×

Verifying application security vulnerabilities

  • US 8,935,794 B2
  • Filed: 05/07/2013
  • Issued: 01/13/2015
  • Est. Priority Date: 05/18/2012
  • Status: Active Grant
First Claim
Patent Images

1. A computer-implemented process for verifying application security vulnerabilities, the computer-implemented process comprising:

  • receiving a source code to analyze;

    performing a static analysis using the received source code;

    generating a vulnerability call trace for the received source code;

    determining whether all static analysis results are validated;

    responsive to a determination that all static analysis results are not validated, generating mock objects using the vulnerability call trace;

    creating a unit test using the generated mock objects;

    executing, using a processor, the unit test using the generated mock objects;

    determining, using the processor, whether an identified vulnerability was validated;

    responsive to a determination that an identified vulnerability was validated, selecting a next static analysis result; and

    responsive to a determination that all static analysis results are validated, reporting results and computed unit tests.

View all claims
  • 2 Assignments
Timeline View
Assignment View
    ×
    ×