Match Document Document Title
US20150193622 CODE PROPERTY ANALYSIS FOR SECURITY MITIGATIONS  
Attempts to make code secure often are associated with performance penalties. To facilitate striking an acceptable balance between performance and security, vulnerable areas of source code are...
US20150205951 SYSTEMS AND METHODS FOR SQL QUERY CONSTRAINT SOLVING  
The present invention relates to systems and methods for analyzing SQL queries for constraint violations, which may indicate injection attacks. The systems and methods tokenize a SQL query to...
US20150013011 MODULAR STATIC APPLICATION SECURITY TESTING  
Methods, systems, and computer-readable storage media for analyzing source code of an application. In some implementations, actions include determining, for at least one procedure invoked by the...
US20120185943 CLASSIFICATION OF CODE CONSTRUCTS USING STRING ANALYSIS  
A code construct in a computer-based software application is classified by seeding an analysis of an instruction code set of a computer-based software application with a seed for a seeding...
US20150089656 SYSTEM AND METHOD FOR AUTOMATED REMEDYING OF SECURITY VULNERABILITIES  
In a binary patching system for alleviating security vulnerabilities in a binary representation of a software application, a binary code portion determined to be associated with a security...
US20110126288 METHOD FOR SOFTWARE VULNERABILITY FLOW ANALYSIS, GENERATION OF VULNERABILITY-COVERING CODE, AND MULTI-GENERATION OF FUNCTIONALLY-EQUIVALENT CODE  
A method for detecting, analyzing, and mitigating vulnerabilities in software is provided. The method includes determining whether one or more vulnerabilities are present in one or more target...
US20140366140 ESTIMATING A QUANTITY OF EXPLOITABLE SECURITY VULNERABILITIES IN A RELEASE OF AN APPLICATION  
Examples disclosed herein relate to estimating a quantity of exploitable security vulnerabilities in a release of an application. Examples include acquiring a source code analysis result...
US20100205673 CODE PROPERTY ANALYSIS FOR SECURITY MITIGATIONS  
Attempts to make code secure often are associated with performance penalties. To facilitate striking an acceptable balance between performance and security, vulnerable areas of source code are...
US20120317647 Automated Exploit Generation  
A system and method for automatically generating exploits, such as exploits for target code, is described. In some implementations, the system received binary code and/or source code of a software...
US20140189875 HYBRID ANALYSIS OF VULNERABLE INFORMATION FLOWS  
Arrangements described herein relate to analyzing vulnerable information flows in an application. A black-box scan of the application can be performed to record a call-tree representation of call...
US20140189874 HYBRID ANALYSIS OF VULNERABLE INFORMATION FLOWS  
Arrangements described herein relate to analyzing vulnerable information flows in an application. A black-box scan of the application can be performed to record a call-tree representation of call...
US20150156216 VERIFYING APPLICATION SECURITY VULNERABILITIES  
Verifying application security vulnerabilities includes receiving a source code to analyze, performing a static analysis using the received source code and generating a vulnerability call trace...
US20130312102 VERIFYING APPLICATION SECURITY VULNERABILITIES  
Verifying application security vulnerabilities includes receiving a source code to analyze, performing a static analysis using the received source code and generating a vulnerability call trace...
US20150169878 AUTOMATED SECURITY ASSESSMENT OF BUSINESS-CRITICAL SYSTEMS AND APPLICATIONS  
Systems and methods which provide a new application security assessment framework that allows auditing and testing systems to automatically perform security and compliance audits, detect technical...
US20130174263 AUTOMATED SECURITY ASSESSMENT OF BUSINESS-CRITICAL SYSTEMS AND APPLICATIONS  
Systems and methods which provide a new application security assessment framework that allows auditing and testing systems to automatically perform security and compliance audits, detect technical...
US20110191855 IN-DEVELOPMENT VULNERABILITY RESPONSE MANAGEMENT  
In-development vulnerability response management, in one aspect, may detect a code instance that matches a vulnerability pattern; generate one or more hints associated with the code instance in...
US20130133073 SYSTEM AND METHOD FOR EVALUATING MARKETER RE-IDENTIFICATION RISK  
Disclosures of databases for secondary purposes is increasing rapidly and any identification of personal data may from a dataset of database can be detrimental. A re-identification risk metric is...
US20130074188 METHODS AND SYSTEMS FOR IMPROVED RISK SCORING OF VULNERABILITIES  
A security tool can identify vulnerabilities in a computing system and determine a risk level of the vulnerabilities based on base and optional CVSS vectors and additional factors that represent...
US20140090068 METHOD AND APPARATUS FOR PARALLELING AND DISTRIBUTING STATIC SOURCE CODE SECURITY ANALYSIS USING LOOSE SYNCHRONIZATION  
A method of static source code analysis is provided. A forward search of source code is performed from each of a plurality of source nodes. A backward search of source code is performed from each...
US20140090065 Method and Apparatus for Paralleling and Distributing Static Source Code Security Analysis Using Loose Synchronization  
A method of static source code analysis is provided. A forward search of source code is performed from each of a plurality of source nodes. A backward search of source code is performed from each...
US20140109228 TRANSFORMING UNIT TESTS FOR SECURITY TESTING  
A method, computer program product, and system for transforming unit tests is described. A unit test associated with one or more software units is identified. A first input parameter of the unit...
US20140109227 TRANSFORMING UNIT TESTS FOR SECURITY TESTING  
A method, computer program product, and system for transforming unit tests is described. A unit test associated with one or more software units is identified. A first input parameter of the unit...
US20130086689 SECURITY VULNERABILITY CORRECTION  
Systems and methods for addressing security vulnerability in a program code are described. The method comprises detecting a security vulnerability. The method further comprises identifying a set...
US20140298474 AUTOMATIC SYNTHESIS OF UNIT TESTS FOR SECURITY TESTING  
Performing security analysis on a computer program under test (CPUT). The CPUT can be analyzed to identify data pertinent to potential security vulnerabilities of the CPUT. At least a first unit...
US20130205399 AUTOMATIC SYNTHESIS OF UNIT TESTS FOR SECURITY TESTING  
Performing security analysis on a computer program under test (CPUT). The CPUT can be analyzed to identify data pertinent to potential security vulnerabilities of the CPUT. At least a first unit...
US20130205398 AUTOMATIC SYNTHESIS OF UNIT TESTS FOR SECURITY TESTING  
Performing security analysis on a computer program under test (CPUT). The CPUT can be analyzed to identify data pertinent to potential security vulnerabilities of the CPUT. At least a first unit...
US20150227745 SYSTEM AND METHOD FOR SAMPLING BASED SOURCE CODE SECURITY AUDIT  
This disclosure relates to methods and systems for performing software security audit for an executable code, the method comprising: receiving, by a hardware processor, the executable code along...
US20140082738 DYNAMIC RISK MANAGEMENT  
A dynamic risk management system for operating systems that provides monitoring, detection, assessment, and follow-up action to reduce the risk whenever it rises. The system enables an operating...
US20110131658 DYNAMIC RISK MANAGEMENT  
A dynamic risk management system for operating systems that provides monitoring, detection, assessment, and follow-up action to reduce the risk whenever it rises. The system enables an operating...
US20130167241 Locating security vulnerabilities in source code  
A tool (22) automatically analyzes application source code (16) for application level vulnerabilities. The tool integrates seamlessly into the software development process, so vulnerabilities are...
US20150020205 METHOD AND APPARATUS FOR DETECTING SECURITY VULNERABILITY FOR ANIMATION SOURCE FILE  
A method for detecting a security vulnerability for an animation source file is provided. The method may include: decompiling the animation source file and acquiring a program structure and a...
US20120072968 ASSESSMENT AND ANALYSIS OF SOFTWARE SECURITY FLAWS IN VIRTUAL MACHINES  
Security analysis and vulnerability testing results are “packaged” or “bound to” the actual software it describes. By linking the results to the software itself, downstream users of the software...
US20150205965 SYSTEMS AND METHODS FOR DETERMINING OVERALL RISK MODIFICATION AMOUNTS  
Systems and computer-implemented methods for determining overall risk modification indicative of an amount by which an overall risk associated with a plurality of threats is modified by...
US20110302657 SECURITY COUNTERMEASURE FUNCTION EVALUATION PROGRAM  
In a security countermeasure function evaluation apparatus, an estimator operates an input unit, whereby an evaluation point calculation unit makes an evaluation as to whether each item of...
US20140208431 AUTOMATED TOOLS FOR BUILDING SECURE SOFTWARE PROGRAMS  
A computer implemented tool is described that includes an assertion generator module that can automatically generate assertions, which are usable to verify application-specific security...
US20120317627 TOOL, METHOD AND APPARATUS FOR ASSESSING NETWORK SECURITY  
Tools and methods in which user interaction via a common user interface enables the assessing of network security prior to implementation of the network, as well as assessing the security of...
US20140283081 TECHNIQUES FOR CORRELATING VULNERABILITIES ACROSS AN EVOLVING CODEBASE  
Methods, apparatus, and systems for characterizing vulnerabilities of an application source code are disclosed. Steps for characterizing vulnerabilities include traversing a representation of the...
US20110191853 SECURITY TECHNIQUES FOR USE IN MALICIOUS ADVERTISEMENT MANAGEMENT  
The present invention provides methods and systems for use in malicious advertisement management. Methods and systems are provided in which, after an advertisement is determined not to present a...
US20140325657 SYSTEMS AND METHODS FOR ASSESSING SECURITY RISK  
Systems and methods for providing identification tests. In some embodiments, a system and a method are provided for generating and serving to a user an animated challenge graphic comprising a...
US20140317751 SYSTEMS AND METHODS FOR ASSESSING SECURITY RISK  
Systems and methods for providing identification tests. In some embodiments, a system and a method are provided for generating and serving to a user an animated challenge graphic comprising a...
US20140317750 SYSTEMS AND METHODS FOR ASSESSING SECURITY RISK  
Systems and methods for providing identification tests. In some embodiments, a system and a method are provided for generating and serving to a user an animated challenge graphic comprising a...
US20130276125 SYSTEMS AND METHODS FOR ASSESSING SECURITY RISK  
Systems and methods for providing identification tests. In some embodiments, a system and a method are provided for generating and serving to a user an animated challenge graphic comprising a...
US20130333045 SECURITY LEVEL VISUALIZATION DEVICE  
A security level of each service is calculated and visualized. The device includes a security level calculation unit and a security level visualization unit. The security level calculation unit...
US20140351940 SYSTEMS AND METHODS FOR ASSESSING SECURITY FOR A NETWORK OF ASSETS AND PROVIDING RECOMMENDATIONS  
A security assessment tool can determine computer assets in a network and provide an overall security score for the network. The overall security score can represent an objective measure of the...
US20120185944 METHODS AND SYSTEMS FOR PROVIDING RECOMMENDATIONS TO ADDRESS SECURITY VULNERABILITIES IN A NETWORK OF COMPUTING SYSTEMS  
A solution recommendation (SR) tool can receive vulnerabilities identified by a vulnerability scanner and/or penetration testing tool. The SR tool can determine various approaches for remediating...
US20110030059 Method for testing the security posture of a system  
A method is provided for assessing the susceptibility of a NIDS to evasion. In an embodiment, the method involves intercepting packets that pass through a NIDS or other defensive device, reading,...
US20100333002 METHOD AND TOOL FOR INFORMATION SECURITY ASSESSMENT THAT INTEGRATES ENTERPRISE OBJECTIVES WITH VULNERABILITIES  
In one aspect, a method to assess information security vulnerability of an enterprise includes storing enterprise objectives in a computer system, storing enterprise resources determined using a...
US20130061327 System and Method for Evaluation in a Collaborative Security Assurance System  
A security assurance system includes a back-end application and a computing resource. The back-end application receives a selection of a network security product that is associated with a...
US20150128279 APPLICATION SECURITY TESTING SYSTEM  
Embodiments of the invention are directed to an apparatus, method, and computer program product for an exposure based application security testing system. In some embodiments, the apparatus is...
US20130227695 SYSTEMS AND METHODS FOR FIXING APPLICATION VULNERABILITIES THROUGH A CORRELATED REMEDIATION APPROACH  
The invention relates to a system and method for fixing application vulnerabilities through a correlated remediation approach. This invention involves identifying application vulnerabilities...