Invention Grant
- Patent Title: Targeted security testing
-
Application No.: US13341426Application Date: 2011-12-30
-
Publication No.: US09971896B2Publication Date: 2018-05-15
- Inventor: Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
- Applicant: Yair Amit , Lotem Guy , Daniel Kalman , Ori Segal , Omri Weisman
- Applicant Address: US NY Armonk
- Assignee: International Business Machines Corporation
- Current Assignee: International Business Machines Corporation
- Current Assignee Address: US NY Armonk
- Agency: Holland & Knight LLP
- Agent Brian J. Colandreo, Esq.; Jeffrey T. Placker, Esq.
- Main IPC: G06F21/00
- IPC: G06F21/00 ; G06F21/57
Abstract:
Source code of a plurality of web pages including script code is statically analyzed. A page including a potential vulnerability is identified based on the static analysis. A page not including a potential vulnerability is identified based on the static analysis. The web page including the potential vulnerability is dynamically analyzed using a set of test payloads. The page not including the potential vulnerability is dynamically analyzed using a subset of the set of test payloads, the subset including fewer test payloads than the set of test payloads.
Public/Granted literature
- US20130174260A1 TARGETED SECURITY TESTING Public/Granted day:2013-07-04
Information query
