发明名称 |
Techniques for correlating vulnerabilities across an evolving codebase |
摘要 |
Methods, apparatus, and systems for characterizing vulnerabilities of an application source code are disclosed. Steps for characterizing vulnerabilities include traversing a representation of the application source code, generating a signature of a potential vulnerability of the application source code, and determining characteristics of the potential vulnerability based on a correlation between the generated signature of the potential vulnerability and previously stored signatures of potential vulnerabilities. |
申请公布号 |
US9405915(B2) |
申请公布日期 |
2016.08.02 |
申请号 |
US201313830312 |
申请日期 |
2013.03.14 |
申请人 |
WHITEHAT SECURITY, INC. |
发明人 |
Sheridan Eric |
分类号 |
G06F21/57;G06F21/56 |
主分类号 |
G06F21/57 |
代理机构 |
Polsinelli PC |
代理人 |
Polsinelli PC |
主权项 |
1. A method of characterizing vulnerabilities of application source code, comprising one or more computer processors performing steps comprising:
traversing a representation of the application source code, the representation of the application source code comprising an abstract syntax tree of the application source code; identifying a potentially vulnerable node during traversal of the representation of the application source code; collecting metadata of the potentially vulnerable node, the metadata comprising one or more parent or child nodes associated with the potentially vulnerable node; generating a signature of the potentially vulnerable node, the signature comprising a value of a hash function on the metadata of the potentially vulnerable node; and determining characteristics of a potential vulnerability associated with the potentially vulnerable node, based on a correlation between the generated signature of the potentially vulnerable node and previously stored signatures of potentially vulnerable nodes. |
地址 |
Santa Clara CA US |