Verifying application security vulnerabilities
First Claim
1. A computer-implemented process for verifying application security vulnerabilities of a source code, comprising:
- generating, responsive to all static analysis results not being validated, mock objects using a vulnerability call trace for the source code;
creating a unit test using the generated mock objects;
executing the unit test using the generated mock objects to determine whether an identified vulnerability was validated; and
selecting, responsive to a determination that the identified vulnerability was validated, a next static analysis result.
2 Assignments
0 Petitions
Accused Products
Abstract
Verifying application security vulnerabilities includes receiving a source code to analyze, performing a static analysis using the received source code and generating a vulnerability call trace for the received source code. Responsive to a determination that all static analysis results are not validated, mock objects are generated using the vulnerability call trace and a unit test is created using the generated mock objects. The unit test is executed using the generated mock objects and responsive to a determination that an identified vulnerability was validated; a next static analysis result is selected. Responsive to a determination that all static analysis results are validated, results and computed unit tests are reported.
-
Citations
20 Claims
-
1. A computer-implemented process for verifying application security vulnerabilities of a source code, comprising:
-
generating, responsive to all static analysis results not being validated, mock objects using a vulnerability call trace for the source code; creating a unit test using the generated mock objects; executing the unit test using the generated mock objects to determine whether an identified vulnerability was validated; and selecting, responsive to a determination that the identified vulnerability was validated, a next static analysis result. - View Dependent Claims (2, 3, 4, 5, 6)
-
-
7. A computer program product for verifying application security vulnerabilities of a source code, comprising:
a computer recordable storage medium having stored therein computer executable program code, which when executed by a computer hardware system, causes the computer hardware system to perform; generating, responsive to all static analysis results not being validated, mock objects using a vulnerability call trace for the source code; creating a unit test using the generated mock objects; executing the unit test using the generated mock objects to determine whether an identified vulnerability was validated; and selecting, responsive to a determination that the identified vulnerability was validated, a next static analysis result. - View Dependent Claims (8, 9, 10, 11, 12, 13)
-
14. An apparatus for verifying application security vulnerabilities of a source code:
at least one hardware processor, wherein the at least one hardware processor is configured to initiate and/or perform; generating, responsive to all static analysis results not being validated, mock objects using a vulnerability call trace for the source code; creating a unit test using the generated mock objects; executing the unit test using the generated mock objects to determine whether an identified vulnerability was validated; and selecting, responsive to a determination that the identified vulnerability was validated, a next static analysis result. - View Dependent Claims (15, 16, 17, 18, 19, 20)
Specification