze the HTTP response to perform validation of the web application; and computer-readable program code configured to output results of the validation. - View Dependent Claims (20, 21, 22, 23, 24, 25)
-
Specification