Pinpointing security vulnerabilities in computer software applications
First Claim
1. A system comprising:
- one or more processors;
one or more storage mediums storing program instructions executable by the one or more processors;
a scan manager, comprising at least a portion of the program instructions, configured to set a debugging breakpoint within a computer software application proximate to an instruction that is correlated with an attack;
a black-box tester, comprising at least a portion of the program instructions, configured to perform the attack on the computer software application during execution of the computer software application in a debugging mode; and
a debugger, comprising at least a portion of the program instructions, configured tohalt the execution of the computer software application in the debugging mode when the attack triggers the debugging breakpoint, anddisplay the instruction on a computer display within the context of an interactive debugging session.
2 Assignments
0 Petitions
Accused Products
Abstract
A build process management system can acquire data pertaining to a software build process that is currently being executed by an automated software build system. The software build process can include executable process steps, metadata, and/or environmental parameter values. An executable process step can utilize a build artifact, representing an electronic document that supports the software build process. The acquired data can then be synthesized into an immutable baseline build process and associated baseline artifact library. The baseline artifact library can store copies of the build artifacts. The immutable baseline build process can include baseline objects that represent data values and dependencies indicated in the software build process. In response to a user-specified command, an operation can be performed upon the baseline build process and associated baseline artifact library.
-
Citations
12 Claims
-
1. A system comprising:
-
one or more processors; one or more storage mediums storing program instructions executable by the one or more processors; a scan manager, comprising at least a portion of the program instructions, configured to set a debugging breakpoint within a computer software application proximate to an instruction that is correlated with an attack; a black-box tester, comprising at least a portion of the program instructions, configured to perform the attack on the computer software application during execution of the computer software application in a debugging mode; and a debugger, comprising at least a portion of the program instructions, configured to halt the execution of the computer software application in the debugging mode when the attack triggers the debugging breakpoint, and display the instruction on a computer display within the context of an interactive debugging session. - View Dependent Claims (2, 3, 4, 5, 6, 7)
-
-
8. A system for pinpointing security vulnerabilities in computer software applications, the system comprising:
-
one or more processors; one or more storage mediums storing program instructions executable by the one or more processors; a black-box tester, comprising at least a portion of the program instructions, configured to perform an attack on a computer software application during execution of the computer software application, wherein the attack is designed to test for a security vulnerability, and perform the attack again on the computer software application during execution of the computer software application in a debugging mode; a scan manager configured to correlate the attack with an instruction within the computer software application, and set a debugging breakpoint within the computer software application proximate to the instruction; and a debugger configured to halt the execution of the computer software application in the debugging mode when the attack triggers the debugging breakpoint, display the instruction and a description of the attack on a computer display within the context of an interactive debugging session, and make at least one execution environment value of the computer software application available for inspection. - View Dependent Claims (9, 10, 11, 12)
-
Specification