APPLICATION SECURITY TESTING
First Claim
1. A system, comprising:
- a server hosting an application under test (AUT);
an observer configured to monitor instructions executed by the AUT; and
a computing device communicatively coupled to the AUT and the observer through a common communication channel, the computing device comprising a processor and a memory device for storing computer-readable instructions configured to direct the processor to;
send an application request to the AUT, wherein the application request is configured to expose a potential vulnerability of the AUT;
receive an application response from the AUT in accordance with the AUT'"'"'s programming;
send a service request to the observer; and
receive a service response from the observer that contains information corresponding to the instructions executed by the AUT due to the application request, information about the AUT, or information about a server hosting the AUT.
8 Assignments
0 Petitions
Accused Products
Abstract
The present disclosure provides a system that includes a server hosting an application under test (AUT), an observer configured to monitor instructions executed by the AUT, and a computing device communicatively coupled to the AUT and the observer through a common communication channel. The computing device may be configured to send an application request to the AUT, wherein the application request is configured to expose a potential vulnerability of the AUT. The computing device may receive an application response from the AUT in accordance with the AUT'"'"'s programming. The computing device may send a service request to the observer, and receive a service response from the observer that contains information corresponding to the instructions executed by the AUT due to the application request, information about the AUT, or information about a server hosting the AUT.
-
Citations
15 Claims
-
1. A system, comprising:
-
a server hosting an application under test (AUT); an observer configured to monitor instructions executed by the AUT; and a computing device communicatively coupled to the AUT and the observer through a common communication channel, the computing device comprising a processor and a memory device for storing computer-readable instructions configured to direct the processor to; send an application request to the AUT, wherein the application request is configured to expose a potential vulnerability of the AUT; receive an application response from the AUT in accordance with the AUT'"'"'s programming; send a service request to the observer; and receive a service response from the observer that contains information corresponding to the instructions executed by the AUT due to the application request, information about the AUT, or information about a server hosting the AUT. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A method, comprising:
-
sending an application request to an application under test (AUT), wherein the application request is configured to expose a potential vulnerability of the AUT; receiving an application response from the AUT in accordance with the AUT'"'"'s programming; sending a service request to an observer that monitors instructions executed by the AUT; and receiving a service response from the observer that contains information corresponding to instructions executed by the AUT due to the application request, information about the AUT, or information about a server hosting the AUT; wherein the application request, application response, service request, and service response are communicated over a same network channel. - View Dependent Claims (9, 10, 11, 12)
-
-
13. A non-transitory, computer readable medium, comprising code configured to direct a processor to:
-
send an application request to an application under test (AUT), wherein the application request is configured to expose a potential vulnerability of the AUT; receive an application response from the AUT in accordance with the AUT'"'"'s programming; send a service request to an observer that monitors instructions executed by the AUT; and receive a service response from the observer that contains information corresponding to instructions executed by the AUT due to the application request, information about the AUT, or information about a server hosting the AUT; wherein the application request, application response, service request, and service response are communicated over a same network channel. - View Dependent Claims (14, 15)
-
Specification