| 摘要 |
The disclosed content relates to a method and an apparatus for interworking a web-firewall and a weak point analyzer. The method and the apparatus improve the efficiency of a defense and a detection system by interworking the web-firewall used for protecting a web site and a source code weak point analyzer which provides the basic weak point information of a web source code, selectively uploads only the code with guaranteed security integrity without a weak point on the web site on a web server through analyzing and authenticating processes of the source code weak point analyzer, and verifies a source code weak point by inputting and tracking a virtual value to a source code weak element to improve the accuracy of a detected source code weak point analysis. [Reference numerals] (100) Console; (110,210,310) Communication unit; (120) Source code weak point analysis unit; (200) Management server; (220) Source code storage unit; (230) Source code weak point analysis unit; (240) Source code result storage unit; (250) Weak point management unit; (300) Web server(agent); (320) Source code storage process unit |
