Synopsys, Inc.
Interactive verification of security vulnerability detections using runtime application traffic

Abstract:

An application service request is parsed to identify an application service request parameter of the application service request. The application service request parameter is altered. The application service request is reconstructed to include the altered application service request parameter. The behavior of the application is analyzed while executing the reconstructed application service request to detect a security vulnerability. The detection of the security vulnerability is verified to eliminate false positives.